urlscan.io logo urlscan.io
SecurityTrails logo

www.newser.com Open in urlscan Pro
40.114.51.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://thirdpartyoffers.juno.com/TGL3142/6085b05c8bdad305c372fst03duc3
Effective URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medi...
Submission: On April 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 120 IPs in 9 countries across 110 domains to perform 512 HTTP transactions. The main IP is 40.114.51.62, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.newser.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 31st 2020. Valid for: a year.
This is the only time www.newser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 64.136.53.215 13446 (AS-NETZERO)
5 40.114.51.62 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
1 37 2620:1ec:46::45 8068 (MICROSOFT...)
1 184.30.21.59 16625 (AKAMAI-AS)
2 2606:2800:234... 15133 (EDGECAST)
1 107.22.233.72 14618 (AMAZON-AES)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 7 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:20c... 16509 (AMAZON-02)
37 2620:1ec:bdf::45 8068 (MICROSOFT...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 151.139.128.11 20446 (HIGHWINDS3)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.78.254.47 16509 (AMAZON-02)
2 169.50.137.179 36351 (SOFTLAYER)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 54.241.108.168 16509 (AMAZON-02)
3 2600:9000:20c... 16509 (AMAZON-02)
1 3 13.224.111.21 16509 (AMAZON-02)
1 2600:9000:20c... 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 (^_^)/)
1 19 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 10 2a00:1450:400... 15169 (GOOGLE)
1 3.218.8.230 14618 (AMAZON-AES)
7 54.194.230.135 16509 (AMAZON-02)
6 7 3.126.158.103 16509 (AMAZON-02)
2 52.11.196.81 16509 (AMAZON-02)
6 6 3.126.56.137 16509 (AMAZON-02)
14 37 142.250.186.66 15169 (GOOGLE)
2 44.238.170.237 16509 (AMAZON-02)
1 18.196.230.57 16509 (AMAZON-02)
1 178.162.133.150 60781 (LEASEWEB-...)
3 13.224.105.229 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 104.16.68.69 13335 (CLOUDFLAR...)
3 6 185.33.221.91 29990 (ASN-APPNEX)
8 35.158.21.212 16509 (AMAZON-02)
1 213.19.147.42 3356 (LEVEL3)
1 213.19.162.31 3356 (LEVEL3)
3 13 35.244.159.8 15169 (GOOGLE)
1 178.250.2.131 44788 (ASN-CRITE...)
2 15 184.30.20.241 16625 (AKAMAI-AS)
1 185.255.84.151 200271 (IGUANE-)
8 52.4.152.106 14618 (AMAZON-AES)
1 104.244.42.136 13414 (TWITTER)
1 2600:9000:20c... 16509 (AMAZON-02)
2 34.95.69.49 15169 (GOOGLE)
17 24 159.253.128.183 36351 (SOFTLAYER)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 3 35.227.248.159 15169 (GOOGLE)
1 1 52.29.225.117 16509 (AMAZON-02)
1 1 18.196.98.222 16509 (AMAZON-02)
2 13.225.74.4 16509 (AMAZON-02)
2 2 2600:1901:0:8... 15169 (GOOGLE)
3 5 18.198.69.109 16509 (AMAZON-02)
2 3.228.45.187 14618 (AMAZON-AES)
1 23.38.51.43 16625 (AKAMAI-AS)
1 2 52.48.137.92 16509 (AMAZON-02)
1 2 216.52.2.19 29791 (VOXEL-DOT...)
1 35.244.174.68 15169 (GOOGLE)
1 1 142.250.185.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 185.94.180.126 35220 (SPOTX-AMS)
2 4 69.173.144.138 26667 (RUBICONPR...)
1 151.101.114.137 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
31 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 88.99.165.19 24940 (HETZNER-AS)
4 54.88.209.254 14618 (AMAZON-AES)
1 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
2 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 52.205.35.62 14618 (AMAZON-AES)
1 5 138.201.63.157 24940 (HETZNER-AS)
4 107.23.226.15 14618 (AMAZON-AES)
1 35.168.30.167 14618 (AMAZON-AES)
21 184.86.103.158 20940 (AKAMAI-ASN1)
1 4 138.201.63.165 24940 (HETZNER-AS)
2 4 142.250.185.198 15169 (GOOGLE)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 5 35.158.49.68 16509 (AMAZON-02)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 6 2a00:1288:110... 34010 (YAHOO-IRD)
4 2a00:1450:400... 15169 (GOOGLE)
2 5 185.64.189.115 62713 (AS-PUBMATIC)
2 3 18.184.153.186 16509 (AMAZON-02)
7 184.30.20.198 16625 (AKAMAI-AS)
2 185.86.138.16 201081 (SMARTADSE...)
1 2600:1f18:612... 14618 (AMAZON-AES)
2 85.114.131.234 24961 (MYLOC-AS ...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
8 68.232.35.16 15133 (EDGECAST)
1 184.30.20.185 16625 (AKAMAI-AS)
2 52.22.15.148 14618 (AMAZON-AES)
1 104.17.119.107 13335 (CLOUDFLAR...)
1 2 37.252.173.62 29990 (ASN-APPNEX)
1 178.250.2.151 44788 (ASN-CRITE...)
4 4 213.155.156.182 1299 (TELIANET ...)
6 185.64.189.110 62713 (AS-PUBMATIC)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 199.232.137.44 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 4 185.29.133.52 30419 (MEDIAMATH...)
1 12 185.64.190.80 62713 (AS-PUBMATIC)
5 6 37.157.4.40 198622 (ADFORM)
5 8 63.35.128.189 16509 (AMAZON-02)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 1 2001:678:cb4:... 56396 (TURN)
2 2 151.101.114.49 54113 (FASTLY)
2 2 66.155.71.150 13768 (COGECO-PEER1)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 52.18.52.16 16509 (AMAZON-02)
2 4 72.21.206.140 16509 (AMAZON-02)
1 1 63.33.113.39 16509 (AMAZON-02)
1 2 54.204.142.198 14618 (AMAZON-AES)
1 1 185.183.112.155 60350 (VP)
1 35.170.116.13 14618 (AMAZON-AES)
2 184.30.212.16 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
1 185.64.189.114 62713 (AS-PUBMATIC)
1 2600:9000:211... 16509 (AMAZON-02)
8 208.100.17.182 32748 (STEADFAST)
1 1 65.9.66.59 16509 (AMAZON-02)
5 54.183.56.236 16509 (AMAZON-02)
1 1 88.214.206.247 46636 (NATCOWEB)
1 38.27.122.158 174 (COGENT-174)
1 1 54.226.160.243 14618 (AMAZON-AES)
1 2 51.222.80.231 16276 (OVH)
1 1 34.192.170.233 14618 (AMAZON-AES)
512 120
2    64.136.53.215 (United States)

ASN13446 (AS-NETZERO, US)
thirdpartyoffers.juno.com
5    40.114.51.62 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.newser.com
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
37    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
static1-azrcdn.newser.com
static2-azrcdn.newser.com
img1-azrcdn.newser.com
1    184.30.21.59 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-59.deploy.static.akamaitechnologies.com
s.ntv.io
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    107.22.233.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-233-72.compute-1.amazonaws.com
api.ipify.org
3    2606:4700::6811:4f22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
eb.proper.io
7    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2600:9000:20c8:e200:14:2602:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.intergi.com
37    2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
img2-azrcdn.newser.com
2    2606:4700::6810:9f11 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.engine.4dsply.com
engine.4dsply.com
6    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
assets.revcontent.com
cdn.revcontent.com
images.revcontent.com
1    2606:4700:3033::6815:3c4d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.whizzco.com
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadus.exelator.com
2    169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com
i.simpli.fi
3    2606:4700:20::681a:274 (United States)

ASN13335 (CLOUDFLARENET, US)
tru.am
beacon.tru.am
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    54.241.108.168 (San Jose, United States)

ASN16509 (AMAZON-02, US)
jadserve.postrelease.com
3    2600:9000:20c8:5800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    13.224.111.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-21.mad50.r.cloudfront.net
sb.scorecardresearch.com
1    2600:9000:20c8:f400:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
load77.exelator.com
19    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
2    2606:4700:3036::ac43:8a2c (United States)

ASN13335 (CLOUDFLARENET, US)
rddywd.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleapis.com
10    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    3.218.8.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ping.chartbeat.net
7    54.194.230.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
trends.revcontent.com
7    3.126.158.103 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-158-103.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.11.196.81 (Boardman, United States)

ASN16509 (AMAZON-02, US)
usync.proper.io
6    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
37    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
2    44.238.170.237 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-170-237.us-west-2.compute.amazonaws.com
bids.proper.io
1    18.196.230.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
3    13.224.105.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-105-229.mad50.r.cloudfront.net
c.amazon-adsystem.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
6    185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
8    35.158.21.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
btlr.sharethrough.com
1    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    213.19.162.31 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
13    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
propermedia-d.openx.net
us-u.openx.net
eu-u.openx.net
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
15    184.30.20.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
1    185.255.84.151 (Paris, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
8    52.4.152.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ssc.33across.com
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2600:9000:20c8:4600:19:f03c:7200:21 (United States)

ASN16509 (AMAZON-02, US)
d1bvk193qme2fc.cloudfront.net
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
i.clean.gg
24    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
3    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    52.29.225.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-225-117.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    18.196.98.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
d.agkn.com
2    13.225.74.4 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
2    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
5    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
loadm.exelator.com
loada.exelator.com
2    3.228.45.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.bfmio.com
1    23.38.51.43 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-51-43.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    52.48.137.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
2    216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    185.94.180.126 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    151.101.114.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.ex.co
6    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
4    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
31    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
4    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    88.99.165.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de
hal9000.redintelligence.net
4    54.88.209.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
prd-collector-anon.ex.co
1    2a02:26f0:64::210:b540 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
2    2a02:26f0:10c:48b::2c79 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
1    52.205.35.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
atrack.avplayer.com
5    138.201.63.157 (Ketsch, Germany)

ASN24940 (HETZNER-AS, DE)
hal90007.redintelligence.net
4    107.23.226.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
1    35.168.30.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
premiumsrv.aniview.com
21    184.86.103.158 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
mcd.ex.co
4    138.201.63.165 (Ketsch, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de
hal90005.redintelligence.net
4    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
5994599.fls.doubleclick.net
2    2a02:fa8:8806:13::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
5    35.158.49.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
3    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
6    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
4    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    18.184.153.186 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-153-186.eu-central-1.compute.amazonaws.com
pixel.advertising.com
7    184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    2600:1f18:612b:4232:681:3bdd:ce03:aa95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
playbuzzmm.ads.tremorhub.com
2    85.114.131.234 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
cdn.contentspread.net
2    2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
8    68.232.35.16 (United States)

ASN15133 (EDGECAST, US)
ec-ns.sascdn.com
1    184.30.20.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-185.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    52.22.15.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-15-148.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
1    104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
2    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    213.155.156.182 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
6    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
4    185.29.133.52 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
12    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
6    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
8    63.35.128.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com
ads.playground.xyz
1    52.18.52.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
4    72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com
s.amazon-adsystem.com
1    63.33.113.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
2    54.204.142.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
um2.eqads.com
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    35.170.116.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-116-13.compute-1.amazonaws.com
sync.aniview.com
2    184.30.212.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
imasdk.googleapis.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    2600:9000:211e:f400:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
8    208.100.17.182 (United States)

ASN32748 (STEADFAST, US)
de.tynt.com
1    65.9.66.59 (United States)

ASN16509 (AMAZON-02, US)
cm.smadex.com
5    54.183.56.236 (San Jose, United States)

ASN16509 (AMAZON-02, US)
usr.undertone.com
1    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    38.27.122.158 (United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    54.226.160.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
2    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
pixel.onaudience.com
1    34.192.170.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
Apex Domain
Subdomains		 Transfer
79 newser.com
www.newser.com
static1-azrcdn.newser.com
static2-azrcdn.newser.com
img1-azrcdn.newser.com
img2-azrcdn.newser.com
433 KB
49 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
5994599.fls.doubleclick.net
pubads.g.doubleclick.net
202 KB
48 googlesyndication.com
pagead2.googlesyndication.com
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
tpc.googlesyndication.com
497 KB
35 pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
ads.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
109 KB
26 ex.co
player.ex.co
prd-collector-anon.ex.co
mcd.ex.co
2 MB
26 simpli.fi
i.simpli.fi
um.simpli.fi
15 KB
16 google.com
www.google.com
adservice.google.com
19 KB
13 casalemedia.com
as-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
16 KB
13 openx.net
propermedia-d.openx.net
us-u.openx.net
eu-u.openx.net
3 KB
13 revcontent.com
assets.revcontent.com
trends.revcontent.com
cdn.revcontent.com
images.revcontent.com
134 KB
12 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
7 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
554 KB
11 redintelligence.net
hal9000.redintelligence.net
hal90007.redintelligence.net
hal90005.redintelligence.net
21 KB
9 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
9 KB
9 googleapis.com
fonts.googleapis.com
www.googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
636 KB
8 tynt.com
de.tynt.com
2 KB
8 adsrvr.org
match.adsrvr.org
3 KB
8 sascdn.com
ec-ns.sascdn.com
26 KB
8 aniview.com
player.aniview.com
track1.aniview.com
premiumsrv.aniview.com
sync.aniview.com
184 KB
8 33across.com
ssc.33across.com
5 KB
8 sharethrough.com
btlr.sharethrough.com
905 B
7 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com Failed
eus.rubiconproject.com
token.rubiconproject.com Failed
17 KB
7 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
36 KB
7 bidswitch.net
x.bidswitch.net
3 KB
7 exelator.com
loadus.exelator.com
load77.exelator.com
loadm.exelator.com
loada.exelator.com
5 KB
7 quantserve.com
secure.quantserve.com
pixel.quantserve.com
19 KB
7 proper.io
global.proper.io
usync.proper.io
bids.proper.io
eb.proper.io
89 KB
6 undertone.com
cdn.undertone.com
usr.undertone.com
3 KB
6 adform.net
c1.adform.net
3 KB
6 postrelease.com
jadserve.postrelease.com
4 KB
5 w55c.net
pm.w55c.net
4 KB
5 ampproject.org
cdn.ampproject.org
108 KB
4 mathtag.com
sync.mathtag.com
2 KB
4 de17a.com
d5p.de17a.com
1 KB
4 smartadserver.com
www9.smartadserver.com Failed
prg.smartadserver.com
csync.smartadserver.com
3 KB
4 2mdn.net
s0.2mdn.net
33 KB
4 googletagservices.com
www.googletagservices.com
134 KB
3 advertising.com
pixel.advertising.com
676 B
3 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
3 tapad.com
pixel.tapad.com
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 quantcount.com
rules.quantcount.com
1 KB
3 tru.am
tru.am
beacon.tru.am
12 KB
3 twitter.com
platform.twitter.com
syndication.twitter.com
132 KB
2 onaudience.com
pixel.onaudience.com
736 B
2 eqads.com
um2.eqads.com
564 B
2 sitescout.com
pixel-sync.sitescout.com
636 B
2 everesttech.net
sync-tm.everesttech.net
744 B
2 taboola.com
trc.taboola.com
match.taboola.com
558 B
2 ad4m.at
ad4m.at
1 KB
2 mantisadnetwork.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
722 B
2 indexww.com
js-sec.indexww.com
2 KB
2 contentspread.net
cdn.contentspread.net
106 KB
2 dotomi.com
dclk-match.dotomi.com
pubmatic-match.dotomi.com
207 B
2 avplayer.com
player.avplayer.com
atrack.avplayer.com
71 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 google.de
www.google.de
adservice.google.de
421 B
2 lijit.com
ce.lijit.com
968 B
2 crwdcntrl.net
bcp.crwdcntrl.net
971 B
2 bfmio.com
sync.bfmio.com
421 B
2 pro-market.net
fei.pro-market.net
852 B
2 intentiq.com
sync.intentiq.com
2 agkn.com
aa.agkn.com
d.agkn.com
961 B
2 tremorhub.com
simplifi.partners.tremorhub.com
playbuzzmm.ads.tremorhub.com
601 B
2 clean.gg
i.clean.gg
104 B
2 criteo.com
bidder.criteo.com
dis.criteo.com
470 B
2 districtm.io
dmx.districtm.io
cdn.districtm.io
425 B
2 rddywd.com
rddywd.com
1 KB
2 facebook.net
connect.facebook.net
66 KB
2 4dsply.com
cdn.engine.4dsply.com
engine.4dsply.com
66 KB
2 juno.com
thirdpartyoffers.juno.com
740 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 stackadapt.com
sync.srv.stackadapt.com
645 B
1 bnmla.com
match.bnmla.com
114 B
1 admanmedia.com
cs.admanmedia.com
413 B
1 smadex.com
cm.smadex.com
526 B
1 adotmob.com
sync.adotmob.com
689 B
1 adroll.com
d.adroll.com
112 B
1 gumgum.com
rtb.gumgum.com
337 B
1 playground.xyz
ads.playground.xyz
488 B
1 turn.com
ad.turn.com
518 B
1 zeotap.com
mwzeom.zeotap.com
596 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 googleadservices.com
www.googleadservices.com
309 B
1 rlcdn.com
idsync.rlcdn.com
66 B
1 bluekai.com
stags.bluekai.com
745 B
1 cloudfront.net
d1bvk193qme2fc.cloudfront.net
40 KB
1 omnitagjs.com
hb-api.omnitagjs.com
758 B
1 1rx.io
tag.1rx.io
sync.1rx.io Failed
170 B
1 sonobi.com
apex.go.sonobi.com
887 B
1 emxdgt.com
hb.emxdgt.com
159 B
1 chartbeat.net
ping.chartbeat.net
169 B
1 chartbeat.com
static.chartbeat.com
14 KB
1 whizzco.com
cdn.whizzco.com
3 KB
1 intergi.com
cdn.intergi.com
39 KB
1 ipify.org
api.ipify.org
253 B
1 ntv.io
s.ntv.io
103 KB
0 3lift.com Failed
ib.3lift.com Failed
0 teads.tv Failed
sync.teads.tv Failed
0 justpremium.com Failed
pre.ads.justpremium.com Failed
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 avct.cloud Failed
ads.avct.cloud Failed
0 fiftyt.com Failed
visitor.fiftyt.com Failed
0 semasio.net Failed
uipglob.semasio.net Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 erne.co Failed
green.erne.co Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 adition.com Failed
dsp.adfarm1.adition.com Failed
512 110
Domain Requested by
37 img2-azrcdn.newser.com www.newser.com
static1-azrcdn.newser.com
32 img1-azrcdn.newser.com 1 redirects www.newser.com
static1-azrcdn.newser.com
29 cm.g.doubleclick.net 14 redirects googleads.g.doubleclick.net
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
eu-u.openx.net
26 tpc.googlesyndication.com d1bvk193qme2fc.cloudfront.net
www.newser.com
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
tpc.googlesyndication.com
24 um.simpli.fi 17 redirects ads.pubmatic.com
21 mcd.ex.co player.avplayer.com
18 pagead2.googlesyndication.com www.newser.com
securepubads.g.doubleclick.net
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
tpc.googlesyndication.com
srcdoc
12 simage2.pubmatic.com 1 redirects ads.pubmatic.com
image6.pubmatic.com
11 www.google.com 3 redirects www.newser.com
www.gstatic.com
www.google.com
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
8 de.tynt.com d1bvk193qme2fc.cloudfront.net
8 match.adsrvr.org 5 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
eu-u.openx.net
8 ec-ns.sascdn.com csync.smartadserver.com
8 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
um2.eqads.com
8 us-u.openx.net 3 redirects googleads.g.doubleclick.net
eu-u.openx.net
8 googleads.g.doubleclick.net 1 redirects ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
www.newser.com
8 ssc.33across.com global.proper.io
8 btlr.sharethrough.com global.proper.io
7 ads.pubmatic.com www.newser.com
ads.pubmatic.com
d1bvk193qme2fc.cloudfront.net
7 x.bidswitch.net 6 redirects ssum.casalemedia.com
7 trends.revcontent.com assets.revcontent.com
d1bvk193qme2fc.cloudfront.net
7 fonts.gstatic.com fonts.googleapis.com
6 c1.adform.net 5 redirects image6.pubmatic.com
6 image2.pubmatic.com ads.pubmatic.com
6 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
eu-u.openx.net
6 ib.adnxs.com 3 redirects global.proper.io
googleads.g.doubleclick.net
6 ups.analytics.yahoo.com 6 redirects
6 jadserve.postrelease.com s.ntv.io
www.newser.com
5 usr.undertone.com cdn.undertone.com
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 pm.w55c.net 5 redirects
5 hal90007.redintelligence.net 1 redirects ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
www.newser.com
hal90007.redintelligence.net
5 cdn.ampproject.org d1bvk193qme2fc.cloudfront.net
5 adservice.google.com d1bvk193qme2fc.cloudfront.net
5994599.fls.doubleclick.net
www.newser.com
5 securepubads.g.doubleclick.net global.proper.io
securepubads.g.doubleclick.net
www.newser.com
5 pixel.quantserve.com 2 redirects www.newser.com
mantodea.mantisadnetwork.com
5 www.gstatic.com www.google.com
5 www.newser.com www.newser.com
static1-azrcdn.newser.com
4 imasdk.googleapis.com www.newser.com
4 eu-u.openx.net d1bvk193qme2fc.cloudfront.net
eu-u.openx.net
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
4 sync.mathtag.com 4 redirects
4 d5p.de17a.com 4 redirects
4 s0.2mdn.net ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
www.newser.com
4 5994599.fls.doubleclick.net 2 redirects www.newser.com
4 hal90005.redintelligence.net 1 redirects ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
www.newser.com
hal90005.redintelligence.net
4 track1.aniview.com player.aniview.com
4 prd-collector-anon.ex.co player.ex.co
4 www.googletagservices.com d1bvk193qme2fc.cloudfront.net
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
4 ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com d1bvk193qme2fc.cloudfront.net
4 images.revcontent.com
4 pixel.rubiconproject.com 2 redirects cdn.undertone.com
4 static1-azrcdn.newser.com www.newser.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
3 pixel.advertising.com 2 redirects www.newser.com
3 loadm.exelator.com 1 redirects ads.pubmatic.com
3 pixel.tapad.com 1 redirects image6.pubmatic.com
3 c.amazon-adsystem.com global.proper.io
c.amazon-adsystem.com
3 sb.scorecardresearch.com 1 redirects www.newser.com
3 rules.quantcount.com secure.quantserve.com
3 fonts.googleapis.com www.newser.com
tpc.googlesyndication.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 eus.rubiconproject.com d1bvk193qme2fc.cloudfront.net
eus.rubiconproject.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 pixel-sync.sitescout.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 ad4m.at ads.pubmatic.com
ssum-sec.casalemedia.com
2 secure.adnxs.com 1 redirects acdn.adnxs.com
2 js-sec.indexww.com d1bvk193qme2fc.cloudfront.net
ssum-sec.casalemedia.com
2 csync.smartadserver.com www.newser.com
2 cdn.contentspread.net hal90007.redintelligence.net
hal90005.redintelligence.net
2 prg.smartadserver.com player.aniview.com
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 player.aniview.com www.newser.com
2 hal9000.redintelligence.net www.newser.com
2 sync.search.spotxchange.com 1 redirects
2 ce.lijit.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 sync.bfmio.com d1bvk193qme2fc.cloudfront.net
2 fei.pro-market.net 2 redirects
2 sync.intentiq.com
2 i.clean.gg d1bvk193qme2fc.cloudfront.net
2 hbopenbid.pubmatic.com global.proper.io
player.aniview.com
2 bids.proper.io global.proper.io
2 usync.proper.io www.newser.com
2 rddywd.com www.newser.com
2 connect.facebook.net www.newser.com
connect.facebook.net
2 tru.am www.newser.com
tru.am
2 i.simpli.fi www.newser.com
d1bvk193qme2fc.cloudfront.net
2 secure.quantserve.com www.newser.com
mantodea.mantisadnetwork.com
2 global.proper.io www.newser.com
global.proper.io
2 platform.twitter.com static1-azrcdn.newser.com
platform.twitter.com
2 thirdpartyoffers.juno.com 2 redirects
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 match.bnmla.com image6.pubmatic.com
1 cs.admanmedia.com 1 redirects
1 cm.smadex.com 1 redirects
1 cdn.undertone.com d1bvk193qme2fc.cloudfront.net
1 simage4.pubmatic.com ads.pubmatic.com
1 ajax.googleapis.com hal90005.redintelligence.net
1 sync.aniview.com ssum.casalemedia.com
1 sync.adotmob.com 1 redirects
1 d.adroll.com 1 redirects
1 ecs.mantisadnetwork.com mantodea.mantisadnetwork.com
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 biddr.brealtime.com d1bvk193qme2fc.cloudfront.net
1 cdn.districtm.io d1bvk193qme2fc.cloudfront.net
1 mantodea.mantisadnetwork.com d1bvk193qme2fc.cloudfront.net
1 acdn.adnxs.com d1bvk193qme2fc.cloudfront.net
1 playbuzzmm.ads.tremorhub.com player.aniview.com
1 ssum.casalemedia.com www.newser.com
1 s.tribalfusion.com ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
1 dclk-match.dotomi.com ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
1 premiumsrv.aniview.com player.aniview.com
1 atrack.avplayer.com
1 player.avplayer.com d1bvk193qme2fc.cloudfront.net
1 adservice.google.de d1bvk193qme2fc.cloudfront.net
1 player.ex.co d1bvk193qme2fc.cloudfront.net
1 www.google.de
1 www.googleadservices.com 1 redirects
1 idsync.rlcdn.com
1 stags.bluekai.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 eb.proper.io global.proper.io
1 cdn.revcontent.com www.newser.com
1 d1bvk193qme2fc.cloudfront.net assets.revcontent.com
1 engine.4dsply.com cdn.engine.4dsply.com
1 syndication.twitter.com platform.twitter.com
1 hb-api.omnitagjs.com global.proper.io
1 as-sec.casalemedia.com global.proper.io
1 bidder.criteo.com global.proper.io
1 propermedia-d.openx.net global.proper.io
1 fastlane.rubiconproject.com global.proper.io
1 tag.1rx.io global.proper.io
1 dmx.districtm.io global.proper.io
1 apex.go.sonobi.com global.proper.io
1 hb.emxdgt.com global.proper.io
1 ping.chartbeat.net www.newser.com
1 beacon.tru.am tru.am
1 www.googleapis.com www.newser.com
1 load77.exelator.com www.newser.com
1 static.chartbeat.com www.newser.com
1 loadus.exelator.com www.newser.com
1 cdn.whizzco.com www.newser.com
1 assets.revcontent.com www.newser.com
1 cdn.engine.4dsply.com www.newser.com
1 cdn.intergi.com www.newser.com
1 api.ipify.org static1-azrcdn.newser.com
1 s.ntv.io www.newser.com
1 static2-azrcdn.newser.com www.newser.com
0 token.rubiconproject.com Failed eus.rubiconproject.com
0 ib.3lift.com Failed d1bvk193qme2fc.cloudfront.net
0 sync.teads.tv Failed d1bvk193qme2fc.cloudfront.net
0 pre.ads.justpremium.com Failed d1bvk193qme2fc.cloudfront.net
0 match.adsby.bidtheatre.com Failed ads.pubmatic.com
0 ads.avct.cloud Failed ads.pubmatic.com
0 visitor.fiftyt.com Failed ads.pubmatic.com
0 uipglob.semasio.net Failed ads.pubmatic.com
0 match.deepintent.com Failed ads.pubmatic.com
0 bh.contextweb.com Failed ads.pubmatic.com
0 green.erne.co Failed ads.pubmatic.com
0 sync.1rx.io Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 match.prod.bidr.io Failed ads.pubmatic.com
eu-u.openx.net
0 dsp.adfarm1.adition.com Failed ads.pubmatic.com
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
0 www9.smartadserver.com Failed player.aniview.com
0 secure-assets.rubiconproject.com Failed www.newser.com
cdn.undertone.com
512 179
Subject Issuer Validity Valid
*.newser.com
Go Daddy Secure Certificate Authority - G2		 2020-12-31 -
2022-02-01		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
static1-azrcdn.newser.com
DigiCert SHA2 Secure Server CA		 2020-09-27 -
2021-09-27		 a year crt.sh
static2-azrcdn.newser.com
DigiCert SHA2 Secure Server CA		 2020-09-27 -
2021-09-27		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2021-01-19 -
2022-02-19		 a year crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2020-07-03 -
2021-07-03		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
cdn.intergi.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
img1-azrcdn.newser.com
DigiCert SHA2 Secure Server CA		 2020-09-27 -
2021-09-27		 a year crt.sh
img2-azrcdn.newser.com
DigiCert SHA2 Secure Server CA		 2020-09-27 -
2021-09-27		 a year crt.sh
4dsply.com
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
assets.revcontent.com
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
whizzco.com
Cloudflare Inc ECC CA-3		 2020-06-30 -
2021-06-30		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-20 -
2021-07-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-26		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2020-06-01 -
2021-06-02		 a year crt.sh
1605158521.rsc.cdn77.org
R3		 2021-03-17 -
2021-06-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
revcontent.com
Amazon		 2020-07-08 -
2021-08-08		 a year crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2020-12-20 -
2022-01-20		 a year crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2021-06-18		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2021-04-15 -
2021-07-14		 3 months crt.sh
cdn.revcontent.com
R3		 2021-03-17 -
2021-06-15		 3 months crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.intentiq.com
Amazon		 2021-04-04 -
2022-05-03		 a year crt.sh
*.bfmio.com
Amazon		 2020-06-14 -
2021-07-14		 a year crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-03-24 -
2022-03-30		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
www.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
images.revcontent.com
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2020-12-27 -
2022-01-28		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
redintelligence.net
R3		 2021-04-21 -
2021-07-20		 3 months crt.sh
outstreamedia.com
R3		 2021-02-25 -
2021-05-26		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
contentspread.net
R3		 2021-04-05 -
2021-07-04		 3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-08 -
2022-04-13		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2020-11-13 -
2021-12-12		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
um3.eqads.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.undertone.com
Amazon		 2020-12-11 -
2022-01-09		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.ramp-ut.io
Amazon		 2020-11-07 -
2021-12-06		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.onaudience.com
Certyfikat SSL		 2020-05-28 -
2021-05-28		 a year crt.sh

This page contains 79 frames:

Primary Page: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Frame ID: 9F3AD0014FE572D120FCE5041B5EAC94
Requests: 248 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.63899b173766ee6f8a729a72b542b0fb.html?origin=https%3A%2F%2Fwww.newser.com
Frame ID: 790134C428EA11EA8CAE695F818BED7B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLeSUTAAAAAMogW1JMPzBSuKJhK1kWt2QZ4XvU&co=aHR0cHM6Ly93d3cubmV3c2VyLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=2jyzcwj44ltb
Frame ID: 7D66136B338414C351CE119F7577AD05
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfLeSUTAAAAAMogW1JMPzBSuKJhK1kWt2QZ4XvU&cb=xyw798o2mem7
Frame ID: A93BF22E04A84122F6C76DF78853F64E
Requests: 3 HTTP requests in this frame

Frame: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5F1D8F6A51ACC6FF956088AC2E82103F
Requests: 13 HTTP requests in this frame

Frame: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DD36782DA900A95C1BD36A9AED3A56B3
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: D219C232565B9441C58E90C6ED6980B5
Requests: 15 HTTP requests in this frame

Frame: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 099D7F5AD9ABE8F24E6F9274DCD6D5E5
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVQhbV-oJ9ur0jqf1V1ZTA7-eepB6Alk9w6HGptLCURGzi3xG64AArDucM3uuCMJ-FihAJadPQ7iKaoOe-LwLBxegJIMI06WFWDMQQbsH9y8SEjCBIAANQRSunlFUWsyJzFHOFgLdXLTXcTeRQa3ZQt0pJncGX0eO8-1k-Bn-iwNox2YjT_AHFgcqo9FfD7b9ADo0855h0vUB_EDJ9zM3XKYxlZWg
Frame ID: E571D0CC1B7833679293B33EB20AD6A5
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html
Frame ID: 3B5A10AF8D7327DCA27DE79817E8FE30
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9E7E7948A00A50732C03A8169655BD55
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNVtulQNizQ8pWGL0PcEzfJpWwqI4361N0PPn7lPRe9PFWk0BulY1zI90_7llFCxLwQrssjGHVBbBIDA270cFiwF0T_x3huQ8wy1Dj0j2M8-4i_qzrHY4hUsbrA7I5Cl2Vs8OKrLv9iJTVgtBUZ30ACv2ygCRH_ukzhv7DOmuz5g0q1j5dS8b1IH58L68tzNDK3k88XCjn1u3fTiEc6wDTIxrKrc3g
Frame ID: B52A0097D43BB01DD9EE0B1F5D976790
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 89A7797075451313AD3736F58F8B6006
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B57DF4466D83EBB2353A237C89145596
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A1ED8E36254414037805EA0ADC70D7E7
Requests: 3 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: F063F9232F12D4989CDF708ECAEE8CB6
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGWntPtm_ACFZ3Fuwgd2tMJDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3012593838778.41
Frame ID: 175E1938C3EDA7BC21A949781D3B1270
Requests: 2 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=91975200131870100710612011576007&a=3e2749d2
Frame ID: B8E791B1F6F16193ADEE6D8252AE4FE5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C2B8FC6CF79F6D4C63AB0D0203B80AEC
Requests: 9 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: 7036C5A6DCBB3C03BEDF04032B5317BA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D1%26key%3D
Frame ID: C4B82D4BA93F62F9F9DAF82CBF54391B
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D42%26key%3D
Frame ID: 6E77331A6386E51455EF3BB29283EA6F
Requests: 10 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
Frame ID: B91D3391A23B5407F31F11A182C0DD1B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9A781E95B733353D7B6A673095B8E019
Requests: 25 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3039&dcid=4&iscname=false&cname=
Frame ID: 7D1C7B5FA9E84EBF46E4BDAFF16C3326
Requests: 5 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3039&dcid=4&iscname=false&cname=
Frame ID: 7F81E4EB19FCE08CA5F50B47E0F3FFDB
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: DE8D9B8F3A01D8FA6A0DAC430C355B1D
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: ECBF613EB5793504BA22CB5A730F3758
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1619438259908&secure=true&version=9&mobile=false&title=Feds%20Doubted%20the%20Kidnapping%20Story.%20They%20Shouldn%27t%20Have&url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more
Frame ID: 420E1969C3C77A316B017927C0FE9C6C
Requests: 5 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: ED12ACC81947F28BA3E63246E4B60CDC
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 8EC9EFAC7007990556123E94788FBD51
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 464ED349F9E92C0715E107E209E81CBB
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B11DB94A77476F609C6A161DF4725497
Requests: 9 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2493EB88781043A2F8596F0DF3A8F3C0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1691578934495065504
Frame ID: 53A3ADD4495F110D6A7713818CFE184C
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9
Frame ID: F2C817CD3B74A54DF34925CE384445CE
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: BF5F5C151C049FCC903E5FD17B258D84
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 827F2AC21493B8076EF66FDF0F9469A7
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
Frame ID: 7FC82AF01583AF84EF7A40B71D5175C9
Requests: 1 HTTP requests in this frame

Frame: https://green.erne.co/pubmatic/cm
Frame ID: A3967FA6C9F9B410085058664A592112
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 46FD7398A2F5764AFBF5ECC5EAC867DF
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 2C366DFA22B0F0B8213C9E9F32FD7B49
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
Frame ID: 35DF933B415045161581F631DC6D358A
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Frame ID: 5D6D71181D84E17BD99E3BF9A83E4F5B
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=228c67b4-1b5c-46cb-8e1f-31c9aba29685-tuct780303c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 9C1EB84A3B57ADB6CF51F41FA2F1FB07
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 370A08E00922491361435D99E61D29DC
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKX_zdTtm_ACFSnIuwgdn6MGzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2579859255082.224
Frame ID: 8BF53A29ACB7E08FB3E40D6D3FC1DDD3
Requests: 2 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=42806000100536000710624011576005&a=8d501117
Frame ID: 563EA4958D56EC3073979D4BA14E7250
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3452FBD744EDC3D082CBB8E2723B96CF
Requests: 9 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=ae6z5gk1619438260049
Frame ID: ED798EB66ABDACB66C77346D19498AEE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 833D625D672B1912F59ADF20C309A89D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0E7EE559940733B4A3F5D0A0CFC5006B
Requests: 3 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A12%7D
Frame ID: F04CE73C69277A8BB5E13CB08CF493D6
Requests: 1 HTTP requests in this frame

Frame: https://ib.3lift.com/sync
Frame ID: BAC60A1B55BE8DF1E4F46206F884A20C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 8E8A767AB052E7EBE23B783FA0740BFC
Requests: 7 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=&gdpr=0&gc=&gce=1&us_privacy=1---
Frame ID: EB7027D3BAABA51B251CA2925401004E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9682E64CC67525ACB376CD04ADA1B04E
Requests: 6 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Frame ID: 736458237F27FC1E48CB600C2409F30D
Requests: 11 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=auLbLMbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 504AD29AA753388ED4FC3C73E458DA5A
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
Frame ID: 4D029AE684C6C71CCA620E66E7578040
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F317B17B-12F8-43F7-8FCA-BCDAA239829F
Frame ID: 7176E33AF60229DAF36A015117994743
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Frame ID: 6C6F4CFEF603B642327303E0FBD7981E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:MbnTsrcJ1LAZRY5&gdpr=0&gdpr_consent=
Frame ID: F03BE877B2CB2A05D9759E23D4B95248
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 5CE46D16809930C12D955B4F886D58DE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oQd6_DxkSPh6Nb-4-hVfEFn5QMs
Frame ID: C819CA77B0350F46D47E2C793FBC8363
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:99B53FBFFA154012A108191486A8A3EE
Frame ID: 36DD9D0C8A650AD799BC7CCE5E790997
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aYM3dqbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 2C973FA98358A802EECC5140D28355C5
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aVbmTmbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: E5B4B313C2CE92C1574D13B0BBC2B4C6
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aMI2rSbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 49639E4F763F9388B90452D7B87C520A
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aQZNIebZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 8F77551A8C5C37E924BA7389A56A1484
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aEhRN6bZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 51DF8D6BA68D55A4AA5B3DF0D9B18668
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 0533F8EBF1A49E82BCA4517B65B3E789
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: A5CB5EF4917F89090C2BD8A27AC5D799
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 85AE699D6C80A0CE15EA8662BB1DA34B
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 9F820D47EF86A2443C095F4F2FBD9823
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CCDD862F28E2E41E3066034EBF005813
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 58B3D212E772E1ED4E6A9A6E3AAF3625
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aAb9LgbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 8A691FC113F7C81CB2BD5B3F0471119A
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aIsVNgbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 031A38343009E57172A0360B74B16A32
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://thirdpartyoffers.juno.com/TGL3142/6085b05c8bdad305c372fst03duc3 HTTP 302
    http://thirdpartyoffers.juno.com/cgi-bin/click.cgi?u=6085b05c8bdad305c372fst03duc3&s=TGL3142 HTTP 302
    https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_... Page URL

Page Statistics

512
Requests

94 %
HTTPS

32 %
IPv6

110
Domains

179
Subdomains

120
IPs

9
Countries

6321 kB
Transfer

13467 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thirdpartyoffers.juno.com/TGL3142/6085b05c8bdad305c372fst03duc3 HTTP 302
    http://thirdpartyoffers.juno.com/cgi-bin/click.cgi?u=6085b05c8bdad305c372fst03duc3&s=TGL3142 HTTP 302
    https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65
  • https://img1-azrcdn.newser.com/square-image/305100-20210425073458/feds-doubted-the-kidnapping-story-they-shouldnt-have.jpeg HTTP 301
  • https://img1-azrcdn.newser.com/square-image/305100-20210425073458/us-wrongly-thought-diplomat-staged-his-own-kidnapping.jpeg
Request Chain 116
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035830&ns__t=1619438260012&ns_c=UTF-8&cv=3.5&c8=Feds%20Doubted%20the%20Kidnapping%20Story.%20They%20Shouldn%27t%20Have&c7=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1619438260012&ns_c=UTF-8&cv=3.5&c8=Feds%20Doubted%20the%20Kidnapping%20Story.%20They%20Shouldn%27t%20Have&c7=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&c9=
Request Chain 120
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D1d07aa5b-6ba7-452c-8595-a28c946d1faa%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_0feef13c_7fb9a69c_1 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D1d07aa5b-6ba7-452c-8595-a28c946d1faa%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_0feef13c_7fb9a69c_1 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=1d07aa5b-6ba7-452c-8595-a28c946d1faa&uid=0399a166-cc6f-4c54-b96b-6994f34bd5fa
Request Chain 121
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_7de39cd4_5b934916_2 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_7de39cd4_5b934916_2&verify=true HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-mOy0NbFE2uHeqr1IlR9OKCqKV36lHoJv~A
Request Chain 177
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=99B53FBFFA154012A108191486A8A3EE
Request Chain 178
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=99B53FBFFA154012A108191486A8A3EE HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=99B53FBFFA154012A108191486A8A3EE
Request Chain 179
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=99B53FBFFA154012A108191486A8A3EE HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1619438261&ip=89.249.64.203&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D165020403768000595936 HTTP 302
  • https://um.simpli.fi/aa_px?sk=165020403768000595936
Request Chain 181
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=99B53FBFFA154012A108191486A8A3EE
Request Chain 184
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=99B53FBFFA154012A108191486A8A3EE;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=99B53FBFFA154012A108191486A8A3EE;mimetype=img;sr HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=4365982732653578614
Request Chain 185
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=99B53FBFFA154012A108191486A8A3EE&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=99B53FBFFA154012A108191486A8A3EE&j=0&xl8blockcheck=1
Request Chain 187
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=99B53FBFFA154012A108191486A8A3EE
Request Chain 188
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=99B53FBFFA154012A108191486A8A3EE
Request Chain 189
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=99B53FBFFA154012A108191486A8A3EE HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=99B53FBFFA154012A108191486A8A3EE
Request Chain 190
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=99B53FBFFA154012A108191486A8A3EE HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=99B53FBFFA154012A108191486A8A3EE&dnr=1
Request Chain 191
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=99B53FBFFA154012A108191486A8A3EE
Request Chain 192
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1619438260934&cv=7&fst=1619438260934&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1855191124&cv=7&fst=1619438260934&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=tKqGYI_ZOrKhlQfA37DIAQ&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1855191124&cv=7&fst=1619438260934&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tKqGYI_ZOrKhlQfA37DIAQ&random=1408111988 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=1855191124&cv=7&fst=1619438260934&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tKqGYI_ZOrKhlQfA37DIAQ&random=1408111988&ipr=y
Request Chain 193
  • https://um.simpli.fi/spotx_match HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=99B53FBFFA154012A108191486A8A3EE HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=99B53FBFFA154012A108191486A8A3EE&__user_check__=1&sync_id=9b0390b3-a686-11eb-a4eb-129210fe0306
Request Chain 194
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=99B53FBFFA154012A108191486A8A3EE
Request Chain 195
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=99B53FBFFA154012A108191486A8A3EE&expires=365
Request Chain 196
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=99B53FBFFA154012A108191486A8A3EE
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEHPBnw9K-_PUm4ZJxBaV9ek&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=99B53FBFFA154012A108191486A8A3EE HTTP 302
  • https://um.simpli.fi/g_match?id=
Request Chain 250
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDRijdQd-vYBLSarRW3tQLQ&google_cver=1
Request Chain 258
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIaqtkhDhduXm5VvvJe51gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDRijdQd-vYBLSarRW3tQLQ&google_cver=1
Request Chain 262
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBsGTjle4NBGZD31t9sXqEg&google_cver=1
Request Chain 263
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjAzMDUyOTI2MDQyOTU2NA%3D%3D
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAst8ZqvNranJ2fLCJCFMEI&google_cver=1
Request Chain 265
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWI1ZTQxNzgtM2U0Ni02YzRlLTYxZWQtYjM1NGZlZjllMDA5
Request Chain 269
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 286
  • https://hal90007.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=f5a2a2c6a9&subid=&uid=63e2aa4724610e8a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCayOktaqGYOnyFaWGjuwP94CtuAq1zfmDV_zYuavlDPAuEAEg2Oq2IGCV-vCBjAfIAQmpAgod8OC3T7Q-qAMBqgTsAU_Q1e8_BKYiGM9uFFGtua4pmsQnHcbRSXP1-WshbsGrZNADKUC31hZRfSw4mdUQ1zPF813_sZR0vx2eZU5HsxsKlhxsNJ7D3UIJsemQc_5C-Nt9laBaOn2pjuON0AguyhYTqwf6sI3MW99SpJEKSqB3dBJqdsQZwP97FChNoZpeOhYb9VraZiHRScAol_N5ceG7j9SOcREDsLg9cv6GA9sH7q3GragTDjBUBsA6xxy3Cxyl-S0yNgnm_z4m3iDp6ibxRAcigxNK_5TNrmKf9vNgsey4Mc-XzyJ0A14ZwkFyRx21wgDbRd4Ds3jIwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgxMzU4OTkxNTk0OTc2NDaACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASEuRos4oV1an3P-lt-BGYfID0TQ%26sig%3DAOD64_2WCSjIIh8uPs93PdBoMgPCMrI7eA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-BB46uWUl_0trKF8LVopnSmM0YeXHtrOWNcNtK7JYqNrJLyal7iIThW8HAW9Bryq1JcUpA6S83m56JUE51V2sdyPZTy_7G1cdPUdMnSRGc8-r2o6xPFknXrtaPK-0ZubGUEXXT8QAEFlpgMizZYwyVy41W4tA%26cry%3D1%26dbm_d%3DAKAmf-CECLzxUnlXOFbIt0zdaMS7eXCMa7wOu9eNyOC1MglqxHrX7f12NGo_y7l4S7barcY2kmja0G8AZNW8cu8jGPxuuH7WSIKtg8mQR6JE8U2Tlsk2B2LO9Y9_YfpvsWbImxaD_LYovTi0WXMWV6cgQLdSFjY8e9LlGNBlKhn8LkTUGsf9yTmyXLHiauBKYE8OgeIzFO9836GxHUFk-CzOmpQKkCVlzB0-jpewq-t0Vm_HY8fLnOrfYS9k6Ll42B3fXjRe5_9_7V68x9wk8Fku375BgYDtqrrHQC12nOX4Dqt_S8qulMw6psCVI_68y1_GsFjDCJer_iZI3tXcJpstebB3zdHlYtTRcHNMBlbE4pRdaJTZVqoiUKqy3v64UntZEZK2uUP7m3FE455vd77j23WX8yWOPEZ56QiZhzuRVPOQ39bwiqJI049DVLkl_NBofnvg_DMKFjkUXNjPBZkY00UocPQFCjEQbkjiO3e4ttRAE8jgc4WXemfIhoHhabw4BV6FODamPX5ckztI0Fg-9RFKFPZ5abolxYyBtVAdbO4joappp82CPHCMEd9QbsH4wptj6MeornnTaI7pE2GSN1Orm9-Qgp2wuVbhbSwvrT7YpkGt_2I%26adurl%3D&documentReferer=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&ancestorOrigins=https%3A%2F%2Fwww.newser.com&random=2140321860645&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
  • https://hal90007.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=f5a2a2c6a9&subid=&uid=63e2aa4724610e8a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCayOktaqGYOnyFaWGjuwP94CtuAq1zfmDV_zYuavlDPAuEAEg2Oq2IGCV-vCBjAfIAQmpAgod8OC3T7Q-qAMBqgTsAU_Q1e8_BKYiGM9uFFGtua4pmsQnHcbRSXP1-WshbsGrZNADKUC31hZRfSw4mdUQ1zPF813_sZR0vx2eZU5HsxsKlhxsNJ7D3UIJsemQc_5C-Nt9laBaOn2pjuON0AguyhYTqwf6sI3MW99SpJEKSqB3dBJqdsQZwP97FChNoZpeOhYb9VraZiHRScAol_N5ceG7j9SOcREDsLg9cv6GA9sH7q3GragTDjBUBsA6xxy3Cxyl-S0yNgnm_z4m3iDp6ibxRAcigxNK_5TNrmKf9vNgsey4Mc-XzyJ0A14ZwkFyRx21wgDbRd4Ds3jIwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgxMzU4OTkxNTk0OTc2NDaACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASEuRos4oV1an3P-lt-BGYfID0TQ%26sig%3DAOD64_2WCSjIIh8uPs93PdBoMgPCMrI7eA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-BB46uWUl_0trKF8LVopnSmM0YeXHtrOWNcNtK7JYqNrJLyal7iIThW8HAW9Bryq1JcUpA6S83m56JUE51V2sdyPZTy_7G1cdPUdMnSRGc8-r2o6xPFknXrtaPK-0ZubGUEXXT8QAEFlpgMizZYwyVy41W4tA%26cry%3D1%26dbm_d%3DAKAmf-CECLzxUnlXOFbIt0zdaMS7eXCMa7wOu9eNyOC1MglqxHrX7f12NGo_y7l4S7barcY2kmja0G8AZNW8cu8jGPxuuH7WSIKtg8mQR6JE8U2Tlsk2B2LO9Y9_YfpvsWbImxaD_LYovTi0WXMWV6cgQLdSFjY8e9LlGNBlKhn8LkTUGsf9yTmyXLHiauBKYE8OgeIzFO9836GxHUFk-CzOmpQKkCVlzB0-jpewq-t0Vm_HY8fLnOrfYS9k6Ll42B3fXjRe5_9_7V68x9wk8Fku375BgYDtqrrHQC12nOX4Dqt_S8qulMw6psCVI_68y1_GsFjDCJer_iZI3tXcJpstebB3zdHlYtTRcHNMBlbE4pRdaJTZVqoiUKqy3v64UntZEZK2uUP7m3FE455vd77j23WX8yWOPEZ56QiZhzuRVPOQ39bwiqJI049DVLkl_NBofnvg_DMKFjkUXNjPBZkY00UocPQFCjEQbkjiO3e4ttRAE8jgc4WXemfIhoHhabw4BV6FODamPX5ckztI0Fg-9RFKFPZ5abolxYyBtVAdbO4joappp82CPHCMEd9QbsH4wptj6MeornnTaI7pE2GSN1Orm9-Qgp2wuVbhbSwvrT7YpkGt_2I%26adurl%3D&documentReferer=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&ancestorOrigins=https%3A%2F%2Fwww.newser.com&random=2140321860645&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Request Chain 299
  • https://hal90005.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=d17e81bd0a&subid=&uid=424dd3ca5e371417&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCisnetaqGYOzyFaWGjuwP94CtuAq1zfmDV5zfuavlDPAuEAEg2Oq2IGCV-vCBjAfIAQmpAgod8OC3T7Q-qAMBqgTwAU_QL4uqPWqmF2sSoOI-jlqKGPvhrl5NvQ-DTIv01Qq51k9KHlAWQxrkJWhBAfyKp4RC2SCMYkwdRhjsn1-pIJntz1SLAU-TWeETN4ufiYssLlPHwV8sAZTABpKbmyUbHAa_xJHDfgGVEuMXPakgZY4GETRIJ7NYSpkV7y6e9Dp26wjzsoi0UiOppquwWwP2Q2H9uxAQDEEkGRQE4I8guyqp3iCUbIoArYj7DMqpa_ld9ueh69v_Clap7waCQA6x7bD6xXgxMCfgLk52DzJY2YnXCyY-GyFlfEgaXEpmmc8-e23XG27CPZOadln9JJhCEsAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTM1ODk5MTU5NDk3NjQ2gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoq7UdgWg_hRNWLgZhRHxSLA%26sig%3DAOD64_3_Wn6NB4hG0M-AF7jDDG-v3s_kwQ%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-BLA9PxMNcjbATgq5nVHkXd6i-TALvPxYlZ_6u9NSFIc-681qzrJXCFWs3lCPdTMVfA2dhj2NYkiHnh1eqfeyH4w97uuSfiMRDOq5Cqrxd5SYKeq9QVuKGnSKdWhS6oBJ8tDrO78HrLeNK0IIUTO2CX7Ew3RQ%26cry%3D1%26dbm_d%3DAKAmf-BZQyET1n11I-UK2Cgjm6xPOq7GWE8mFhEvDcwptk0k8GmJzmU2AbAM0LVfwfy3p_BgpOZn_9OCg7fmg27yzSusZeJg6ofx9Fjg48OOSP6dTG5jqSuk1hQDj7UKnVU1gXjcgciVgd6kpRAgeGB6pH3PS4LdPjVTE7r8ZhTCfsz5mybo_muAJgllLFbmCaGgJEekJfC51U98-DBFQkcFEVUNGO-Bbd5yklU1LKNnpoHu-dp6Q0uCTwnDIdCZo9vtSNkCPBXufO_I-D4yWTQxDbmC97fWUla_c_-USZLiu8b5ln9Fgy8DJLnJGMBr2mVjPiVJwe8aOD_aD-o3j0CIZ1KHX4iMDAO-SULvBM8Qe4LxCIXtk2EXog5GCchKQBxCUWrvXuMpg0KInJP5uqjxAbLQP3qFXXoAYFuXZtjVFkJg_Qr6kr2xg5rcrz6zcm0Swhonw67O_lHvarfZxz3gSTfG7zTy7HjZhnRY8h8MvEXY-oR3bSZFb7OaD1i0VamClI64fp2JntYCgLVNvDIaPmCaY2xNk9Jm4jcTtpZgGrhkOPtcE6PXj575p2t_3Jl_efH3Y4SbbZaDJNMLfQsUqwsXyoY_K-a52s48bfwfCz8DFTJ-EVI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&ancestorOrigins=https%3A%2F%2Fwww.newser.com&random=4520319804249&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
  • https://hal90005.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=d17e81bd0a&subid=&uid=424dd3ca5e371417&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCisnetaqGYOzyFaWGjuwP94CtuAq1zfmDV5zfuavlDPAuEAEg2Oq2IGCV-vCBjAfIAQmpAgod8OC3T7Q-qAMBqgTwAU_QL4uqPWqmF2sSoOI-jlqKGPvhrl5NvQ-DTIv01Qq51k9KHlAWQxrkJWhBAfyKp4RC2SCMYkwdRhjsn1-pIJntz1SLAU-TWeETN4ufiYssLlPHwV8sAZTABpKbmyUbHAa_xJHDfgGVEuMXPakgZY4GETRIJ7NYSpkV7y6e9Dp26wjzsoi0UiOppquwWwP2Q2H9uxAQDEEkGRQE4I8guyqp3iCUbIoArYj7DMqpa_ld9ueh69v_Clap7waCQA6x7bD6xXgxMCfgLk52DzJY2YnXCyY-GyFlfEgaXEpmmc8-e23XG27CPZOadln9JJhCEsAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTM1ODk5MTU5NDk3NjQ2gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoq7UdgWg_hRNWLgZhRHxSLA%26sig%3DAOD64_3_Wn6NB4hG0M-AF7jDDG-v3s_kwQ%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-BLA9PxMNcjbATgq5nVHkXd6i-TALvPxYlZ_6u9NSFIc-681qzrJXCFWs3lCPdTMVfA2dhj2NYkiHnh1eqfeyH4w97uuSfiMRDOq5Cqrxd5SYKeq9QVuKGnSKdWhS6oBJ8tDrO78HrLeNK0IIUTO2CX7Ew3RQ%26cry%3D1%26dbm_d%3DAKAmf-BZQyET1n11I-UK2Cgjm6xPOq7GWE8mFhEvDcwptk0k8GmJzmU2AbAM0LVfwfy3p_BgpOZn_9OCg7fmg27yzSusZeJg6ofx9Fjg48OOSP6dTG5jqSuk1hQDj7UKnVU1gXjcgciVgd6kpRAgeGB6pH3PS4LdPjVTE7r8ZhTCfsz5mybo_muAJgllLFbmCaGgJEekJfC51U98-DBFQkcFEVUNGO-Bbd5yklU1LKNnpoHu-dp6Q0uCTwnDIdCZo9vtSNkCPBXufO_I-D4yWTQxDbmC97fWUla_c_-USZLiu8b5ln9Fgy8DJLnJGMBr2mVjPiVJwe8aOD_aD-o3j0CIZ1KHX4iMDAO-SULvBM8Qe4LxCIXtk2EXog5GCchKQBxCUWrvXuMpg0KInJP5uqjxAbLQP3qFXXoAYFuXZtjVFkJg_Qr6kr2xg5rcrz6zcm0Swhonw67O_lHvarfZxz3gSTfG7zTy7HjZhnRY8h8MvEXY-oR3bSZFb7OaD1i0VamClI64fp2JntYCgLVNvDIaPmCaY2xNk9Jm4jcTtpZgGrhkOPtcE6PXj575p2t_3Jl_efH3Y4SbbZaDJNMLfQsUqwsXyoY_K-a52s48bfwfCz8DFTJ-EVI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&ancestorOrigins=https%3A%2F%2Fwww.newser.com&random=4520319804249&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Request Chain 303
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3012593838778.41 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGWntPtm_ACFZ3Fuwgd2tMJDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3012593838778.41
Request Chain 308
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENRgWNt5VJKps8jsrB2pHAE&google_cver=1&google_push=AQvitUL9hj1XBtgFEi32CyxiDaJFZs8v13bvzzYqRYCXrBm9eGvzZOzpDVNECxKru0sayio_usxSiutQKTfoM0Ht5pRhrMoxpQo HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENRgWNt5VJKps8jsrB2pHAE&google_cver=1&google_push=AQvitUL9hj1XBtgFEi32CyxiDaJFZs8v13bvzzYqRYCXrBm9eGvzZOzpDVNECxKru0sayio_usxSiutQKTfoM0Ht5pRhrMoxpQo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TWJuVHNyY0oxTEFaUlk1&google_gid=CAESENRgWNt5VJKps8jsrB2pHAE&google_cver=1&google_push=AQvitUL9hj1XBtgFEi32CyxiDaJFZs8v13bvzzYqRYCXrBm9eGvzZOzpDVNECxKru0sayio_usxSiutQKTfoM0Ht5pRhrMoxpQo
Request Chain 309
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFv-0-NLvDlhkW4Y1Q5mnL0&google_cver=1&google_push=AQvitUJQII9F89WFbaFrrj69KhaUkYhcnl6BsM4dsn6ZPt2pi8QX9LbJcJxam99eAH0OeXakSGdzmMUpEPH-S8NEDqEbKafntoZJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUJQII9F89WFbaFrrj69KhaUkYhcnl6BsM4dsn6ZPt2pi8QX9LbJcJxam99eAH0OeXakSGdzmMUpEPH-S8NEDqEbKafntoZJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFv-0-NLvDlhkW4Y1Q5mnL0&google_cver=1&google_push=AQvitUJQII9F89WFbaFrrj69KhaUkYhcnl6BsM4dsn6ZPt2pi8QX9LbJcJxam99eAH0OeXakSGdzmMUpEPH-S8NEDqEbKafntoZJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUJQII9F89WFbaFrrj69KhaUkYhcnl6BsM4dsn6ZPt2pi8QX9LbJcJxam99eAH0OeXakSGdzmMUpEPH-S8NEDqEbKafntoZJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 310
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMyxMJIilkhxPTWSvJPWzvY&google_cver=1&google_push=AQvitUKx_4ElU2gG4LltShOr1DjZZMiI9WmOWTheP3IbsfjtSet4JULJLJ-VCwOjoCQ8I01KAF4brRrg3hz_1NP1fqQPAjgo_j0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUKx_4ElU2gG4LltShOr1DjZZMiI9WmOWTheP3IbsfjtSet4JULJLJ-VCwOjoCQ8I01KAF4brRrg3hz_1NP1fqQPAjgo_j0&google_hm=Njc4MTMyNjIxNDEyNDQ4MzcwNA%3D%3D
Request Chain 312
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECJp7YBWC5hRIgJVtQ9HgME&google_cver=1&google_push=AQvitUJ4aqEsvbAszSIZRlp5Grkl5Nejb7ye_tY75kJu4Fih6LuyT_cCDGEXpte6euhGXeuKV80HW7RwkNtW5pSSHyqCRlxW-Nt_ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECJp7YBWC5hRIgJVtQ9HgME&google_cver=1&google_push=AQvitUJ4aqEsvbAszSIZRlp5Grkl5Nejb7ye_tY75kJu4Fih6LuyT_cCDGEXpte6euhGXeuKV80HW7RwkNtW5pSSHyqCRlxW-Nt_&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8xexexL4Q_ePyrzaojmCnw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJ4aqEsvbAszSIZRlp5Grkl5Nejb7ye_tY75kJu4Fih6LuyT_cCDGEXpte6euhGXeuKV80HW7RwkNtW5pSSHyqCRlxW-Nt_
Request Chain 313
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIlmz_GtbvnkW_TTlhmjJmg&google_cver=1&google_push=AQvitULuCSTZyRemgNya3BYKMRoCAmME6dOnQt07C3nNhFVfGYctftZkYSvKuTJJaWRYpp0xhBEUsRFlFKfSUDWlnE1i2q4lltl4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSlE2UlUtMUMtRFo2Rw==&google_push=AQvitULuCSTZyRemgNya3BYKMRoCAmME6dOnQt07C3nNhFVfGYctftZkYSvKuTJJaWRYpp0xhBEUsRFlFKfSUDWlnE1i2q4lltl4
Request Chain 378
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1691578934495065504
Request Chain 388
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=228c67b4-1b5c-46cb-8e1f-31c9aba29685-tuct780303c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8xexexL4Q_ePyrzaojmCnw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 393
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjMxN0IxN0ItMTJGOC00M0Y3LThGQ0EtQkNEQUEyMzk4MjlG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEERxoO3LysoPT7xUADGOx2E&google_cver=1
Request Chain 396
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&gdpr=0&gdpr_consent=
Request Chain 397
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4103781883286397064
Request Chain 398
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=64e02ea2-73b0-45e2-ba0e-bc9ec0662a40
Request Chain 399
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4976030529260429564&gdpr=0&gdpr_consent=
Request Chain 401
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F317B17B-12F8-43F7-8FCA-BCDAA239829F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-syIlspNE2uWKvJc3AGHpnFWmx8KlOZg-~A&gdpr=0&gdpr_consent=
Request Chain 402
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
Request Chain 403
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li
Request Chain 404
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3599435174562322988&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 405
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YIaquQAAeMwqPQA4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIaquQAAeMwqPQA4&gdpr=0&gdpr_consent=&_test=YIaquQAAeMwqPQA4
Request Chain 407
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 409
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4976030529260429564
Request Chain 410
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2278784d-2046-45b6-8d5e-71f5982a203f
Request Chain 412
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=64e02ea2-73b0-45e2-ba0e-bc9ec0662a40
Request Chain 414
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESED6B_GoV29WTxsptEvE6X-w&google_cver=1
Request Chain 415
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB&dcc=t
Request Chain 417
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YIaqtkhDhduXm5VvvJe51gAABE4AAAAB
Request Chain 419
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 421
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 424
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2579859255082.224 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CKX_zdTtm_ACFSnIuwgdn6MGzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2579859255082.224
Request Chain 428
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEN4zubFh_65-JZhuy4BLMNg&google_cver=1&google_push=AQvitUKUp04lWdopUsIsEoy-JMGXQ8WW85ojesGX9exNtvciCZGPYX0_CjEI_WjRbTYQ3h30FT8pJHJa6U7o30QfUTRzJs204UiW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKUp04lWdopUsIsEoy-JMGXQ8WW85ojesGX9exNtvciCZGPYX0_CjEI_WjRbTYQ3h30FT8pJHJa6U7o30QfUTRzJs204UiW
Request Chain 430
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELUaprzcva6vTOS_TVMFKyA&google_cver=1&google_push=AQvitULaPj5KPn6qXie_qgFO20WGwAvwuEX-zOekzHNil1sOSN9RJ4fhUY6Qw0SND1V7OjuEWIlssJa5yTbJNSrNpgKDj4_xTk25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULaPj5KPn6qXie_qgFO20WGwAvwuEX-zOekzHNil1sOSN9RJ4fhUY6Qw0SND1V7OjuEWIlssJa5yTbJNSrNpgKDj4_xTk25&google_hm=A5mhZsxvTFS5a2mU80vV-g==
Request Chain 432
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFrOnd1-oJ67RF9qfQDzLww&google_cver=1&google_push=AQvitUJJ7RbUsU2XsL-s2b73US-PXpCbsqDgLj4aiQ6fUvhva3kTV72iRNgB5TN4WGGiiBLRhmTLSjNtCrORm5WXQRdnpv_14Gz2 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFrOnd1-oJ67RF9qfQDzLww&google_cver=1&google_push=AQvitUJJ7RbUsU2XsL-s2b73US-PXpCbsqDgLj4aiQ6fUvhva3kTV72iRNgB5TN4WGGiiBLRhmTLSjNtCrORm5WXQRdnpv_14Gz2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUJJ7RbUsU2XsL-s2b73US-PXpCbsqDgLj4aiQ6fUvhva3kTV72iRNgB5TN4WGGiiBLRhmTLSjNtCrORm5WXQRdnpv_14Gz2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUJJ7RbUsU2XsL-s2b73US-PXpCbsqDgLj4aiQ6fUvhva3kTV72iRNgB5TN4WGGiiBLRhmTLSjNtCrORm5WXQRdnpv_14Gz2&google_tc=
Request Chain 433
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIlmz_GtbvnkW_TTlhmjJmg&google_cver=1&google_push=AQvitUL62--_ExXYkpA_yq3LFd0fvI9e4aqhrN1G9nw7Wf6G_9nVNyjggpmEC7j5rkfKSAQ2XBAFUBJTN0Q4obu3Co2E9Kw-T9E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSlE2UlUtMUMtRFo2Rw==&google_push=AQvitUL62--_ExXYkpA_yq3LFd0fvI9e4aqhrN1G9nw7Wf6G_9nVNyjggpmEC7j5rkfKSAQ2XBAFUBJTN0Q4obu3Co2E9Kw-T9E
Request Chain 434
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENc5h_fVMBhRZBK8C3OYIb0&google_cver=1&google_push=AQvitUJf2MLaJ61zQu6r850H8VZEY7o7Rtg4uWWcd-Z-Z98liHg_uuc6Km0Bm38HZ_a-uhx_wsjhkZcNFCDT5FFJSqblWI9zteEmHg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hRndFcXBKRTJ1RzcxLklnZEdUNEY1ejFCY1dYTGcwZX5B&google_push=AQvitUJf2MLaJ61zQu6r850H8VZEY7o7Rtg4uWWcd-Z-Z98liHg_uuc6Km0Bm38HZ_a-uhx_wsjhkZcNFCDT5FFJSqblWI9zteEmHg
Request Chain 437
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESED6B_GoV29WTxsptEvE6X-w&google_cver=1
Request Chain 438
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB&dcc=t
Request Chain 441
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622030266
Request Chain 443
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=MbnTsrcJ1LAZRY5&gdpr=1
Request Chain 444
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0628220402000c79132e071f&expiration=[EXPIRATION]&gdpr=1
Request Chain 463
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=MbnTsrcJ1LAZRY5
Request Chain 464
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=0399a166-cc6f-4c54-b96b-6994f34bd5fa HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=d711314e-7446-4423-a975-af821be3c2ed&expires=10&ssp=openx&bsw_param=0399a166-cc6f-4c54-b96b-6994f34bd5fa HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=340&user_id=d711314e-7446-4423-a975-af821be3c2ed&expires=10&ssp=openx&bsw_param=0399a166-cc6f-4c54-b96b-6994f34bd5fa HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=dcee53a2-edb4-4b2c-9acc-7133174ad2e1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=dcee53a2-edb4-4b2c-9acc-7133174ad2e1
Request Chain 466
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f24b6086-aab9-4f00-a1a2-bc10888e3de4
Request Chain 467
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ik8pfXUec3g5GyV-dk48eSdJdSk5TyQoIB0G-xG0
Request Chain 468
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7148491099707590407
Request Chain 471
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAst8ZqvNranJ2fLCJCFMEI&google_cver=1
Request Chain 474
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=4976030529260429564
Request Chain 475
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=8c5cf595-f79e-0e89-1e88-f62ac3b70e3b
Request Chain 476
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9e6a09b7-a686-11eb-9cd3-02d3e634cab0 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-bLImlBhE2uHFc65mgRUFi9g_BWUd25qh~A~UP9e6a09b7-a686-11eb-9cd3-02d3e634cab0
Request Chain 477
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=64e02ea2-73b0-45e2-ba0e-bc9ec0662a40&ttl=1622030267
Request Chain 479
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=670e2fc9c09785aabfbf0ac05112e6e7690c96c7
Request Chain 484
  • https://c1.adform.net/serving/cookie/match?party=14&cid=F317B17B-12F8-43F7-8FCA-BCDAA239829F HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F317B17B-12F8-43F7-8FCA-BCDAA239829F
Request Chain 485
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Request Chain 486
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:MbnTsrcJ1LAZRY5&gdpr=0&gdpr_consent=
Request Chain 488
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oQd6_DxkSPh6Nb-4-hVfEFn5QMs
Request Chain 489
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:99B53FBFFA154012A108191486A8A3EE
Request Chain 490
  • https://pixel.onaudience.com/?partner=214&mapped=F317B17B-12F8-43F7-8FCA-BCDAA239829F HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f87e4f630068dd74e7d506c17011bea9
Request Chain 491
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f24b6086-aab9-4f00-a1a2-bc10888e3de4
Request Chain 493
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9f7b04f0-a686-11eb-9749-09462eaa0c2c&gdpr=0&gdpr_consent=

512 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set us-wrongly-thought-diplomat-staged-his-own-kidnapping.html
www.newser.com/story/305100/
Redirect Chain
  • http://thirdpartyoffers.juno.com/TGL3142/6085b05c8bdad305c372fst03duc3
  • http://thirdpartyoffers.juno.com/cgi-bin/click.cgi?u=6085b05c8bdad305c372fst03duc3&s=TGL3142
  • https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
238 KB
72 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.114.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2850541eefcb545ac595504e0103a77bb0f8ae0ecdb92d2af5cabfb3edd7928d

Request headers

Host
www.newser.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
private, no-store
Pragma
no-cache
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
Mon, 26 Apr 2021 11:56:39 GMT
Vary
Accept-Encoding
Scheme
https
RawURL
/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Set-Cookie
ASP.NET_SessionId=2ydpb3u0mdsnmpfshux5s2ce; path=/; HttpOnly; SameSite=Lax USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1454384860; expires=Thu, 24-Apr-2031 11:57:39 GMT; path=/; secure; SameSite=Lax USERSETTINGS=; expires=Sun, 25-Apr-2021 11:57:39 GMT; path=/; secure; SameSite=Lax
Date
Mon, 26 Apr 2021 11:57:39 GMT

Redirect headers

Date
Mon, 26 Apr 2021 11:57:38 GMT
Server
Apache
Cache-Control
max-age=0, no-cache, no-store
Location
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Content-Length
0
Keep-Alive
timeout=60, max=1000
Connection
Keep-Alive
Content-Type
text/html
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
871a8f1084b6a27c4a67c854ba86e745d89be827f9bbc9057cbf3e535722cee1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 11:57:39 GMT
server
ESF
date
Mon, 26 Apr 2021 11:57:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 11:57:39 GMT
stylesheet.ashx
static1-azrcdn.newser.com/stylesheets/20210409_1520/ 		130 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1345fd31c871f1be80924e6020298e182023f420b49e740bed5903748fc27546

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
content-encoding
br
x-azure-ref-originshield
0xKWGYAAAAADGBeiUepETQaw6RWj2F9o6TE9OMjFFREdFMTUwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
x-azure-ref
0s6qGYAAAAADWdSTEMvw4TZe/flYPEFV6RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
text/css; charset=utf-8
cache-control
public, max-age=2592000
scheme
https
jquery-1.12.4.min.js
static1-azrcdn.newser.com/javascript/20210409_1520/ 		114 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1-azrcdn.newser.com/javascript/20210409_1520/jquery-1.12.4.min.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
content-encoding
br
last-modified
Fri, 04 Dec 2020 19:36:38 GMT
x-azure-ref-originshield
0M+OAYAAAAACIf/B/SEmwTodkSQ5Z1nOrTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADzlpmrHkMRS62ptT4Vh25WRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
text/javascript
cache-control
max-age=604800
accept-ranges
bytes
javascript.ashx
static1-azrcdn.newser.com/javascript/20210409_1520/ 		207 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1-azrcdn.newser.com/javascript/20210409_1520/javascript.ashx?file=newser.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6f94014e7f3634aaa24b7c42f84bbc32da785c6ad42fd229674be824922349e6

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
content-encoding
br
x-azure-ref-originshield
0X3OGYAAAAACidsNTinSKRYte7Qu0XvHZTE9OMjFFREdFMDIyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/javascript/20210409_1520/javascript.ashx?file=newser.js
x-azure-ref
0s6qGYAAAAADBW51qtygUTK2vZWgaIc08RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2592000
scheme
https
modernizr-custom.js
static2-azrcdn.newser.com/javascript/20210409_1520/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static2-azrcdn.newser.com/javascript/20210409_1520/modernizr-custom.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:38 GMT
content-encoding
br
last-modified
Mon, 06 Jul 2020 18:04:17 GMT
x-azure-ref-originshield
0AHiGYAAAAABE/T2EkGmeRK6rosW/0NkgTE9OMjFFREdFMDIxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADCNVbs8wvwSoHWd2J8gfL9RlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
text/javascript
cache-control
max-age=604800
accept-ranges
bytes
jcarousel_min.js
static1-azrcdn.newser.com/javascript/20210409_1520/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1-azrcdn.newser.com/javascript/20210409_1520/jcarousel_min.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
content-encoding
br
last-modified
Mon, 06 Jul 2020 18:04:17 GMT
x-azure-ref-originshield
0FXSFYAAAAAD0E5Q5fBmcRa+vxthSssQMTE9OMjFFREdFMTUxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADsYAfoFAQuQ5lHE0XClwZRRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
text/javascript
cache-control
max-age=604800
accept-ranges
bytes
load.js
s.ntv.io/serve/ 		353 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-59.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:39 GMT
Content-Encoding
gzip
x-amz-request-id
5BE94SRWFAVGV6KN
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
UHZ1M7Ew2kMfC0OOdUcDgpivU6fMYEDCTASgK41blK6kjlk4fUQ8DjDXNIAFTEux8/fej9hjTrc=
Last-Modified
Tue, 13 Apr 2021 17:19:57 GMT
Server
AmazonS3
ETag
"4330b9a8c8acd8b7385eb09575a0f098"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20210409_1520/javascript.ashx?file=newser.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
501ed6f37588ea4083347c8c1b9fd9bfbc560f8f9977aa2847749e0977063f6c

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Apr 2021 22:47:45 GMT
Server
ECS (frb/67DF)
Age
1068
Etag
"f8e2082c1f210ffae5a2de107bd73ffc+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28769
/
api.ipify.org/ 		22 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20210409_1520/jquery-1.12.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.233.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-233-72.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
fb28a7094c14ceebd4d7fc09cb4390c9a346eaf050a24a573887f437c0dcc890

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:39 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newser.com
Connection
keep-alive
Content-Length
22
newser.min.js
global.proper.io/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/newser.min.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53730a7fbcb3223f91059fe2cb0ed31fc1a9280048fea7f62cd0f047c4c2d3d2

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Apr 2021 14:07:46 GMT
server
cloudflare
age
251297
etag
W/"6082d4b2-5e6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
645fa2830d9b4ec1-FRA
cf-request-id
09afa3e5e900004ec1720c6000000001
expires
Mon, 26 Apr 2021 12:02:39 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
content-encoding
gzip
etag
"9iaPKZLFg6XYoMRMhilE8g=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 03 May 2021 11:57:39 GMT
tyche.js
cdn.intergi.com/hera/ 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/tyche.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:e200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1c6b092ba127041b63d54877f927535bf99dafbd361451ac24fbc8013191d798

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
via
1.1 17a71b4bf5d35b398b0fd90a5cd154a7.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MAD50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=50, public, must-revalidate
content-encoding
br
x-amz-cf-id
83QyfSiiQMchkvkj8cL3eh_Oh1Q8jC2SUYVnF6AyJdgpmgPq6cAz2Q==
NSSMain3.png
img1-azrcdn.newser.com/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/NSSMain3.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9ca5c7b9512739626f890d52f19eb2358cbb074e5a6921b072280ec1d95e06d6

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield
0wHiGYAAAAAAQU33wXnqvQKc13QiPKmgNTE9OMjFFREdFMDExMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAABB6OnUrtXzRqVRx5I0Co+XRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
10792
SignUp2.png
img2-azrcdn.newser.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/SignUp2.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f3f879e9b3918ab2d171c21ffd5335c69d7a5742bc99b44ffccf519b3199e355

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield
00JaAYAAAAACcELk5xkzwT6cHFbP9S2G2TE9OMjFFREdFMDIyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAABPGxC2qdImSLTSt259iJSYRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1849
WebResource.axd
www.newser.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newser.com/WebResource.axd?d=06Jj8UhjGnfjVV9fsSwSGB3SMynkkA-B8wJ8PDUv3zGcedSNxq_AYCDidnhjxevbO4n1EssaEQtOgW2SSN0J0rfeHMD5dobsTJuCtqQUK3s1&t=637453852754849868
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.114.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.newser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Cookie
ASP.NET_SessionId=2ydpb3u0mdsnmpfshux5s2ce; USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1454384860
Connection
keep-alive
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Jan 2021 01:27:55 GMT
RawURL
/WebResource.axd?d=06Jj8UhjGnfjVV9fsSwSGB3SMynkkA-B8wJ8PDUv3zGcedSNxq_AYCDidnhjxevbO4n1EssaEQtOgW2SSN0J0rfeHMD5dobsTJuCtqQUK3s1&t=637453852754849868
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public
Scheme
https
Content-Length
6007
Expires
Tue, 26 Apr 2022 04:49:45 GMT
WebResource.axd
www.newser.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newser.com/WebResource.axd?d=BSNVraPWBvdPK4PFb6oVyb9-1eBy353j45-6NjUY1XVYZqMDOm7yd2C16lH1NYgEr3WDcQcVidLJYD6cLNLfsqOeO1t-UASYNujdhIHRvjc1&t=637453852754849868
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.114.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.newser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Cookie
ASP.NET_SessionId=2ydpb3u0mdsnmpfshux5s2ce; USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1454384860
Connection
keep-alive
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Jan 2021 01:27:55 GMT
RawURL
/WebResource.axd?d=BSNVraPWBvdPK4PFb6oVyb9-1eBy353j45-6NjUY1XVYZqMDOm7yd2C16lH1NYgEr3WDcQcVidLJYD6cLNLfsqOeO1t-UASYNujdhIHRvjc1&t=637453852754849868
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public
Scheme
https
Content-Length
978
Expires
Tue, 26 Apr 2022 04:49:45 GMT
Back-Arrow-Button2.png
img2-azrcdn.newser.com/images/header/ 		271 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/header/Back-Arrow-Button2.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c0e2de1910c51b9146fec0cc847f64b28a62b86f030e1ea05a7d8b05c130dc9f

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0EfqAYAAAAADMheiSZXj4QJbO/7IX/nxTTE9OMjFFREdFMDEwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAAGb+Mrk+VuTrttFOyUEsNZRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
271
logo_white_text4.png
img1-azrcdn.newser.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/logo_white_text4.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c00e4b444e4089660152f10bb0cf87d45be907756bf33150841afc2f8a69d791

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Sat, 08 Aug 2020 15:47:42 GMT
x-azure-ref-originshield
0wnaGYAAAAADwH5b2DIniRZoyfuSn6yPdTE9OMjFFREdFMDIxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADwFKSaSCZfS6JqvDsaMtGmRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
5004
menu2.png
img1-azrcdn.newser.com/images/header/ 		265 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/header/menu2.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0wnaGYAAAAAC7AcvY+vzcTallWGDIIfEkTE9OMjFFREdFMDExMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADUnXe2izekSLMtCPRg7/9sRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
265
next-active.png
img1-azrcdn.newser.com/images/header/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/header/next-active.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0ruaAYAAAAABW6XC3B/JFTK3TFfjgb8PiTE9OMjFFREdFMDIxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAA6dH+sslwAR5wUnUmVnmlARlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1304
next-inactive.png
img1-azrcdn.newser.com/images/header/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/header/next-inactive.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0YgaBYAAAAACkGk40VgtTSIJnNlJpOg1NTE9OMjFFREdFMDEyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAABpvHl6iR0WRpQIKnm02+IiRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1096
prev-active.png
img1-azrcdn.newser.com/images/header/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/header/prev-active.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0AWeGYAAAAAD/HwjhOkP5QZ2v5bX+N01eTE9OMjFFREdFMDIxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAACtQe7r9E+GQoyMF+ukZFEfRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1295
prev-inactive.png
img1-azrcdn.newser.com/images/header/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/header/prev-inactive.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0wnaGYAAAAAC/uVz4UAwIRr0bVrz7GK2JTE9OMjFFREdFMDExOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADv3kpeNvSNTahLv+PfsoO7RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1071
infinity.js.aspx
cdn.engine.4dsply.com/Scripts/ 		179 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
214494920ed035c684b3410272473d8c1d3ff2bda93a7b0b4715c734fe33fc57

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
cache-control
public, no-transform, max-age=900
cf-ray
645fa2833c914dd6-FRA
content-type
application/x-javascript; charset=utf-8
cf-request-id
09afa3e60100004dd615b5a000000001
spacer.gif
img1-azrcdn.newser.com/images/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/spacer.gif
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield
00JaAYAAAAABOmD8e98lUQp1YduPg3iEBTE9OMjFFREdFMDExOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAAdbyPtZ0zSTKn/2V6xE7DhRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/gif
cache-control
max-age=604800
accept-ranges
bytes
content-length
43
Suggest_Icon.png
img1-azrcdn.newser.com/images/ 		723 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/Suggest_Icon.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref-originshield
0GQaBYAAAAAB0Wu5M+5bfSYETPIzx0a1vTE9OMjFFREdFMDExNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAABp1Z2NhQ1KRoJoxdx5S+KiRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
723
Apple.png
img1-azrcdn.newser.com/images/footer/ 		511 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/footer/Apple.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0EfqAYAAAAACDcR25BzSET4WjM7utfbOyTE9OMjFFREdFMDEyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAABj/7btEIb1Q7eigdrr8pEMRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
511
Android.png
img1-azrcdn.newser.com/images/footer/ 		647 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/footer/Android.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
01YyGYAAAAABE/GaeZ9nDT63cB69bwKM6TE9OMjFFREdFMTUyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAABvwhDWePbISY6rQnIfYMXFRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
647
Windows.png
img1-azrcdn.newser.com/images/footer/ 		573 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/footer/Windows.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
01YyGYAAAAAATRVbBXhekT40Z2h4P+rn0TE9OMjFFREdFMDIxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADcYu+eh5TVT7mYWT7pGM/dRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
573
icon-72r2.png
img2-azrcdn.newser.com/images/pwa/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/pwa/icon-72r2.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:15 GMT
x-azure-ref-originshield
01YyGYAAAAADqLvjhyO71RrjDTJguMLmHTE9OMjFFREdFMDEwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAABpUI6VRR3OQo1uoomxE8ozRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
2120
logo-newser-top.jpg
img2-azrcdn.newser.com/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/logo-newser-top.jpg
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d8f64ca73c0faaf5d9d1e56252a2d89a23262ea516e7d731adaf5f255d4081a3

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield
0DGiGYAAAAAD6+kBQFJZ2TJWQSO/2pnGhTE9OMjFFREdFMDExOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAAihqz/bLi6RYFA5UFflrJwRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
28636
1354521-0-20210426054723.jpeg
img2-azrcdn.newser.com/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/image/1354521-0-20210426054723.jpeg?width=105&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b407f19b4a63d79472adfd0b7ed3a4c58e12748b140619096553898d9993eb32

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 26 Apr 2021 10:51:48 GMT
x-azure-ref-originshield
0NJ2GYAAAAACD2OXqyFhzTZOcU+BB+CVvTE9OMjFFREdFMDIyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354521-0-20210426054723.jpeg?width=105&height=76&crop=yes
x-azure-ref
0s6qGYAAAAAAaJZV/hzzCRbfYfpZdHmZ+RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
2957
scheme
https
1354515-0-20210426052208.jpeg
img2-azrcdn.newser.com/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/image/1354515-0-20210426052208.jpeg?width=105&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ff91a33e7a09f6045e38d66a225979897d8c704afff670898a6ee7711579a82f

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 26 Apr 2021 10:27:52 GMT
x-azure-ref-originshield
0c5mGYAAAAAD6QLd5mChaTIcUwOPnpHihTE9OMjFFREdFMDEyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354515-0-20210426052208.jpeg?width=105&height=76&crop=yes
x-azure-ref
0s6qGYAAAAAD6iJlHcIh8S6vM5PnRQInJRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
3313
scheme
https
1354198-0-20210425154558.jpeg
img1-azrcdn.newser.com/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/image/1354198-0-20210425154558.jpeg?width=105&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
48431758a3f77e061b03b2432c09bab93f8292f0f8081096bdfa6a7b0fcf84fe

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Sun, 25 Apr 2021 20:48:06 GMT
x-azure-ref-originshield
0f4OGYAAAAAClyGg1BfTaRbt3HI/IwygiTE9OMjFFREdFMDExOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354198-0-20210425154558.jpeg?width=105&height=76&crop=yes
x-azure-ref
0s6qGYAAAAADl9PenW3J+R79D+lGQOxbIRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
public, max-age=2592000
content-length
1852
scheme
https
1354485-0-20210425153928.jpeg
img2-azrcdn.newser.com/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/image/1354485-0-20210425153928.jpeg?width=105&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
19b92218cd644777e32e479710d1d71570b4e2ba5f6558c944efda747841553c

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Sun, 25 Apr 2021 20:44:47 GMT
x-azure-ref-originshield
0ooaGYAAAAABwgSad+CMRSawoz9gP6vSKTE9OMjFFREdFMDIxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354485-0-20210425153928.jpeg?width=105&height=76&crop=yes
x-azure-ref
0s6qGYAAAAACsoxBC8C2+ToLTde3kGXbiRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
3662
scheme
https
1353723-0-20210425134614.jpeg
img2-azrcdn.newser.com/image/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/image/1353723-0-20210425134614.jpeg?width=105&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1bc725ed81e63e6c320726140b02343158218593252843e11dcf84a897b817eb

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Sun, 25 Apr 2021 18:48:58 GMT
x-azure-ref-originshield
0NJSGYAAAAAA4cNu/gpAdQLeR/di2sa7jTE9OMjFFREdFMDExNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1353723-0-20210425134614.jpeg?width=105&height=76&crop=yes
x-azure-ref
0s6qGYAAAAADM97z13t3YTppnWYdeuTO/RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
2505
scheme
https
1354472-0-20210425122758.jpeg
img1-azrcdn.newser.com/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/image/1354472-0-20210425122758.jpeg?width=105&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
695f471f6dd7ed55a6413cd77660297aaf2b0fc45ccc5d15de88728aa0979360

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Sun, 25 Apr 2021 17:30:49 GMT
x-azure-ref-originshield
05KiFYAAAAADv1kRpIUwKRJ5eH/1EeeP0TE9OMjFFREdFMDIxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354472-0-20210425122758.jpeg?width=105&height=76&crop=yes
x-azure-ref
0s6qGYAAAAAAUVuxrgIHFRL72qKqeAoUQRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
3233
scheme
https
1354454-0-20210425124647.jpeg
img1-azrcdn.newser.com/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/image/1354454-0-20210425124647.jpeg?width=105&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c53e7730a5e3cec28effd0be2f795fca16c270c5a73838a354b9dbdf476ba3c3

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Sun, 25 Apr 2021 18:04:04 GMT
x-azure-ref-originshield
0f4OGYAAAAACRauW++h8eRJeSgBfCgH7lTE9OMjFFREdFMDIyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354454-0-20210425124647.jpeg?width=105&height=76&crop=yes
x-azure-ref
0s6qGYAAAAAAD4KlBZmEbQIi8usSNv49mRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
1664
scheme
https
1354446-0-20210425101813.jpeg
img1-azrcdn.newser.com/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/image/1354446-0-20210425101813.jpeg?width=105&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5bc9f6445aa17af661acf6bda500a78865d086b0a84b427419914c73ca6bb6dd

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Sun, 25 Apr 2021 15:20:47 GMT
x-azure-ref-originshield
0f4OGYAAAAADzV4WBqYm8S4XUhs85gnneTE9OMjFFREdFMDIxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354446-0-20210425101813.jpeg?width=105&height=76&crop=yes
x-azure-ref
0s6qGYAAAAABbgWzQDEVgR7WfRcMWuAlLRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
3776
scheme
https
1354389-0-20210424170813.jpeg
img2-azrcdn.newser.com/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/image/1354389-0-20210424170813.jpeg?width=105&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d75d87fc22a652912a9e07175e4c068604e972a2f8f786e6269e29748ec3a5ca

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Sun, 25 Apr 2021 03:56:23 GMT
x-azure-ref-originshield
0snSFYAAAAAA1VmicdZhrS6ObM20BXcAgTE9OMjFFREdFMTUxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354389-0-20210424170813.jpeg?width=105&height=76&crop=yes
x-azure-ref
0s6qGYAAAAAAHcU+7vH0fSLxORg90FGOkRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
3017
scheme
https
1354383-0-20210424220818.jpeg
img2-azrcdn.newser.com/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/image/1354383-0-20210424220818.jpeg?width=105&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
392d2ce2b1e3bb2e2d06104ee52e93b504619689fd1ab42c58e483abd3b5d4ec

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Sun, 25 Apr 2021 03:24:17 GMT
x-azure-ref-originshield
04OCEYAAAAACbGBS/CfE+QZxjPxmuPWfCTE9OMjFFREdFMTUxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354383-0-20210424220818.jpeg?width=105&height=76&crop=yes
x-azure-ref
0s6qGYAAAAADq1eDRUntWQYSqzLw5vIn1RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
3694
scheme
https
1354355-0-20210424220908.jpeg
img2-azrcdn.newser.com/image/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/image/1354355-0-20210424220908.jpeg?width=105&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0945f6809946a07a2d3e6179b96fa559b18cb6cf8f1124fef1ff6f29235da2c7

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Sun, 25 Apr 2021 03:24:18 GMT
x-azure-ref-originshield
0NJSGYAAAAAB/KJUXueQkT7bsTZUPLgOyTE9OMjFFREdFMDIxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354355-0-20210424220908.jpeg?width=105&height=76&crop=yes
x-azure-ref
0s6qGYAAAAADKmJ/4LQe/TJgth3r3B0CJRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
2441
scheme
https
1354035-0-20210424142424.jpeg
img2-azrcdn.newser.com/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/image/1354035-0-20210424142424.jpeg?width=105&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ef1ed40ca2164437207161ab4c9fd4eae6831dcde78273e70074ea051010f592

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Sat, 24 Apr 2021 19:27:27 GMT
x-azure-ref-originshield
0u6KGYAAAAACB7qyk+GknSKtqpGMhBoLjTE9OMjFFREdFMDExNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354035-0-20210424142424.jpeg?width=105&height=76&crop=yes
x-azure-ref
0s6qGYAAAAAAlTBB65WsaSLbStULQAFa9RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
1787
scheme
https
1346194-0-20210425073458.jpeg
img1-azrcdn.newser.com/image/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/image/1346194-0-20210425073458.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
60ebe8fe961d20cdb3264d98cee38e50d10ba09d97928ae166a03c1acf5a6e79

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Sun, 25 Apr 2021 12:36:52 GMT
x-azure-ref-originshield
0x2mFYAAAAACwNg0Wp5k+TY5rXpjD42tBTE9OMjFFREdFMTUwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1346194-0-20210425073458.jpeg
x-azure-ref
0s6qGYAAAAAANf9m6Mnv2S5obWZr8ax4wRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
15195
scheme
https
facebook_white4.png
img2-azrcdn.newser.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/facebook_white4.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5b93ed81863f445fce8c9fa844f78076bc6ba4831f89e83d9aef021a65137a9d

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Tue, 11 Aug 2020 18:41:10 GMT
x-azure-ref-originshield
0wXiGYAAAAADyCGHbZLTWQpk53Js881vcTE9OMjFFREdFMTUxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAACKTOoEqd4iRrTeoNonaZ6lRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
3923
twitter_white4.png
img1-azrcdn.newser.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/twitter_white4.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
764e2d9c981d4c59ab3b49f663c30341777745a7bfb8b60fe0c617396a42b727

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Tue, 11 Aug 2020 18:50:26 GMT
x-azure-ref-originshield
0po+GYAAAAAAaazxUtM7cSLxAvFWS2k83TE9OMjFFREdFMDIxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADIqNzU1ZDOSL229Y6/m7L6RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
6114
envelope_white3.png
img2-azrcdn.newser.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/envelope_white3.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7439ffb89ed0addf9171c312a6e987f323f9c0852478528d804c0a031e69a2d9

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 10 Aug 2020 22:07:18 GMT
x-azure-ref-originshield
0qbaFYAAAAABTY6aWVfwWQYhgrUWuXeLHTE9OMjFFREdFMDIwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAD59WnrQVaWTbOS6R46Y1UVRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
5290
text_white3.png
img2-azrcdn.newser.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/text_white3.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cfa262af02d97227f04de89b2a5faf13cda98cf8b4991f318d79826cb7546e03

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 10 Aug 2020 22:23:12 GMT
x-azure-ref-originshield
0snSFYAAAAAAixQL32KzJRbVHkKK48O2KTE9OMjFFREdFMDIxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAABqlJF8h+NlSp28RGV28rcbRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
6246
copylink_white3.png
img2-azrcdn.newser.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/copylink_white3.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
59352094433aa8c09e554c87ead604489226e4f28c48aba806a5cf3451596a4e

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 10 Aug 2020 22:12:44 GMT
x-azure-ref-originshield
0snSFYAAAAAB3wUZW0f8wRonMa+PFhTzRTE9OMjFFREdFMDIxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAAehnvY2QFmTqz4NwyPBGX4RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
3980
1354040-11-20210422080332-us-wrongly-thought-diplomat-staged-kidnapping.jpeg
img1-azrcdn.newser.com/image/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/image/1354040-11-20210422080332-us-wrongly-thought-diplomat-staged-kidnapping.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aab36c82cbfb0d7f3604cdb3493161850e68ab6f43df4ae207a70041374c8f95

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 26 Apr 2021 08:29:58 GMT
x-azure-ref-originshield
0s6qGYAAAAADr8T7MhHosTo0NTUjXv56eTE9OMjFFREdFMDExNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354040-11-20210422080332-us-wrongly-thought-diplomat-staged-kidnapping.jpeg
x-azure-ref
0s6qGYAAAAACMbF/ZBEuJT4JF2OXFV5/fRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_REMOTE_HIT
content-type
image/jpeg
cache-control
public, max-age=21600
content-length
32162
scheme
https
imageshrink3.png
img1-azrcdn.newser.com/images/ 		432 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/imageshrink3.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9cf51c1f71e057038994960b9b2f870ba6b82de3e5002695c81c0b6542630ab8

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield
0wXiGYAAAAAAStDVfryxCRal09irNrr26TE9OMjFFREdFMDIxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAACWOlIXNwiOS6K6fSfy3SV7RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
432
imageenlarge3.png
img2-azrcdn.newser.com/images/ 		450 B
683 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/imageenlarge3.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
004f5b53e3b0af46c7b516e3a748b0828193750986f6d3d4571042c3aaf8aa3d

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield
0wXiGYAAAAAAzr/Qf+X8fTZipwrHoupzZTE9OMjFFREdFMDIxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAA3Eo+bD1VgSIMw07SuKaf5RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
450
SignUp.png
img1-azrcdn.newser.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/SignUp.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6987043c1b872ecf61a446206795f72a296544594a965be355c62d1d0357902c

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield
0gi2BYAAAAABr+hJO/sEMT4bgLZLfw39ATE9OMjFFREdFMTUxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAAv9XI3HIxjQ7n5H5QA/jdTRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1289
grid-black.png
img2-azrcdn.newser.com/images/Mobile/ 		652 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/Mobile/grid-black.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d3a06829c824770163d5db87361760c827b78e25708a807c83fe28593c71ec52

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0wXiGYAAAAAAyrp+GzAV5R4lpu7Z+LezbTE9OMjFFREdFMDIwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAC6x61jEEtDRKR3bFA/kImLRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
652
ninesquares.png
img2-azrcdn.newser.com/images/ 		91 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/ninesquares.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4a716586c9c566e1c27a9bec7e06c741f5a40041419206547231f70c77262c17

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield
0SKqGYAAAAAAUaidv7RqNQpFw8MM1P5JyTE9OMjFFREdFMDExMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADbqBO8ZhFRT6OFQMWBVoF5RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
91
rightarrowtransparent.png
img2-azrcdn.newser.com/images/ 		276 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/rightarrowtransparent.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b95e374e88885171c44c508c9e386e92514ffc19d5f8d19222e0c047ce01242b

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield
0wXiGYAAAAAD7FjBuIpZ9TbyQn6uYvBwOTE9OMjFFREdFMTUyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADyy+7abCnVQ4OrJ1hxqH4VRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
276
delivery.js
assets.revcontent.com/master/ 		358 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9d56ba371a99b5c76a73f85319718e8ac8c0bbac5fcc5eccd52656061f02e6d

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 16:20:23 GMT
server
AmazonS3
x-amz-request-id
A6K0G3GG72D0JEP1
etag
"c75fba731f8a2c6605eca5cabf593e6c"
x-hw
1619438259.cds157.fr8.hn,1619438259.cds055.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
103064
x-amz-id-2
pJisy81peHA/cSDp9FJW610GoeSnk6/yoWnLqnjRfvQqLvWA2V6fnODw/Ts4s23J/4ds6QWrM5g=
widget_v3.js
cdn.whizzco.com/scripts/widget/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.whizzco.com/scripts/widget/widget_v3.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194668174020f4c9a143e8ada47099e890c638ddeac13f878c294e4cf9f57202

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
via
1.1 e9f9d4725d6328edca783d6dff756da8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2539
x-cache
Hit from cloudfront
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09afa3e6160000176aaa9b4000000001
last-modified
Thu, 15 Apr 2021 15:54:55 GMT
server
cloudflare
etag
W/"6e2fa2c84cad08fcaf1d6dc32e8609d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=230rb0apoqiyztaWK5l5HpjqBfBFjAl2DR6ho78rQnpYEdaeqvtd3%2BOYWJtPcrapRazIILI%2FE8u6aXy1IE%2FRDhCgTdeuShlHjAxFsxElirLA1N0y1kF6ejuhJnk%3D"}]}
content-type
application/javascript
cache-control
max-age=14400
x-amz-cf-pop
SEA19-C1
cf-ray
645fa2835fe2176a-FRA
x-amz-cf-id
-T07YpFoaDGbchHbtDVxnuL-wryLEjglM1h9TicToz8b3NiaQsU1Qw==
1354417-0-20210425124719.jpeg
img2-azrcdn.newser.com/image/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/image/1354417-0-20210425124719.jpeg?width=76&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a43390d9221c1932b6363b87b2f9ada39f29009d59726c0ece778daf4154de1

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 26 Apr 2021 10:17:37 GMT
x-azure-ref-originshield
0SKqGYAAAAAC+U1KKKlSnSrk1YHTpb6EUTE9OMjFFREdFMDIyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354417-0-20210425124719.jpeg?width=76&height=76&crop=yes
x-azure-ref
0s6qGYAAAAAAZR5OyU2hlTqbEsviJW7YSRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
2402
scheme
https
1354408-0-20210425070658.jpeg
img1-azrcdn.newser.com/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/image/1354408-0-20210425070658.jpeg?width=76&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ca71eab219d850273b3d31594aab3ead49d717612856c6e825c7dedaf57f3fb2

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Sun, 25 Apr 2021 18:36:58 GMT
x-azure-ref-originshield
0Dr+FYAAAAAB3sQLajCx0QZ3yY6US8t4vTE9OMjFFREdFMDIxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354408-0-20210425070658.jpeg?width=76&height=76&crop=yes
x-azure-ref
0s6qGYAAAAAAlQxy5Sh8RQ7jBt4HlS2CdRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
1997
scheme
https
1354411-0-20210426003954.jpeg
img2-azrcdn.newser.com/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/image/1354411-0-20210426003954.jpeg?width=76&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b54568772ef8a0c621b60cdf1f24db74c5108dbd3133ea2a024e13d50d452e59

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 26 Apr 2021 05:43:06 GMT
x-azure-ref-originshield
0wXiGYAAAAACga0LgOKr4R7a0L3d1erv5TE9OMjFFREdFMDExNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354411-0-20210426003954.jpeg?width=76&height=76&crop=yes
x-azure-ref
0s6qGYAAAAABMXIP15k69SJ+TkJ2zt50mRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
1704
scheme
https
1354025-0-20210425152719.jpeg
img2-azrcdn.newser.com/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/image/1354025-0-20210425152719.jpeg?width=76&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5de979b45e3ec35ac840427d8253eb968927b0dcadc5730bfb3ec752290dadd6

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 26 Apr 2021 00:56:06 GMT
x-azure-ref-originshield
08XmGYAAAAAB2JYVF0rtMR4iMj5h2HJqETE9OMjFFREdFMDIxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354025-0-20210425152719.jpeg?width=76&height=76&crop=yes
x-azure-ref
0s6qGYAAAAADxlARiAPH1TbpsWGMpjtrDRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
1822
scheme
https
1354454-0-20210425124647.jpeg
img1-azrcdn.newser.com/image/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/image/1354454-0-20210425124647.jpeg?width=76&height=76&crop=yes
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ea04f751b4d0b37cdbd317309bc60fbd82df9c618b8524be326000abd7787945

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Sun, 25 Apr 2021 20:37:47 GMT
x-azure-ref-originshield
0FpKGYAAAAABKp17OHRe+SYwjgIl+fumKTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1354454-0-20210425124647.jpeg?width=76&height=76&crop=yes
x-azure-ref
0s6qGYAAAAAAwhIkxsUL+TILppj25IWqLRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
1369
scheme
https
1294781-0-20200427124022.jpeg
img2-azrcdn.newser.com/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/image/1294781-0-20200427124022.jpeg?width=76&height=76&crop=y
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ac213428350c605ccc1a805d95bcb46c2e51b9db6a98a4551171e0437072c9c

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 26 Apr 2021 06:04:37 GMT
x-azure-ref-originshield
0JFiGYAAAAAC+wYxJYQdrQ52XDGgLCh+iTE9OMjFFREdFMDExNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/image/1294781-0-20200427124022.jpeg?width=76&height=76&crop=y
x-azure-ref
0s6qGYAAAAAAID0QjeXrkQ4sBKJlexfr0RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
2696
scheme
https
closeX2.png
img2-azrcdn.newser.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/closeX2.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
56b1340415d585288212c79f472c8a9f2cdaa1c2aa3495a54ac2f84703e09ec6

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield
0pveAYAAAAACvVy+f2Ve5QLjFEAj7bUHeTE9OMjFFREdFMDIwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADfZh1LviydQIjqlM9FnWdMRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
3335
us-wrongly-thought-diplomat-staged-his-own-kidnapping.jpeg
img1-azrcdn.newser.com/square-image/305100-20210425073458/
Redirect Chain
  • https://img1-azrcdn.newser.com/square-image/305100-20210425073458/feds-doubted-the-kidnapping-story-they-shouldnt-have.jpeg
  • https://img1-azrcdn.newser.com/square-image/305100-20210425073458/us-wrongly-thought-diplomat-staged-his-own-kidnapping.jpeg
39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305100-20210425073458/us-wrongly-thought-diplomat-staged-his-own-kidnapping.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ee7171a1f00ae9e330eade97c6f34ac4d501f3fd554979e4871cac927e45e73a

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Sun, 25 Apr 2021 12:36:54 GMT
x-azure-ref-originshield
0tKqGYAAAAABEc/MKD9paRZSgG9nSe985TE9OMjFFREdFMDIyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305100-20210425073458/us-wrongly-thought-diplomat-staged-his-own-kidnapping.jpeg
x-azure-ref
0tKqGYAAAAABFWcKbsdhOQ7r5MckIcDGfRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_REMOTE_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
39815
scheme
https

Redirect headers

date
Mon, 26 Apr 2021 11:57:39 GMT
x-azure-ref-originshield
0s6qGYAAAAABXBUxS2NS5QogBBT3QIvAzTE9OMjFFREdFMDIyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305100-20210425073458/feds-doubted-the-kidnapping-story-they-shouldnt-have.jpeg
x-azure-ref
0s6qGYAAAAAC24LNLAx4nRp/b7UviBssKRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_MISS
content-type
text/html
location
//img1-azrcdn.newser.com/square-image/305100-20210425073458/us-wrongly-thought-diplomat-staged-his-own-kidnapping.jpeg
cache-control
private
content-length
0
scheme
https
api.js
www.google.com/recaptcha/ 		850 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b97ff1109b709bf33a4a7593782b6f5f0fe56b3b46ef504dba244a9026c3fdbe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Mon, 26 Apr 2021 11:57:39 GMT
suggest2.png
img2-azrcdn.newser.com/images/footer/ 		560 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/footer/suggest2.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a5ec8330a90caef4a8979d42f25f7e37780ad2cf4d86902b9e47eb57b00eee66

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0SKqGYAAAAACxWZcYCn9zSoE/IR1Mk9FMTE9OMjFFREdFMDIxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAA2zdWAIe5DR6C1z6zVSHAvRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
560
settings2-white.png
img1-azrcdn.newser.com/images/footer/ 		709 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/footer/settings2-white.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a1b54acfbe06d7df692389f781ce59e80007ee8fb61e64b00156668858113a29

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
00JaAYAAAAAB/kxRq3pTDRL5bT42fEyMhTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAAgEMJrrjYmRLBgdDUyjvqjRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
709
newsletter_white.svg
img2-azrcdn.newser.com/images/header/ 		912 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/header/newsletter_white.svg
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0qbaFYAAAAAClHZZqM142QK0jPg7PBARYTE9OMjFFREdFMTUxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAD6wvdl9TPyQYT0ByYvfexYRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
content-length
912
/
loadus.exelator.com/load/ 		124 B
506 B 		Script
General
Check archive.org
Download Go to
Full URL
https://loadus.exelator.com/load/?p=320&g=001&c=700151&ctg=world&subctg=&ag=&gd=
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
content-type
application/x-javascript;charset=UTF-8
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
dpx.js
i.simpli.fi/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/dpx.js?cid=3056&m=1&referrer=http://www.newser.com
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b3.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Mon, 26 Apr 2021 11:57:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3095
x-request-id
FnlmhGK9HzNqzxEVhGri
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
newser.js
tru.am/scripts/custom/ 		752 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tru.am/scripts/custom/newser.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c09c2c7425fda774f4011b834ca8f377d98c8e9d38f66eee20b2fd71c5650874

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=HHMFVQ==, md5=YD2Os7/Bgy93gp9rz4YV2w==
date
Mon, 26 Apr 2021 11:57:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
282811
x-guploader-uploadid
ABg5-UzE_7EkqlJwGq9Xy68Exp8OlBx10wTxnEwUj6M9wSYNMyVCJ4cSjeJDKgF6yZwY06GTYVFbeM0f2G31Vf5ut5UWo3SeRQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09afa3e5e900004aaa343d3000000001
last-modified
Tue, 06 Aug 2019 16:32:50 GMT
server
cloudflare
etag
W/"603d8eb3bfc1832f77829f6bcf8615db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CFBBusn31KkVlwOUpovR1SuWjP6SYhfZ2ymBzObAylt5TQhkhwArz%2FPw%2FJBHqRsBS0iOCKgF1M8rbeSoj4cJyK4j1S9ocpABkI35nTK%2B2Y7Adlo%3D"}],"max_age":604800}
x-goog-generation
1565109170901438
content-type
text/javascript
cache-control
public, max-age=2678400
x-goog-stored-content-length
752
cf-ray
645fa2830cd34aaa-FRA
expires
Fri, 23 Apr 2021 06:24:07 GMT
abp.png
img2-azrcdn.newser.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/abp.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref-originshield
0g3iGYAAAAAA9LA7gF61wS5PJ1wREzwkLTE9OMjFFREdFMDIxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAABv8VJ87FNqSJ/qcUL67oyERlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1639
ubo.png
img2-azrcdn.newser.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/ubo.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref-originshield
0SKqGYAAAAAA99+aD0dS4SokiZ10c5nFtTE9OMjFFREdFMDEwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAAwmPFZ9Si0Tbp2hw4xzoThRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1613
ghostery.png
img1-azrcdn.newser.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/ghostery.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield
0wnaGYAAAAADd6P0vl5g/Q5ueOg/bs+ddTE9OMjFFREdFMTUxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADEnPmsCmvTRoHEpz76hB0YRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1612
bZddvKsuEo.js
www.newser.com/54G/eibNhUZW/dQxvrA/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newser.com/54G/eibNhUZW/dQxvrA/bZddvKsuEo.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.114.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d42cc9e1b906c512899ad5513baa71511929b1749f0f8603d6a6ec2d91432b30

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.newser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Cookie
ASP.NET_SessionId=2ydpb3u0mdsnmpfshux5s2ce; USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1454384860
Connection
keep-alive
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
X-Tornado
yes
Content-Length
5682
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fea33f31bdbc5d0213fc42cea42c6dbc41a7ea5b922a55c287205bd8e7cdbc1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Cy9r5XbDCAsDijcXTDb36Q==
cross-origin-resource-policy
cross-origin
expires
Mon, 26 Apr 2021 12:01:49 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
x-fb-rlafr
0
x-fb-debug
J8EF61SFDiEMLACELzti5rgcHyEBlxjKzxTEzVvQJepeCTQvJ2tn+vLU8LWhJAxnjjVbzjEVJbLWvB3/yadeIQ==
x-fb-trip-id
686109401
x-fb-content-md5
14f3e552e6ec8d7253d4e19549605df7
date
Mon, 26 Apr 2021 11:57:39 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"09e7f1c5331be46928a77718f6ccf4b6"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
calendar_close.png
img1-azrcdn.newser.com/images/ 		303 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/calendar_close.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref-originshield
0r+aAYAAAAAAPW3KelqcMQa9iyFqF7bhiTE9OMjFFREdFMTUwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAAjoMFgkm5aTIUhejv01/Y/RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
303
left_month.png
img1-azrcdn.newser.com/images/ 		274 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/left_month.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield
01YyGYAAAAABcGl9WUi1nSLQfaf42Nj7DTE9OMjFFREdFMTUxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAABmG9qpiMdMQ5y2BsuiJpBsRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
274
right_month.png
img2-azrcdn.newser.com/images/ 		259 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/right_month.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield
01YyGYAAAAADaSdmWT2U3R67F+SRPrxTRTE9OMjFFREdFMTUyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAAEbpORvR4NT5Amf45UohCuRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
259
newsern2.png
img2-azrcdn.newser.com/images/header/ 		782 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/header/newsern2.png
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3f9ebf128c9383c5fc8f3a73439f0e2dfb997f34318383e554b124e37c319c2e

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0DWiGYAAAAABC+rRTTPH0TrQos/rG2ENdTE9OMjFFREdFMDIxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADJOyoOE7TNQZ1WwL9YZAGzRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
782
triangle_white_down.svg
img1-azrcdn.newser.com/images/header/ 		618 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/header/triangle_white_down.svg
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0jw6BYAAAAAAq6NCU6W5sQoEH4M/vUqL1TE9OMjFFREdFMDIwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAC5Zno2EuegT7gX5Uq1OKM5RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
content-length
618
user_white.svg
img2-azrcdn.newser.com/images/header/ 		1 KB
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/header/user_white.svg
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
content-encoding
br
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0EfqAYAAAAABr1+ZAlckkR6WocUbohrYCTE9OMjFFREdFMTUxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAD6n0pqLY52QqlH183cHwK9RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
search_white.svg
img2-azrcdn.newser.com/images/header/ 		916 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/header/search_white.svg
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
01YyGYAAAAACNU/lRk+NEQIM8EwSqzpReTE9OMjFFREdFMDEwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAABZkWx43WYxTKk8mvdM++TGRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
content-length
916
info-white.png
img2-azrcdn.newser.com/images/header/ 		433 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/header/info-white.png
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0g3iGYAAAAACJagalLg4lSIMQcIM1Rq7qTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADhcP8Hotd1R7F4HwiRqCa4RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
433
settings2-white.jpg
img1-azrcdn.newser.com/images/header/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/header/settings2-white.jpg
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0wnaGYAAAAACZXvjlNvokSrMDkxjRckxbTE9OMjFFREdFMTUyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAD3g+Aig7Q5Q7b/StU8pW/6RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
1244
left_inactive.png
img2-azrcdn.newser.com/images/ 		531 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/left_inactive.png
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
91651ffba64af316abc6706ced9a15cb7a48545d26c93fc02b18b1aece1e2089

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield
0q7mFYAAAAAAeNRWv81pLQKoppq5HC27pTE9OMjFFREdFMDExMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAABrpGP+Yk9vRbPhz7BjqIvnRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
531
right_inactive.png
img1-azrcdn.newser.com/images/ 		529 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/right_inactive.png
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fe5aba0ddb4e89693b7cf6f94dec5ffad359b3f61445798f112a2f295fe865cc

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield
00IOGYAAAAABps6u66rYwSoHSDdVlOsm1TE9OMjFFREdFMTUyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADg1K5sq7TvQ43rtXtiuy7vRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
529
speechbubble3.png
img2-azrcdn.newser.com/images/ 		304 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/speechbubble3.png
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d8a8bbee03096f025ee76c6f3dfc3a74e5db52d65fca6f13169648637e5fbfc6

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield
0wXiGYAAAAAC22sWAOZNHQZlR1tzRnHzYTE9OMjFFREdFMTUwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAAB7t/D/iyogQYoSAu+5LNGDRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
304
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.newser.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 00:12:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
560728
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Wed, 20 Apr 2022 00:12:11 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.newser.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
332530
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:35:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.newser.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
382447
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 22 Apr 2022 01:43:32 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.newser.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:35:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
332528
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17304
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:35:31 GMT
latest.js
global.proper.io/payloads/ 		319 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/newser.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Jan 2021 15:33:24 GMT
server
cloudflare
age
2991318
etag
W/"5fff12c4-4fbd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
645fa283ef674ec1-FRA
cf-request-id
09afa3e67200004ec1612f5000000001
expires
Mon, 26 Apr 2021 12:02:39 GMT
sdk.js
connect.facebook.net/en_US/ 		218 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=b19a77f2e54a38f6192ff01d3f66ba14&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
afccc68137a6c79e137fe2888b6955f0f3187f0af65fc2eabe4b9783f07861de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.newser.com
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
38ecOYXde4pypoSaQvXEgQ==
cross-origin-resource-policy
cross-origin
expires
Tue, 26 Apr 2022 10:05:04 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66009
x-fb-rlafr
0
x-fb-debug
REXVhMaj5HSBeo0JOfxqNrWUvTsDkVBhhdcgsCJGS3HjmcquEA6/+bjrPDiur2mpmj2i45lI3L73KvaaEcnB4w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
b65cbc683aa1031b5cb3e453bdfc9dab
date
Mon, 26 Apr 2021 11:57:39 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"b52ecaf5525fc30deeefe695988fd208"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ 		334 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.newser.com
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 09:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8392
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133604
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Apr 2022 09:37:47 GMT
emailbox.svg
img2-azrcdn.newser.com/images/inputboxes/ 		967 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/inputboxes/emailbox.svg
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a8d51e44aebeb14e1eaf612b0af9fd0e05e81bf5c6f191bc52d8f1a3fcd79a9d

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0r+aAYAAAAAAM2VVERUWCQrBSbNLSV6olTE9OMjFFREdFMDIxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0s6qGYAAAAADNrT3VHnprSpTPRuqOKX/+RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
content-length
967
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.newser.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 04:23:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
113656
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Mon, 25 Apr 2022 04:23:23 GMT
t
jadserve.postrelease.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.108.168 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
27e62460ef6782469e782fb1285fb60fa684e5fd45418bd909dc55e0ae8dac1e

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
1169
expires
Mon, 1 Jan 1990 12:00:00 GMT
rules-p-8dMeaPxgtnRKk.js
rules.quantcount.com/ 		3 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-8dMeaPxgtnRKk.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:5800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 07:08:10 GMT
via
1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
age
17370
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:13:40 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
x-amz-cf-id
XLo4Zf2pVc5JHBChdVoKiZvrcotNfwzW4c6ZM9HefiTU3AoVeSqeZA==
pixel;r=905664052;rf=3;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=905664052;rf=3;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more;uht=2;fpan=1;fpa=P0-906156759-1619438259862;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;ref=;d=newser.com;je=0;sr=1600x1200x24;dst=1;et=1619438259861;tzo=-120;ogl=title.Feds%20Doubted%20the%20Kidnapping%20Story%252E%20They%20Shouldn't%20Have%2Cdescription.The%20truth%20of%20John%20Patterson's%201974%20disappearance%20was%20much%20more%20grim%2Ctype.article%2Cimage.https%3A%2F%2Fimg1-azrcdn%252Enewser%252Ecom%2Fimage%2F1354040-12-20210425073458%252Ejpeg%2Curl.https%3A%2F%2Fwww%252Enewser%252Ecom%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-k%2Csite_name.Newser%2Clocale.en_US
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-21.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:34:59 GMT
via
1.1 b7f1ef8baa42cd103b00928d6f7d73b6.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1361
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
fhCMJ_t-Cf8mtcPwW75lyNB6Z69bVNDdJs_EVVkU8A1TVl0ryOx53Q==
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:f400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 16:18:05 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 00:04:46 GMT
server
nginx
age
70774
etag
W/"60665f9e-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 fcb5d6664fcce90309288d9ff2cfb9a5.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
pJUGsWR-j2hbAj0z32U21uZeQ_k6nxukrgsK7r-S6Kvi88LtCKyMpQ==
expires
Mon, 26 Apr 2021 16:18:05 GMT
pixel.gif
load77.exelator.com/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzUJO/nv8xwJAA==
date
Mon, 26 Apr 2021 11:57:39 GMT
etag
"59f0c3fc-2b"
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
x-77-nzt-ray
oscKEnl7vhA=
x-77-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-cache
HIT
x-age
597235
accept-ranges
bytes
x-77-pop
frankfurtDE
content-length
43
expires
Sat, 01 May 2021 14:03:44 GMT
ta-pagesocial-sdk.js
tru.am/scripts/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by
Host: tru.am
URL: https://tru.am/scripts/custom/newser.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=189alg==, md5=Aq8QqpKO913oQSpg0Lh6TA==
date
Mon, 26 Apr 2021 11:57:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
313213
x-guploader-uploadid
ABg5-UxwAw3e9JupBiTmSQ9vTk52uE-g9NB-1xvPW1BMEKaU2eH0cz40skPvt5lLqp5kV5xl8PNcfxxKMl027-OfjWC38ENzdg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09afa3e6a60000dfb7360d0000000001
last-modified
Wed, 11 Nov 2020 17:32:38 GMT
server
cloudflare
etag
W/"02af10aa928ef75de8412a60d0b87a4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dVlQreWBu0SVe%2BsRBYn4reiAdI62xQdmW%2FlhQX5RXEkgjeiwiuPB7dd1PSv3aqmg3NTXbTUsxWjNvP1Y4bFFwbfk4GBax7aQj1aSND%2FPcWYJzuc%3D"}],"group":"cf-nel"}
x-goog-generation
1605115958819708
content-type
text/javascript
cache-control
public, max-age=2678400
x-goog-stored-content-length
27827
cf-ray
645fa2843c51dfb7-FRA
expires
Thu, 22 Apr 2021 21:44:36 GMT
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:5800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:17:30 GMT
via
1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
age
2409
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 02:39:21 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
x-amz-cf-id
iRLxMfhMfE1Tg0u2j2zEYfkhDXyMGipMFO6lg5P1TM_n6ThYycpeHw==
pixel;r=2036146369;rf=3;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2036146369;rf=3;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more;uht=2;fpan=0;fpa=P0-906156759-1619438259862;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;ref=;d=newser.com;je=0;sr=1600x1200x24;dst=1;et=1619438259896;tzo=-120;ogl=title.Feds%20Doubted%20the%20Kidnapping%20Story%252E%20They%20Shouldn't%20Have%2Cdescription.The%20truth%20of%20John%20Patterson's%201974%20disappearance%20was%20much%20more%20grim%2Ctype.article%2Cimage.https%3A%2F%2Fimg1-azrcdn%252Enewser%252Ecom%2Fimage%2F1354040-12-20210425073458%252Ejpeg%2Curl.https%3A%2F%2Fwww%252Enewser%252Ecom%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-k%2Csite_name.Newser%2Clocale.en_US
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:39 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/54G/eibNhUZW/dQxvrA/bZddvKsuEo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48209
x-xss-protection
0
server
cafe
etag
2341374986041078434
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 26 Apr 2021 11:57:39 GMT
advertising.js
rddywd.com/ 		9 B
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rddywd.com/advertising.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/54G/eibNhUZW/dQxvrA/bZddvKsuEo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
36113
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9
cf-request-id
09afa3e6f70000c2770c2a1000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jAShXDLzN%2BK6NpFgCrJwhLNnQ81uJreOTY%2FPoBhD%2FSsL%2F6OcZe9HX%2FSyYl4WsCgWiUrupbvUzNy7Dd9KxKCQipExqQGX1L5wGISkSzs%2FbukrP3Svi%2BGJ"}],"max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86401
accept-ranges
bytes
cf-ray
645fa284bf00c277-FRA
adcode.png
rddywd.com/ 		43 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rddywd.com/adcode.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin
https://www.newser.com
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
22911
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
09afa3e6f800004ec8ba202000000001
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VqqdNNW8bfFfDJE%2BBib9p4QU2y5mCedEyG09kyd0eiQFVutzDjmPLZ%2B4cOpM07WUyNc0bG1CnOvZrVsMbRCiBq6S741wGHpO287VaRVzCi%2FHsxABxH9t"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86401
accept-ranges
bytes
cf-ray
645fa284bd924ec8-FRA
generate_204
www.googleapis.com/ 		0
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:39 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
widget_iframe.63899b173766ee6f8a729a72b542b0fb.html
platform.twitter.com/widgets/ Frame 7901 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.63899b173766ee6f8a729a72b542b0fb.html?origin=https%3A%2F%2Fwww.newser.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668A) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
890903
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 26 Apr 2021 11:57:39 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Thu, 15 Apr 2021 22:44:33 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668A)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
anchor
www.google.com/recaptcha/api2/ Frame 7D66 		20 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLeSUTAAAAAMogW1JMPzBSuKJhK1kWt2QZ4XvU&co=aHR0cHM6Ly93d3cubmV3c2VyLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=2jyzcwj44ltb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cb2259c90e94db192ec8354abefa348eea93751deb94f457357cb2a92b809f08
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OsFHdI22bHWGLGNreak5HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfLeSUTAAAAAMogW1JMPzBSuKJhK1kWt2QZ4XvU&co=aHR0cHM6Ly93d3cubmV3c2VyLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=2jyzcwj44ltb
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 26 Apr 2021 11:57:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-OsFHdI22bHWGLGNreak5HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10935
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Cookie set utility.aspx
www.newser.com/ 		0
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newser.com/utility.aspx?function=metricsab&b=false&platform=D&visitorid=1454384860&visitorclassification=P
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20210409_1520/jquery-1.12.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.114.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.newser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
ASP.NET_SessionId=2ydpb3u0mdsnmpfshux5s2ce; USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1454384860; __qca=P0-906156759-1619438259862; _pubcid=1d07aa5b-6ba7-452c-8595-a28c946d1faa
Connection
keep-alive
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Accept
*/*
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:40 GMT
RawURL
/utility.aspx?function=metricsab&b=false&platform=D&visitorid=1454384860&visitorclassification=P
Content-Type
text/html
Scheme
https
Cache-Control
private, no-store
Set-Cookie
USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1454384860; expires=Thu, 24-Apr-2031 11:57:40 GMT; path=/; secure; SameSite=Lax USERSETTINGS=; expires=Sun, 25-Apr-2021 11:57:40 GMT; path=/; secure; SameSite=Lax
Content-Length
0
Expires
Mon, 26 Apr 2021 11:56:40 GMT
beacon
beacon.tru.am/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://beacon.tru.am/beacon
Requested by
Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
surrogate-control
no-store
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09afa3e7400000beb5b2394000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=euTBmpgzCNC5DZg%2Fp7ZpTV1jhTyEx0c%2Fqqd0RtoA5253J5kpzc48GsE6blBBKAuhIo7MgdYV9Rj1YL%2FzMzgIjoUOZB2fUTJgf6UiWi4DIT%2BHT88Pxv8JgH2D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
645fa2853b37beb5-FRA
expires
Thu, 01 Jan 1970 00:00:00 UTC
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035830&ns__t=1619438260012&ns_c=UTF-8&cv=3.5&c8=Feds%20Doubted%20the%20Kidnapping%20Story.%20They%20Shouldn%27t%20Have&c7=https%3A%2F%2Fwww.newser.com%2F...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1619438260012&ns_c=UTF-8&cv=3.5&c8=Feds%20Doubted%20the%20Kidnapping%20Story.%20They%20Shouldn%27t%20Have&c7=https%3A%2F%2Fwww.newser.com%2...
64 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1619438260012&ns_c=UTF-8&cv=3.5&c8=Feds%20Doubted%20the%20Kidnapping%20Story.%20They%20Shouldn%27t%20Have&c7=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&c9=
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-21.mad50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
via
1.1 b7f1ef8baa42cd103b00928d6f7d73b6.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
W1ETtECafovC8KJpSXAZPVgozQRVQLlyUJokxZtGRhqhBuo5bkgVLw==

Redirect headers

date
Mon, 26 Apr 2021 11:57:40 GMT
via
1.1 b7f1ef8baa42cd103b00928d6f7d73b6.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1619438260012&ns_c=UTF-8&cv=3.5&c8=Feds%20Doubted%20the%20Kidnapping%20Story.%20They%20Shouldn't%20Have&c7=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&c9=
content-length
371
x-amz-cf-id
EUe4KrNmQRkveMvaLxqq8eDPRE_skvdngcFpdxVzzcrwlGoqhNCfLQ==
ping
ping.chartbeat.net/ 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=newser.com&p=%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html&u=Dr6phPDqgWhYDyV5QD&d=newser.com&g=19359&g0=World&g1=Kate%20Seamons&n=1&f=00001&c=0&x=0&m=0&y=2391&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2255&_c=rss_taglines_more&_m=uol&_x=part&t=Dua4wOTcfxUCzlTf49h832Bai_XM&V=126&i=Feds%20Doubted%20the%20Kidnapping%20Story.%20They%20Shouldn%27t%20Have&tz=-120&sn=1&sv=CrtnpxBkKC1aD4aFF1C7qsv6a7e7P&sd=1&im=067bffff&_
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.8.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
/
trends.revcontent.com/api/demand/ 		52 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=113220
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:40 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.revcontent.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:40 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D1d07aa5b-6ba7-452c-8595-a28c946d1faa%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D1d07aa5b-6ba7-452c-8595-a28c946d1faa%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=1d07aa5b-6ba7-452c-8595-a28c946d1faa&uid=0399a166-cc6f-4c54-b96b-6994f34bd5fa
183 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=1d07aa5b-6ba7-452c-8595-a28c946d1faa&uid=0399a166-cc6f-4c54-b96b-6994f34bd5fa
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.196.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ce0fe60f324df2aacdcc306fa17b4cf1b66227ed8fc0406df0d5ecfdda833fee

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Apr 2021 11:57:40 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=1d07aa5b-6ba7-452c-8595-a28c946d1faa&uid=0399a166-cc6f-4c54-b96b-6994f34bd5fa
date
Mon, 26 Apr 2021 11:57:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_7de39cd4_5b934916_2
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_7de39cd4_5b934916_2&verify=true
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-mOy0NbFE2uHeqr1IlR9OKCqKV36lHoJv~A
155 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-mOy0NbFE2uHeqr1IlR9OKCqKV36lHoJv~A
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.196.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b0763b05f76f3c2a0d56bf41801683e8dbf116e220b2f6f1aa04a87c93342f33

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Apr 2021 11:57:40 GMT
server
nginx/1.18.0
content-length
155
content-type
text/javascript

Redirect headers

Date
Mon, 26 Apr 2021 11:57:40 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-mOy0NbFE2uHeqr1IlR9OKCqKV36lHoJv~A
Connection
keep-alive
Content-Length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2bd87606287ca15f713a40bebb5853a144dae7ddbc579705ed200485fccfa028
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"853 / 376 of 1000 / last-modified: 1619435394"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21096
x-xss-protection
0
expires
Mon, 26 Apr 2021 11:57:40 GMT
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.170.237 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-170-237.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Apr 2021 11:57:40 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
/
hb.emxdgt.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1000&ts=1619438260062
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
trinity.json
apex.go.sonobi.com/ 		412 B
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22ccc7fe6434fb66ae834a%22%3A%22ccc7fe6434fb66ae834a%7C728x90%7C0.1%22%2C%2264e595c20b879f62c834%22%3A%2264e595c20b879f62c834%7C728x90%7C0.1%22%2C%224329af1e77c12b95f021%22%3A%224329af1e77c12b95f021%7C728x90%7C0.1%22%2C%22b9b670b5118ecbbec418%22%3A%22b9b670b5118ecbbec418%7C728x90%7C0.1%22%2C%22bccd950d196af58b68c7%22%3A%22bccd950d196af58b68c7%7C160x600%7C0.1%22%2C%223e896bba6a9e433a67ba%22%3A%223e896bba6a9e433a67ba%7C160x600%7C0.1%22%2C%22359f4c73319943db4060%22%3A%22359f4c73319943db4060%7C300x250%7C0.1%22%2C%2270ecbdaffd649ade3db4%22%3A%2270ecbdaffd649ade3db4%7C300x250%7C0.1%22%2C%229b8c0615da0c258ca69d%22%3A%229b8c0615da0c258ca69d%7C300x250%7C0.1%22%2C%22dae9eb06db33234c452d%22%3A%22dae9eb06db33234c452d%7C300x250%7C0.1%22%2C%2264f2e150491fa490d736%22%3A%2264f2e150491fa490d736%7C300x250%7C0.1%22%2C%225b4b367abbd6bcd0d179%22%3A%225b4b367abbd6bcd0d179%7C300x600%7C0.1%22%2C%228e34e02f83137f40cfcd%22%3A%228e34e02f83137f40cfcd%7C300x600%7C0.1%22%7D&ref=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&s=f26c7975-eac9-44e9-814f-8f1d70b0c13a&pv=5ce12c85-bb05-4689-a2c0-52a00f16855a&vp=desktop&lib_name=prebid&lib_v=3.26.0&us=1&ius=1&userid=1d07aa5b-6ba7-452c-8595-a28c946d1faa&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
6fb3e855e2d9d1cdad42abf72559469349e0ad63582d6b1296a420c3e24507a2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:40 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.newser.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
276
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:51:45 GMT
content-encoding
gzip
server
Server
age
355
etag
433bd8b9aebf928ab8f51e43abc531d2
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 adaa7e69b304066aa4eaf0d2190ecfd7.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
FUA623DCjlDRvcvJxerHmi4TRUp1BV44
x-amz-cf-id
Ifkso_cNb2M4GgEFSSk-X_2m8-QgWFxgFkDQ7LFOhvi8IOq0KHWqbw==
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
dmx.districtm.io/b/ 		0
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
cf-ray
645fa285cef8cdab-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
09afa3e79c0000cdab2bbae000000001
prebid
ib.adnxs.com/ut/v3/ 		799 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
5ebd64cc00c3d7fdc052a0210d2805b2112ed47233e7657a82b2a90e30b61bf9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 26 Apr 2021 11:57:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
89.249.64.203; 89.249.64.203; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.82:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f65d75ac-c762-4ac3-b46f-500371b969bd
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.newser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Ly7nxP2ukzmD5nd8HuLUqVcX&bidId=Ly7nxP2ukzmD5nd8HuLUqVcX&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.21.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:40 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=ycvGc3j5nTHsKQaxwLTJaTJJ&bidId=ycvGc3j5nTHsKQaxwLTJaTJJ&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.21.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:40 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=bRZAv3qG5YWguiCbD5FPfusN&bidId=bRZAv3qG5YWguiCbD5FPfusN&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.21.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:40 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=8Ev8zBVFzzyUGKuGWacMJ2pu&bidId=8Ev8zBVFzzyUGKuGWacMJ2pu&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.21.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:40 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=SEVLz4RC2oMeHtE7eRTrfno9&bidId=SEVLz4RC2oMeHtE7eRTrfno9&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.21.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:40 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=4bi1St8Jm1Jrp5WDdLaP9DyP&bidId=4bi1St8Jm1Jrp5WDdLaP9DyP&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.21.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:40 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=axXXn1LpFGmpAFGYBswnx4He&bidId=axXXn1LpFGmpAFGYBswnx4He&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.21.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:40 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=TNtnrsKyouai7gheWgHJredz&bidId=TNtnrsKyouai7gheWgHJredz&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.21.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:40 GMT
access-control-allow-credentials
true
vary
Origin
mvo
tag.1rx.io/rmp/214194/0/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/214194/0/mvo?z=1r&hbv=3.26,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
pragma
no-cache
date
Mon, 26 Apr 2021 11:57:40 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
fastlane.json
fastlane.rubiconproject.com/a/api/ 		699 B
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=345018&zone_id=1856232&size_id=15&alt_size_ids=2%2C9%2C10%3B2%2C9%2C10%3B2%3B2%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=6befcdd1-76eb-4eda-91e2-36c522c19cb4%3Bed4c23b8-948f-474a-ac57-2a446380f5e0%3B146300b2-947f-41ad-9e8b-fdd46be213e8%3B183c70ff-6878-4a3f-8966-bc34aba65131%3B009d730b-b2b4-42bb-9465-56d43a08e2b3&p_screen_res=1600x1200&tg_fl.eid=1856232-1%3B1856232-2%3B1856232-3%3B1856232-4%3B1856232-5&rf=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&x_source.pchain=proper.io%3Ae5961d07-eb92-11e9-a488-69e3386c7506&rp_schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&slots=5&rand=0.3484389626320723
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9abdd4b576a68c1a29edab7c5fbd8af6555f0185b65215b13b0e48dbf47d5844

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:40 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.newser.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
699
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
propermedia-d.openx.net/w/1.0/ 		173 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&aus=728x90%7C728x90%2C300x250%7C300x250%7C160x600%2C300x250%2C300x600%7C160x600%2C300x250%2C300x600%7C728x90%7C728x90%2C300x250&auid=542378248%2C542378249%2C542378250%2C542378251%2C542378252%2C542378253%2C542378254&aumfs=100%2C100%2C100%2C100%2C100%2C100%2C100&dddid=c443d2cb-318c-4eeb-88df-16fa5e1e9583%2Cd14e6e5d-9dd0-4ccc-945e-41f5874feead%2C21d5ee46-7067-431c-8375-807d0b3b7037%2C9ed5808b-3e4c-4c2e-8ab4-feda7416a209%2Cb1358ec3-27fa-4f33-9a7d-d82b64a123bc%2Cfc54042a-4b08-4292-b684-ce444e5d7f70%2C38d5cd25-5a36-41b4-9ed9-68eea877ffd5&divIds=openx-3a314531-3aca-446b-acfb-a65d56ad3c2b%2Copenx-73a945f4-20e1-4a71-aaa9-8f705c7e0a0e%2Copenx-f3dd359a-2cef-4e6f-bd5c-114838db8f3c%2Copenx-b3f8154d-d936-4a01-95a1-5d6b085604b3%2Copenx-101c5341-9797-4bcc-a412-0b3482cc5480%2Copenx-9a311ae4-179d-4445-a7c7-6aa8458b4aa4%2Copenx-cec6068e-321d-4514-bed4-bece7d186bcd&be=1&bc=hb_pb_3.0.1&nocache=1619438260070&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
d8681f58e32b5f88d2d5908f03df48466abea3492a0037e127f6dc50792194a8

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newser.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=29&wv=3.26.0&cb=23023136863&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:39 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
headertag
as-sec.casalemedia.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%22185362539%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-FxGQK%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-FxGQK%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-2-nV0az%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-nV0az%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-3-RROVM%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-3-RROVM%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-4-RDnvV%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-4-RDnvV%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22160x600-1-aEoKr%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-1-aEoKr%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22160x600-2-BW8w2%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-2-BW8w2%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-1-p0iMY%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-p0iMY%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-2-KkVXk%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-KkVXk%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-3-VAqd8%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-VAqd8%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-4-OElzw%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-4-OElzw%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-5-A3Fqy%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-5-A3Fqy%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x600-1-dB565%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-dB565%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x600-2-zr553%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-2-zr553%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&t=300&fn=window.proper_998800f0_7bbac70e_3
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
622cb5c3b8b132ae76ae23953e341efa833dfdbe232d776919bbb67e23ba12ea

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:40 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1462
Expires
Mon, 26 Apr 2021 11:57:40 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		408 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
e8029618116c0a15a921368667fe90448d20dde10339aa8fa9d0844080e40e8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:39 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
37
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
408
expires
0
hb
ssc.33across.com/api/v1/ 		87 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
80b65a43e05bc5288e9d3518505cb1a9aecaa2ef814fd93121df26f28f332a88

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
be1fe6ffaf80d817687ef8e757d9ae298ecec2ca89adb04a26c77dbcdf444f4d

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
d0c9fba34d6c385baa45e09556ffa98e4f617a9251eee6c432533f121cc27fec

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
a0fe7023f569ee486074cb05c6055223e399b0f80961df7db5365a8a470a328e

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
5d78d2f1b38669d4d7d97bf6c79da5c93f2755276d6420ffe591a04f24c2c9d8

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
a2a82eeb9ab6132115a4ac7fd50fef844e00dca4813ad53126554bc77f32da96

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
c4c04f43b059e9f1d8eccacedd47c55f7f3668226946342d28594d45d0375402

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
bcc284b7b52478a7a983b4a14b79610bb644f87d91ada020860e3082c9dcf5e9

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
settings
syndication.twitter.com/ Frame 7901 		183 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=544a8c3116c83e5daf2c1bb576637bc9624ac595
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.63899b173766ee6f8a729a72b542b0fb.html?origin=https%3A%2F%2Fwww.newser.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_devel /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
last-modified
Mon, 26 Apr 2021 11:57:40 GMT
server
tsa_devel
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
1621fae074f68dfbcc0bd8e68dcab5399ec76446362b94ea69e41c4f282abc8e
content-length
152
styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 7D66 		51 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLeSUTAAAAAMogW1JMPzBSuKJhK1kWt2QZ4XvU&co=aHR0cHM6Ly93d3cubmV3c2VyLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=2jyzcwj44ltb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 09:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
age
7860
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25722
x-xss-protection
0
expires
Tue, 26 Apr 2022 09:46:40 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 7D66 		334 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLeSUTAAAAAMogW1JMPzBSuKJhK1kWt2QZ4XvU&co=aHR0cHM6Ly93d3cubmV3c2VyLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=2jyzcwj44ltb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 09:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8393
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133604
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Apr 2022 09:37:47 GMT
pubads_impl_2021042001.js
securepubads.g.doubleclick.net/gpt/ 		301 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Apr 2021 08:40:14 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107961
x-xss-protection
0
expires
Mon, 26 Apr 2021 11:57:40 GMT
LY1eXRqVh2PMAD3FKRdx1Jtcigwjhw1eJUeWho-dVvY.js
www.google.com/js/bg/ Frame 7D66 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/LY1eXRqVh2PMAD3FKRdx1Jtcigwjhw1eJUeWho-dVvY.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d8d5e5d1a958763cc003dc5291771d49b5c8a0c23870d5e254796868f9d56f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLeSUTAAAAAMogW1JMPzBSuKJhK1kWt2QZ4XvU&co=aHR0cHM6Ly93d3cubmV3c2VyLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=2jyzcwj44ltb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 11:11:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:30:00 GMT
server
sffe
age
348360
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5749
x-xss-protection
0
expires
Fri, 22 Apr 2022 11:11:40 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 7D66 		102 B
131 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLeSUTAAAAAMogW1JMPzBSuKJhK1kWt2QZ4XvU&co=aHR0cHM6Ly93d3cubmV3c2VyLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=2jyzcwj44ltb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5d77edb71e1031ff06541a7a2bd05cd3dbc3bfd5434711bae081fc06f8791558
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLeSUTAAAAAMogW1JMPzBSuKJhK1kWt2QZ4XvU&co=aHR0cHM6Ly93d3cubmV3c2VyLmNvbTo0NDM.&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=2jyzcwj44ltb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
1; mode=block
expires
Mon, 26 Apr 2021 11:57:40 GMT
Tag.engine
engine.4dsply.com/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engine.4dsply.com/Tag.engine?time=-120&id=7f1a7287-2f7e-4f83-800d-06bd711ee14e&rand=80410&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=60&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&kw=longform%2Ckidnapping%2Cdiplomat%2Cmexico
Requested by
Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
86e5b8e9c18aed14901192768649a91e543744f3eb368ee2ea90e31b4fb3f92c

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
645fa2862bf04dd6-FRA
date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-adscore-status
null
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
cache-control
private, no-transform
content-type
application/json; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09afa3e7da00004dd64519a000000001
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:40 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
/
trends.revcontent.com/api/delivery/ 		18 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=false&w=113220&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&icr_url=&va=1&time=1619438260215&up=pc&bn=chrome&bv=89&widget_width=654
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
a2dac1098abcf2e7353e3a403f7c9564d6f5d90cb7809d35c74b7fa94b7d1344
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
7601
bframe
www.google.com/recaptcha/api2/ Frame A93B 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfLeSUTAAAAAMogW1JMPzBSuKJhK1kWt2QZ4XvU&cb=xyw798o2mem7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f58042f628f5e720b04c0509796ad085435ed186d0268fc0562b40f589cb0ac5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0WFGXw3ge6d4tc00YyzrFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfLeSUTAAAAAMogW1JMPzBSuKJhK1kWt2QZ4XvU&cb=xyw798o2mem7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 26 Apr 2021 11:57:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-0WFGXw3ge6d4tc00YyzrFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1115
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 09:37:11 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
8430
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via
1.1 8aa451f83e0a7ce3b7e0bc3b04314535.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
MAD50-C1
content-type
application/javascript
x-amz-cf-id
4iWsr_14RiW_aFWG31Wf09-hR4e6ipzOG-taQX4mVkBWga97vDd-5w==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&pid=qlZ3OJuqBgqZN&cb=0&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-6%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22desktop-7%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&cfgv=0&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
via
1.1 adaa7e69b304066aa4eaf0d2190ecfd7.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MAD50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
epyUeqvmVgy4nmnbwlSsWN3-fLHogZFY7cBHHEV9DEEE27EVWjuJKA==
styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame A93B 		51 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfLeSUTAAAAAMogW1JMPzBSuKJhK1kWt2QZ4XvU&cb=xyw798o2mem7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 09:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
age
7860
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25722
x-xss-protection
0
expires
Tue, 26 Apr 2022 09:46:40 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame A93B 		334 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfLeSUTAAAAAMogW1JMPzBSuKJhK1kWt2QZ4XvU&cb=xyw798o2mem7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 09:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8393
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133604
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Apr 2022 09:37:47 GMT
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:40 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
script.js
d1bvk193qme2fc.cloudfront.net/ 		117 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1bvk193qme2fc.cloudfront.net/script.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:4600:19:f03c:7200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f53a941275c1c7d2dbd55108e43e3ef28be7b14fdb6760c06f8e2b27fa08ad3

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:55:57 GMT
content-encoding
gzip
last-modified
Mon, 26 Apr 2021 09:36:13 GMT
server
AmazonS3
age
103
etag
W/"c35b8d41f1989e0d57978cd53f6f8ca7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
4E9OYcWRl12SOERTQpH5zx-WhkG0RFlY2MxnKUWsbIbKZKZkUj2zSw==
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=f935e52d-4887-4b32-afc8-3de88270bae9&ntv_fl=XjnnzCcWJbXlfH6xFSW7n-9bA3uEqpkHx5qOsbn2qCp1wRsv09EXaMrJi4KKZxlE46jnThla-WH6-mxCjSQDQWLRzUfWmZbAz-cPJYjoSlBgjgvJVKCP0PYtQ4pgEYKoAXjP1mFNpq3TqAPCmJJhQZqTvFLAtgDnPVSKMQsElKRj-EjSEjREHfX9PcF6tvyUtwoFIs5WDsl4KizmzxF_Xd96jEsmg6tcPmak4mQdOUodCo3r1vEdXYFHhhZ6TODaKwVO6t20LfwhzSyK5t-Nqa6i98TpHUpUglKP6Z-7rTWpY3jLglHgaIUsc57-0I-Z-dffMxqCx11Y0vAvRgk4_w==&ntv_ht=tKqGYAA&ntv_at=303,302&ntv_a=AAAAAAAAAAhxoRA&ord=1619438260580&ntv_dpl=1027,1011,1028,101781,1050,1051,1003,1019,1038,1006,1007&ntv_it
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.108.168 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:40 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=f935e52d-4887-4b32-afc8-3de88270bae9&ntv_fl=XjnnzCcWJbXlfH6xFSW7n-9bA3uEqpkHx5qOsbn2qCp1wRsv09EXaMrJi4KKZxlE46jnThla-WH6-mxCjSQDQWLRzUfWmZbAz-cPJYjoSlBgjgvJVKCP0PYtQ4pgEYKoAXjP1mFNpq3TqAPCmJJhQZqTvFLAtgDnPVSKMQsElKRj-EjSEjREHfX9PcF6tvyUtwoFIs5WDsl4KizmzxF_Xd96jEsmg6tcPmak4mQdOUodCo3r1vEdXYFHhhZ6TODaKwVO6t20LfwhzSyK5t-Nqa6i98TpHUpUglKP6Z-7rTWpY3jLglHgaIUsc57-0I-Z-dffMxqCx11Y0vAvRgk4_w==&ntv_ht=tKqGYAA&ntv_at=323&ntv_a=AAAAAAAAAAhxoRA&ntv_jtr=3&ntv_it
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.108.168 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:40 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=2ca926a4-6588-44d3-ac84-8a1af8df66fe&ntv_fl=XjnnzCcWJbXlfH6xFSW7n-9bA3uEqpkHx5qOsbn2qCp1wRsv09EXaMrJi4KKZxlE46jnThla-WH6-mxCjSQDQWLRzUfWmZbAz-cPJYjoSlBgjgvJVKCP0PYtQ4pgEYKoAXjP1mFNpq3TqAPCmJJhQZqTvFLAtgDnPVSKMQsElKRj-EjSEjREHfX9PcF6tvyUtwoFIs5WDsl4KizmzxF_Xd96jEsmg6tcPmak4mQdOUodCo3r1vEdXYFHhhZ6TODaKwVO6t20LfwhzSyK5t-Nqa6i98TpHUpUglKP6Z-7rTWpY3jLglHgaIUsc57-0I-Z-dffMxqCx11Y0vAvRgk4_w==&ntv_ht=tKqGYAA&ntv_at=303&ntv_a=AAAAAAAAAACcIQA&ord=1619438260583&ntv_dpl=1027,1011,1028,101781,1050,1051,1003,1019,1038,1006,1007&ntv_it
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.108.168 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:40 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1117121&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.108.168 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:40 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Mon, 26 Apr 2021 11:57:40 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
rc-logo.png
cdn.revcontent.com/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:40 GMT
last-modified
Wed, 07 Apr 2021 21:02:38 GMT
etag
"1617829358"
x-hw
1619438260.cds016.fr8.hn,1619438260.cds130.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=16964
accept-ranges
bytes
content-length
4298
s2s
eb.proper.io/ 		377 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s?proper_uid=1d07aa5b-6ba7-452c-8595-a28c946d1faa
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5272aed596706279548359445d38845b9da66be9a32b5a8c599b5c090e670772

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:41 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.newser.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
645fa28aee214ec1-FRA
cf-request-id
09afa3eace00004ec18e131000000001
expires
-1
p
i.simpli.fi/ 		746 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b3.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
6c4051694f2c99a547693e8800f768ab26c55c9c1575f70bcab81796207fd51b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache, no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
date
Mon, 26 Apr 2021 11:57:40 GMT
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
application/javascript; charset=UTF-8
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=99B53FBFFA154012A108191486A8A3EE
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=99B53FBFFA154012A108191486A8A3EE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:41 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
server
nginx
location
https://simplifi.partners.tremorhub.com/sync?UISF=99B53FBFFA154012A108191486A8A3EE
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 25 Apr 2021 11:57:41 GMT
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=99B53FBFFA154012A108191486A8A3EE
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=99B53FBFFA154012A108191486A8A3EE
95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=99B53FBFFA154012A108191486A8A3EE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:41 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95

Redirect headers

date
Mon, 26 Apr 2021 11:57:41 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=99B53FBFFA154012A108191486A8A3EE
alt-svc
clear
content-length
0
aa_px
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=99B53FBFFA154012A108191486A8A3EE
  • https://d.agkn.com/pixel/10751/?che=1619438261&ip=89.249.64.203&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D165020403768000595936
  • https://um.simpli.fi/aa_px?sk=165020403768000595936
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/aa_px?sk=165020403768000595936
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 25 Apr 2021 11:57:41 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:41 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://um.simpli.fi/aa_px?sk=165020403768000595936
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
nexage
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/nexage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 25 Apr 2021 11:57:41 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=99B53FBFFA154012A108191486A8A3EE
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=99B53FBFFA154012A108191486A8A3EE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
server
nginx
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=99B53FBFFA154012A108191486A8A3EE
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 25 Apr 2021 11:57:41 GMT
pubmatic
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 25 Apr 2021 11:57:41 GMT
freewheel
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 25 Apr 2021 11:57:41 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=99B53FBFFA154012A108191486A8A3EE;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=99B53FBFFA154012A108191486A8A3EE;mimetype=img;sr
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=4365982732653578614
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=4365982732653578614
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:40 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp-eu-4.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=4365982732653578614
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=99B53FBFFA154012A108191486A8A3EE&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=99B53FBFFA154012A108191486A8A3EE&j=0&xl8blockcheck=1
0
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=99B53FBFFA154012A108191486A8A3EE&j=0&xl8blockcheck=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Mon, 26 Apr 2021 11:57:41 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=99B53FBFFA154012A108191486A8A3EE&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
yahoo
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 25 Apr 2021 11:57:41 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=99B53FBFFA154012A108191486A8A3EE
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=99B53FBFFA154012A108191486A8A3EE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.45.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 26 Apr 2021 11:57:40 GMT

Redirect headers

date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
server
nginx
location
https://sync.bfmio.com/sync?pid=141&uid=99B53FBFFA154012A108191486A8A3EE
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 25 Apr 2021 11:57:41 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=99B53FBFFA154012A108191486A8A3EE
62 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=99B53FBFFA154012A108191486A8A3EE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.38.51.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-51-43.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:42 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
fd32
Content-Type
image/gif

Redirect headers

date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
server
nginx
location
https://stags.bluekai.com/site/29931?id=99B53FBFFA154012A108191486A8A3EE
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 25 Apr 2021 11:57:41 GMT
tpid=99B53FBFFA154012A108191486A8A3EE
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=99B53FBFFA154012A108191486A8A3EE
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=99B53FBFFA154012A108191486A8A3EE
49 B
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=99B53FBFFA154012A108191486A8A3EE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.30.143
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=99B53FBFFA154012A108191486A8A3EE
cache-control
no-cache
x-server
10.45.26.226
content-length
0
expires
0
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=99B53FBFFA154012A108191486A8A3EE
  • https://ce.lijit.com/merge?pid=2&3pid=99B53FBFFA154012A108191486A8A3EE&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=99B53FBFFA154012A108191486A8A3EE&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:42 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:42 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=2&3pid=99B53FBFFA154012A108191486A8A3EE&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=99B53FBFFA154012A108191486A8A3EE
0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=99B53FBFFA154012A108191486A8A3EE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
server
nginx
location
https://idsync.rlcdn.com/419566.gif?partner_uid=99B53FBFFA154012A108191486A8A3EE
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 25 Apr 2021 11:57:41 GMT
/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1619438260934&cv=7&fst=1619438260934&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1855191124&cv=7&fst=1619438260934&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1855191124&cv=7&fst=1619438260934&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=1855191124&cv=7&fst=1619438260934&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=1855191124&cv=7&fst=1619438260934&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tKqGYI_ZOrKhlQfA37DIAQ&random=1408111988&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=1855191124&cv=7&fst=1619438260934&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tKqGYI_ZOrKhlQfA37DIAQ&random=1408111988&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://um.simpli.fi/spotx_match
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=99B53FBFFA154012A108191486A8A3EE
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=99B53FBFFA154012A108191486A8A3EE&__user_check__=1&sync_id=9b0390b3-a686-11eb-a4eb-129210fe0306
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=99B53FBFFA154012A108191486A8A3EE&__user_check__=1&sync_id=9b0390b3-a686-11eb-a4eb-129210fe0306
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:42 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
65
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 26 Apr 2021 11:57:42 GMT
Server
nginx
Location
/partner?adv_id=7797&uid=99B53FBFFA154012A108191486A8A3EE&__user_check__=1&sync_id=9b0390b3-a686-11eb-a4eb-129210fe0306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
98
Connection
keep-alive
Content-Length
0
setuid
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=99B53FBFFA154012A108191486A8A3EE
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=66&code=99B53FBFFA154012A108191486A8A3EE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:41 GMT
X-Proxy-Origin
89.249.64.203; 89.249.64.203; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.36:80
AN-X-Request-Uuid
571eab29-a505-47a0-83f4-60e7b0cd8038
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
server
nginx
location
https://ib.adnxs.com/setuid?entity=66&code=99B53FBFFA154012A108191486A8A3EE
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 25 Apr 2021 11:57:41 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=99B53FBFFA154012A108191486A8A3EE&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=99B53FBFFA154012A108191486A8A3EE&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
server
nginx
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=99B53FBFFA154012A108191486A8A3EE&expires=365
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 25 Apr 2021 11:57:41 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=99B53FBFFA154012A108191486A8A3EE
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=99B53FBFFA154012A108191486A8A3EE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:41 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=99B53FBFFA154012A108191486A8A3EE
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 25 Apr 2021 11:57:41 GMT
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEHPBnw9K-_PUm4ZJxBaV9ek&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=99B53FBFFA154012A108191486A8A3EE
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sun, 25 Apr 2021 11:57:41 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://um.simpli.fi/g_match?id=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:41 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:41 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
8affe13b6a1bb613ac75de9b5e3cfbba.jpeg
images.revcontent.com/revcontent/image/fetch/f_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/8affe13b6a1bb613ac75de9b5e3cfbba.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
2a3405435c61344e6ff0644a1884a931ab350d3436d3494adc343374a20b31e5
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="8affe13b6a1bb613ac75de9b5e3cfbba.webp"
server-timing
fastly;dur=1;cpu=0;start=2021-03-25T17:53:53.839Z;desc=hit,rtt;dur=0
content-length
6726
last-modified
Thu, 25 Mar 2021 16:41:19 GMT
server
Cloudinary
etag
"f6a5e773a5b262cbddde90da41f57eb8"
vary
Accept
x-hw
1619438262.cds134.fr8.hn,1619438262.cds106.fr8.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
1e0218a863bdca2dad20f683cd6e8d25.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/1e0218a863bdca2dad20f683cd6e8d25.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
49fc49597d38ee4da3f0451322e2368c2cb9808a9181ec1fce3c8c696d452456
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="1e0218a863bdca2dad20f683cd6e8d25.webp"
server-timing
fastly;dur=138;cpu=0;start=2020-12-08T09:31:10.633Z;desc=hit,rtt;dur=0
content-length
2902
last-modified
Mon, 12 Oct 2020 18:14:27 GMT
server
Cloudinary
etag
"a15031cf9a9133e82f6f1a31a6683124"
vary
Accept
x-hw
1619438262.cds134.fr8.hn,1619438262.cds161.fr8.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
8490c5d3f3ae029804f6b4517ffd951c.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/8490c5d3f3ae029804f6b4517ffd951c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
e850ec15b8fc29369d1e0d0fc2aa5bff9e3f12b767b9300e1e399482b09e1399
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="8490c5d3f3ae029804f6b4517ffd951c.webp"
server-timing
fastly;dur=1;cpu=0;start=2020-12-22T21:45:50.043Z;desc=hit,rtt;dur=0
content-length
4810
last-modified
Mon, 12 Oct 2020 18:14:51 GMT
server
Cloudinary
etag
"40cd2bd5d9e15614ba59ec84b774e9c5"
vary
Accept
x-hw
1619438262.cds134.fr8.hn,1619438262.cds229.fr8.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
15271120062018314638.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15271120062018314638.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
5f711418c6d788a071fa6725ea3025e3f38583f9e4fc8249a7f35c1c3ca3525a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="15271120062018314638.webp"
server-timing
fastly;dur=3;cpu=0;start=2020-11-29T09:07:35.005Z;desc=hit,rtt;dur=0
content-length
5712
last-modified
Mon, 12 Oct 2020 18:14:10 GMT
server
Cloudinary
etag
"2ffa8f30d19e7acc811cfb612a9cf0ac"
vary
Accept
x-hw
1619438262.cds134.fr8.hn,1619438262.cds235.fr8.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
aa6b7784-6c11-4b79-917c-5f1bd774afe6
player.ex.co/player/ 		553 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/aa6b7784-6c11-4b79-917c-5f1bd774afe6
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
97b053b4c849fc3b1fa7005e3e1ac6a7a9a8fd773c42c84ce920ae077395915d

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
content-encoding
gzip
age
11385
x-cache
HIT
access-control-max-age
600
content-length
172830
x-served-by
cache-hhn4059-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1619438262.165045,VS0,VE1
etag
W/"8a5cd-Y4oPGi60r5Zx7FT+B4gAmeLRdgw"
vary
Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1
integrator.js
adservice.google.de/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.newser.com
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 11:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.newser.com
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 11:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		143 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=764541358020753&correlator=951422032342538&output=ldjh&impl=fifs&eid=31060746%2C31060789%2C31060804%2C31060897%2C31060809&vrg=2021042001&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20210426&iu_parts=5376056%2Cnewser_leaderboard%2Cdynamic_1%2Cnewser_side_1%2Cnewser_side_2%2Cnewser_side_3&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F3%2F2%2C%2F0%2F4%2F2%2C%2F0%2F5%2F2&prev_iu_szs=1x1%7C728x90%2C1x1%7C300x250%2C1x1%7C160x600%7C300x250%7C300x600%2C1x1%7C160x600%7C300x250%7C300x600&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D5471%26proper_site%3Dnewser%26proper_slot%3D1.01%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D5471%26proper_site%3Dnewser%26proper_slot%3D3.01%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D5471%26proper_site%3Dnewser%26proper_slot%3D4.01%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D5471%26proper_site%3Dnewser%26proper_slot%3D5.01%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1619438261&dt=1619438261289&dlt=1619438259231&idt=1003&frm=20&biw=1600&bih=1200&oid=3&adxs=561%2C987%2C987%2C987&adys=55%2C296%2C1160%2C1269&adks=1569744204%2C815455304%2C2805818217%2C2816758432&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x1%7C300x1%7C300x1%7C300x1&msz=728x1%7C300x1%7C300x1%7C300x1&ga_vid=281368811.1619438261&ga_sid=1619438261&ga_hid=446470193&ga_fc=false&fws=4%2C0%2C0%2C0&ohw=728%2C0%2C0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ad952dc06db0dd7d40a40ce35965f830552d90af3fadd3b68b466d4219bdbc4a
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKqht9Ltm_ACFSWDgwcdd0ALpw&gqi=&layout=/sadbundle/%24csp%253Der3%24/12502976385620377600/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKqht9Ltm_ACFSWDgwcdd0ALpw&gqi=&layout=/sadbundle/%24csp%253Der3%24/12502976385620377600/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1,-1,-1,-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46539
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
date
Mon, 26 Apr 2021 11:57:41 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.newser.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=f935e52d-4887-4b32-afc8-3de88270bae9&ntv_a=AAAAAAAAAAhxoRA&ntv_ht=tKqGYAA&ntv_fl=XjnnzCcWJbXlfH6xFSW7n-9bA3uEqpkHx5qOsbn2qCp1wRsv09EXaMrJi4KKZxlE46jnThla-WH6-mxCjSQDQWLRzUfWmZbAz-cPJYjoSlBgjgvJVKCP0PYtQ4pgEYKoAXjP1mFNpq3TqAPCmJJhQZqTvFLAtgDnPVSKMQsElKRj-EjSEjREHfX9PcF6tvyUtwoFIs5WDsl4KizmzxF_Xd96jEsmg6tcPmak4mQdOUodCo3r1vEdXYFHhhZ6TODaKwVO6t20LfwhzSyK5t-Nqa6i98TpHUpUglKP6Z-7rTWpY3jLglHgaIUsc57-0I-Z-dffMxqCx11Y0vAvRgk4_w==&ord=1767675981&ntv_it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.108.168 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:41 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
container.html
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5F1D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 26 Apr 2021 11:57:41 GMT
expires
Tue, 26 Apr 2022 11:57:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017352525402"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28270
x-xss-protection
0
expires
Mon, 26 Apr 2021 11:57:41 GMT
container.html
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DD36 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 26 Apr 2021 11:57:41 GMT
expires
Tue, 26 Apr 2022 11:57:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame D219 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
454144
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Wed, 21 Apr 2021 05:48:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Apr 2022 05:48:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D219 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
303804
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Thu, 22 Apr 2021 23:34:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 23:34:17 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D219 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
310472
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Thu, 22 Apr 2021 21:43:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 21:43:09 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D219 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
332526
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Thu, 22 Apr 2021 15:35:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:35:35 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D219 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
484806
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Tue, 20 Apr 2021 21:17:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 21:17:35 GMT
truncated
/ Frame D219 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a002eadbd157c39cf70a3b69589d9e776510924cd270c7b5fe9a5585584eb698

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 099D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 26 Apr 2021 11:57:41 GMT
expires
Tue, 26 Apr 2022 11:57:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
101795143535705479
tpc.googlesyndication.com/daca_images/simgad/ Frame D219 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/101795143535705479
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f27af9873da50427ff76f55927849a11346f4832fb5dbe9005790ef2564decf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 03:24:31 GMT
x-content-type-options
nosniff
age
376390
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80660
x-xss-protection
0
last-modified
Mon, 29 Mar 2021 03:06:51 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 03:24:31 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D219 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 03:59:16 GMT
x-content-type-options
nosniff
server
cafe
age
28705
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 27 Apr 2021 03:59:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D219 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 05:03:57 GMT
x-content-type-options
nosniff
server
cafe
age
24824
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 27 Apr 2021 05:03:57 GMT
l
www.google.com/ads/measurement/ Frame D219 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTfeHl2bT_iJBSAeLiJ5Z6QVgaG-5c5n18Mo3JKYkcw_fxdjpPTO1Ta5z29wlT2xUAIm2luCArS6uxeXE2VPBxm05iyiA
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame D219 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzgDgtaqGYOvyFaWGjuwP94CtuAre-vW3Yq2EiJmxDbCVicSuCRABINjqtiBglfrwgYwHoAGHg7_3A8gBAuACAKgDAcgDCKoEvwJP0El4cavQMbuqfGbYrAHboPsQ0lBS45HOVR0mc9PKuvcHzttBSL7EVgymGPFwDsFPNxW2sfEZKLZCSUamF4wySya08q3amwWa48qtWJrRJ7HLJzKNrYWFXy_7X5X-9CLBzsJZzJf69jfyYn_ieHorGceF1mRiDwDXOfoglmO5W6VLnzGX3qkqOY60DheVCQPJp9F7vgEFZwAT1hUSFAfikmklzejLu84jEQ2CCp-AJ-CDMMCkWaCSYXCsxVwv55_aDzl8MHvIiHYXSxf4hE25O4A11naQxWQU7R6bZpvYyoLOgVPTjn2CKbbgiNBLQwPM63IzDi6H_CUkt8M-rpvJN6u3-oTWalEvfyiMJUqiO94qIf0CDhn4_85IpcbcaBK0gw9RLNsZaXG8u9pQFVm6Tu8VHy1Tw2nlU378prn1wASG5c3frQPgBAGSBQQIBBgBkgUECAUYBKAGAoAHq6KhI6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBC2wBHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgxMzU4OTkxNTk0OTc2NDaACgPICwHYEwyyFxoKGAgAEhRwdWItNjg5NzkwMjE5MTcxNDgzMw&sigh=4iZ5nBBNvQc
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb7ef2657296a9b0e9b388c14c171953f0303a32b0d98bd7e3cfa9bb466fc53e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 11:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6976
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame E571 		478 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVQhbV-oJ9ur0jqf1V1ZTA7-eepB6Alk9w6HGptLCURGzi3xG64AArDucM3uuCMJ-FihAJadPQ7iKaoOe-LwLBxegJIMI06WFWDMQQbsH9y8SEjCBIAANQRSunlFUWsyJzFHOFgLdXLTXcTeRQa3ZQt0pJncGX0eO8-1k-Bn-iwNox2YjT_AHFgcqo9FfD7b9ADo0855h0vUB_EDJ9zM3XKYxlZWg
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVQhbV-oJ9ur0jqf1V1ZTA7-eepB6Alk9w6HGptLCURGzi3xG64AArDucM3uuCMJ-FihAJadPQ7iKaoOe-LwLBxegJIMI06WFWDMQQbsH9y8SEjCBIAANQRSunlFUWsyJzFHOFgLdXLTXcTeRQa3ZQt0pJncGX0eO8-1k-Bn-iwNox2YjT_AHFgcqo9FfD7b9ADo0855h0vUB_EDJ9zM3XKYxlZWg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl2OOzwyMMcrqvJIhlX8nc54PULgAAW7EFp5wpPZSmBULxF-rerP-Zkq_rQJoM; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 26 Apr 2021 11:57:41 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 26 Apr 2021 11:57:41 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5F1D 		23 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTdWkkOczdnpzkboAVngPFmK2nP3wfT1l9pTwvVAKGkRJlzHYn7VVbgF08ZeJ6HYvnrM_Wr0hi5as5F_k_itVh89I_MpNrAyDrI0gEyp7zGZ4qJ33bkEjduRs-Gb2pG2Ai0mz5bgQkgNJkbXbKb5laRg9S7Q&cry=1&dbm_d=AKAmf-CDwejnM9r812vWJd6cUpUlh14XTgWeRUHI74VVUgH3jHkF3stlC3a5CImSAqx-b0mLeDGu9lp4cUcuje9YzfqsjNmPbR0NwI_d1i0a7-J-wsgPz5OAU2-Yp7xxf4EjYZwJ7aQfUbmPqYXu1Eb5mlT3i9Zrye3l1rf-upgwnQEdM9wjo0m0rHcEW3P4ynjXxOkmC3H1BknaTYug48-tqe0hNopYcB52TxaI-x4rEBvytKo83_AZKBY0BITAMEtgnBZONBU4Wb2HrnBLMC-nD9heqGA28_o6vo6RhmEsgFJgHzKwr3DT7EB-oXBNGT3YXSHworSbXeNE3NvyYXYEJYVaXDGIAP1PBX6ziIFqkLz8WjLv6IAOTcYe-jA4N4GOvLrlKIC2K9BTAa9HLHl9WXCB8Swssz3dAR_wnMV7EXwQ1eokN5cplQiszHfkKUUwBOLG-d33cxheICYi9H5i8fL4XIQ7hmoRdArMkfDG8h9IhFv8RdF5zWNhjMIg69I2Cq5QIQ1dHdGAVaG3BoTBmltO9_6jQON-KtLLkhn4yRJCBkf2UCBNFfBWQZN8PaXHw4SpNe21qHPOk8g3kxqnDnRUK8mmgG3rroeWE66E8vWRug04Hfxu5nKu1fpSgGN2JgGC2g9XlIrzcbvsb0dZfOEJckqbSLlfqyayhOX86mJxE-EqNCIhwyOvDS4XRUUaUs0BLJFOEIh64c9GZmU2JDIU8mN9Y5MG6IxeTo26St4H87ElFbvNQCSvTakw1346N65ZQgRN8WxBrvnOAKqZNFEt3hBqNSNJZDb3PO7jyufPXw7v4mu34S4AG5LhopzoIJcnEnpOYkS91DO1jXaWXvWgtECkbJVO_kqBrKdrSCy5pnT7pBbckjBsKcXJqIaemwG6LGvOAoLPv8UmHyTLsK0pDcQdB6jO-GrYXIgQ77fhPmWt8nb_IZbtDBRTmbD3jfmTogM3pCWiIO_nZHQBYy5DKk2XLFqM6j2HlwS-C1nnhfU0gORklzArLy0nU4IpE__11uEFGerMxi5Z9USxwAN1_-KOwXmqv62vyIMfetduvrJDZGQF4HodvPpIh4qL_h9N91zgW7Vksv2WFcitTOIGY38MvTxaC7Cpxe3jv3tAla6CAghKq8OYN8iTyXWHpkYS2x1qA0JNDQjVdEE2AC0gt80tHt3ugaGtT42xS8TovXrvl6ijV3TSB5rw24DWderoZyXnsNvGMY7vcMu3WKe37VgmyuTswXAbVHzZt60OAQyzbCKv4-vOgbPP-hMuWR89H38_Jb1YKLXd4V_x9iah1_If_naFCFZiJ6l9ALungGXVlrjuSrCEWtqDJ12_Sk7f2IUnYE5uM59Ha1K13DVc23u1mSoGKlPUOwNmPA3ur0FM1st72MfgCF-WlylTy08o81dR3az_NuoiuHTwLWRi9jySgM5yvIUjoxuc_IHKZIRQsvAiHESWemWhU3JyVR-d44krcGOgWNH16vZFd8YsBtGLXhOXsY0RdP05O_jvJ6d7o1yf-HTFQ7hTobElBlOtJ_uVQb-jSOpKWDdZ_2gwXLy6c_II_z1gIGMqFUQfcadwd0E_-sTu12q7CdLtwvri2t9jztPQJgBFRfLeb6oZpyVdZZEHdA8CjNPslZh-ZwADpT4miMUHlwK9vdDcHVIJP_5o66o9hnEYWfjRMi3pvwMETxV2OXrrj6xcIBqK-Ehy0POddNSAp03qBwFE62eEzGelBcMXiUTaOvaT5lAw_UzSg_geKcryUOAhUePp08f8E3KT1_ifwVZczmZV4KCGKR7PVPB3g9D9Y3h2aJIJF9bkh2AA_IVQPtmnQMeNMR4pj0osO-QrIWjCvvw58KwU4Nf6_n7FCw2qnUrG6CDWrRFrgV_hFAgpYwZd8oRVJ25GMN3rx-8LtrpiK8OYJbY1LGQTi_7Ln_UuHj_bKw0qu010lImMmNr_JNPA3OYNVuZyGSfe65qrkWLddkvYtwkdCLUibUiOhbr6YZunXu6bNuuwHAR6nOYBcPrdB-WoIzQZKcO30iJOGMFXGdFXPPWj7GJ1g7irMHIEB35dC2OzRe38KI6wWITOS29cNx-bzMFpVN123KkxPrw30tdCY_Z728Sd64uBnQ7mea_cPfdB70y_D7eh1XH29Qw5XHPzbz56_SnIuEE7r1y2bZYsnmPdC0i41rDkW1K_IKs68YTL-iJaQY9D0lYcowlhcY4NWdVcL7gscaJumxycr_zVV1XPNkFlqsvvS-2pOkJKpu5Zg6Xdb_ZBbIbhB4BfaiClIGLHn1dVq8NGTgP5M75ptOGQBtMvsCXPVGMMQJMerjybDtGGAa4bHMQDA6hdzo7wMHc3Lo8LGHLrJ7NEVlqAjHUm_MaNs7qW5i5k7XA2bB4oIxdQcTLjSNZn1PobLIVE0_D4cAYvtA22hK6cyQ-U78RbGrZDCe1tgahVQeCsZDmcLaktqrYL83U4dSGEA2ODshw2CfoCGEJUXqo6g1KeYnJpKyqOXkDFCpFce0rC00lrq3FWdvy7A-On76FmWds-XxpxjWFT4sveJixu-AAYbOMrzyNuMbGU-nVuo5ORfzHWsJzk3OHMQXuMUUkFUblD8jVi-6pC1lbM_x2YJaNpVkvSLccund9raBykLVU99nTOphM496b5cQRCtweht3WDbWyTO9IhO20szPQ-Xiy1Si0mb0yL3Jl-4FwgdI04SYdk-BFTyhh7O1aJNSqmUJbREH5QT4CBimysLbIaNyygVtDp803TNUpNWaz5ASvssNylS9YmtCAceXD1tlKAK3CId91C83uVU3ZtM3h-WpxoRc_KOHmHaDVQbQs3CX1TpZZkBtQOpM2PWRkTBkzOuIles5WyokK_J8d6j2OOFjJp6E7ThNo-U2r-JuRMSjBUQ9s8RToDSzErKV5PzdZ58bc4Zs7r7z_NALM9JKA8QHZvoJTx9Kqox5qNZTscl7gvfAiWMEsny3pRzwf7QlWgP7eHlq7mOfb6jtyvaBhqJykzeFg22RQ8qLs0_jRlueZptOiSscfKdElNlzE38gg4x5ECnK33JWWx379NLzpShrKP6hU4v2FHWbDKlyzeARDa1PUpWg37ECxe1kk7lGh0r9jFA3NHd75apVtL7PENVNvRvboo8UxlLaMP7ONCw8LMsoXgy_MhkMG5yCxIExkgacyiySI6NbAwSaFatf1Oitg1_MD7aLgrXiKzlEthqDhBEWCucfQ18rniyWc5TP36sBF06qYhJ0tQGHTEXONR5uzytAIHN1ZQCtOaf0HactCWkgiUXwU7Uysx5L2jgi-Y-JzBnnGbxopIoo6rCndHs5faeOkqyaDC7CtsVeHPH5aho3xtVZXzWw2yvOQCVScHPHD1M8poyWsM3iANFJoriu0Lv6vYkAiKnFMJzvqyNUSud5BrFRl2EQa5up5iB2Cu9rVKIQx9VOmwqGywtCVAdueiJIlm97bD&cid=CAASEuRos4oV1an3P-lt-BGYfID0TQ&rfl=1%2Chttps%253A%252F%252Fwww.newser.com%252Fstory%252F305100%252Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%253Futm_source%253Dpart%2526utm_medium%253Duol%2526utm_campaign%253Drss_taglines_more%240
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71b38b0086ccfc753a75f1ee9aeb0978303c6ec7851df126c0eae7a0dc2717a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11496
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F1D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0VvOz_G9FqCpLhFYbKa8Z20rkZpP1cMI1-LSS7vnqFuZ5V2V47fStglI5OdbJa6HXGZCXlzIJaYE7ThfaIMRzPfLAELYyhTSIDGnLUe62-518f9U
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 5F1D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:56:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 May 2021 11:56:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5F1D 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Mon, 26 Apr 2021 11:57:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 5F1D 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 May 2021 11:57:18 GMT
l
www.google.com/ads/measurement/ Frame 5F1D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFo_5BcPwaEENyomH5ekjAC0JrGZ9d5N0Q6i-8p8W5P1f5BTBILQv2vt-696Wt-RVfVqVQ81Pg9b6Htt1fSOVTlkzzlw
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame 3B5A 		369 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1b1ae274b98b536cad52a99915d4fc0670fb156a0404ad097c4e873c7422f5b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/12502976385620377600/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Sat, 24 Apr 2021 08:36:31 GMT
expires
Sun, 24 Apr 2022 08:36:31 GMT
last-modified
Fri, 23 Apr 2021 11:57:52 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
34639
age
184870
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame DD36 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTWJItaqGYOryFaWGjuwP94CtuAqPoOS5YoTpysG1DZaCzYWIFhABINjqtiBglfrwgYwHoAHU0NCXA8gBCakCCh3w4LdPtD7gAgCoAwHIAwKqBMYCT9CnG9nR6vVjRuVS46bVjKxNUKr3ja-E9cZG8Av9_lGp8HFlBfpO1yUb92FVE5y0Dp73nF52ZGwY1KAEGMwbiE4BlWa3J37HnEQlsbDG_mETlsWL8zWZvI78n98W8lha9jhy3Xr4-ggeQCKgvdJGsoCX8LX3MxjoW7GTsJzFVwYArtv0O4xLaCmh7nTlJq1vQHrEnRUIYV1FMs6Wo5Ks5fnBV7hPI3NTUiV-xKZSYcPus-Rqib9TxKXxequ6Lo5O7I6VWAgqPvXdlogHMd6QoMF1tcXp9eJE5NrzUtXJjUqmmR_dp4GRLKeLkjMdq8YTLzriRN_gIvJEhmT38s4E1QNmlEEFKub-2S9ERb6pMTGs0ywiErcxpFUflUnm8_UZjijsQHL2F1kiSXR9h-wSCsdAwiAKvHMghw5bIvFuMyrPgxklA7nABKaN89u_A-AEAZIFBAgEGAGSBQQIBRgEoAZdgAfL_9xsqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEM2DCdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tODEzNTg5OTE1OTQ5NzY0NoAKA8gLAdgTDbIXGgoYCAASFHB1Yi02ODk3OTAyMTkxNzE0ODMz&sigh=sByauJ2VHhE
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9E7E 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl2OOzwyMMcrqvJIhlX8nc54PULgAAW7EFp5wpPZSmBULxF-rerP-Zkq_rQJoM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 26 Apr 2021 11:56:55 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
46
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame DD36 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:56:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 May 2021 11:56:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DD36 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Mon, 26 Apr 2021 11:57:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame DD36 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 May 2021 11:57:18 GMT
l
www.google.com/ads/measurement/ Frame DD36 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaToQfmW_mArmnEC4CIeZpq27eYtrjhaTkCW98Nad8kDrWPk1hnrgh3MhbLyJN6-MZ2fJyDdqmFDaazchxEY1XQa8Tk7vw
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame B52A 		611 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNVtulQNizQ8pWGL0PcEzfJpWwqI4361N0PPn7lPRe9PFWk0BulY1zI90_7llFCxLwQrssjGHVBbBIDA270cFiwF0T_x3huQ8wy1Dj0j2M8-4i_qzrHY4hUsbrA7I5Cl2Vs8OKrLv9iJTVgtBUZ30ACv2ygCRH_ukzhv7DOmuz5g0q1j5dS8b1IH58L68tzNDK3k88XCjn1u3fTiEc6wDTIxrKrc3g
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNVtulQNizQ8pWGL0PcEzfJpWwqI4361N0PPn7lPRe9PFWk0BulY1zI90_7llFCxLwQrssjGHVBbBIDA270cFiwF0T_x3huQ8wy1Dj0j2M8-4i_qzrHY4hUsbrA7I5Cl2Vs8OKrLv9iJTVgtBUZ30ACv2ygCRH_ukzhv7DOmuz5g0q1j5dS8b1IH58L68tzNDK3k88XCjn1u3fTiEc6wDTIxrKrc3g
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl2OOzwyMMcrqvJIhlX8nc54PULgAAW7EFp5wpPZSmBULxF-rerP-Zkq_rQJoM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 26 Apr 2021 11:57:42 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 099D 		23 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYoShjg7whKcY71WmTbw1_CVBYXciWxUqtt6qy5v2kuGmSNGgTbu7lpkoZYV1sk5l9abMlafIbtw3JU9cHAFqIDdYGJHEmb3OGBbOJXYJEH-TI0QM_afv0CaaMK-hFVODy_BCjfZM4My1BQgQ9HUnhT_KDLQ&cry=1&dbm_d=AKAmf-DScyq10M6ZR_KE9jdSJvaPOMD4St2zcWtZcqGabODx4doL2L2cq7NPFJWjpxFl-MTEsUh6G4ajVDztAbEkECRD4U_nxcDaOL-HupWBPZOIuIGmmS9ViISiWgOF9Btetc55gkKGBfi21qSI0K4cTJxCq6ndF_3ql6c1bvPYrkduvf7XBLePNtYb06J-2TZoNDkAZzTYkZGuuyP3zAEWn6Rger2D0OOGAemX3o4TEkMfcJsx_JZGU0I0j3SfMAgR8MHuZtfQAPFv7slAKLwzdReN3_4qdyrYipdx_aeuDqNP2AYllpKOJ6xhPAJo0Agmie9Xxofp2z6dTR3ftb7aPD2c2Y5T2BD5vDSwhhrlmlhuQWx5HWnGqzmj1tFvgrpfWfhK5z491q9xmE03YNwSANtmomCqmvqb2NMxeV6X4HKRG8sP8jx2rDBAsVWVXkqcuWWLtsDjsHrQ5FTtRq6WlPhHbZIS930iV6HkPlpZxovPlfgZ-g-f-dZ0mstVoo84IlqRvytn4WV0QUn2uxdDD1MUHMaraQJx4Ztl6TcX6u-DBmKYPbS_a4NO_MEQfT0pQrH9MQgCrw-Rhvw7hM0xzwYwWvLR-JT0hb0KkrkK4KSkLsslJXSEBndnp8AJkAoQIb81FnX8GEGz6Sch0prfZpO20qFZA7mPx-AErx4ahFZha4czWiOmQCNg1_JdZB82YsrrwefF1H8DFY6b9FGsWt62cBKT6P_HdrK_9zGuBSLhwMNadThvIC20a8pNJezKlBnDDAryEgYFbYI9GNAKMhKBZwzA5JSPrgdg36lBuEq-GumLlfF3Fwr491jJLIGc71w5fWJbqz5jzunW62Yj5Hev6dTAjg6TRYWBJXvjDHIRe7mX-zy2Z9tCOgGYG78poPKP-LOfh93twvVA_io02ZCb9vH1olh8-uggdhLRe7k1cEVoST_WigGkdrGN2yqsrswegdmZYcz0R_Oq8rSovgp9qnVD7MAj-A9bOv3I_Qbv5lWR27M6JDdZsuMXF2de6dH7JMhw3jYJ-4VJJp1NrM3Ql3-RreP3-eng0YU707Fp6yAB7Z5DRLx6ms-kYj5JVrHzuM_P1fve7X2JEC6ipMapAnsqeiwA_mHXXU6RwolC9LRfjNo0ZOb7QF2FJC8iEybyInZymMIQR2CJws5remA54-UA0TOFE9msrDiHrR233X15evtnAiq04zp68In-rU2AHau6BekQeSnAUZ2Hm18iFiol4kmRSqTqbneJ1Lb06vRyqp0mayXuqn2JEErE6I0JYd8mnBtc3ZJXoXDnHgKjrIa78MWqIWuPoLuGbWJoFjCkL1Ph-N2cBpa8AIjfqgZRBZrEQqs7itGtJA4FhVCjTnstPUd3j9RoIaJhhp4T7qNoUEp6pjQuEyAumFr1mHsiXhJFyWY63_c3ABycTdu89_g2mW6o_E-KxoQc-h9slIFvs24qhMIGzwG0sFpJJHQNf2MGzL4hGHcRUbLud9pwSk-Is_Gr6wXn-8OustnemF44IxHdQF9cAho9APMYI3SOD-WNlC9zKDN11XyE_dHWIysbkTbJCrbTIZr4DFNZZW498Z_G8jvNPqsaR77xZbwmCRjBjm-WpXE9i5VvLsO8ygBVRCIF49Mb0uuErmyZ2nkYdK4xDoP08JuAFtS1SKKcVCzJfTfJ1_aofDb4KylzTo-KTEwCV5jyAIuLJZmwPmvHA-OaOVX04u0Jt5QHgQcPz4z8SOoKGlnRvuYl8VuNIBDcke7HBaYYQFlpWCyF6S9Zi_Co89cwPScaWKYixjhaOW9qfVpM2i3k2G37qN6uo98asraMQIe3XpiaXPpRyMKzUvWkCJUZZ3f_9XeDvRxZUdowvWGZA3b1jw28PBZgs5ElD3uHMcWOwHfDDDAD9XIBJmYido5Z6INVenFBQ78Tt2mQI4Jd44J5b5EGxtKD5lA8Z-7aDFWZ1rX-piJH-vhh7leAyTyjKtTwyBI-QU0X0TVWMucdX57Ay4aQvYwLHWquVZ6Id57gIfi6TUexBIMb69qAPVgUjoYJIgOXZ-_NcHDChPxNPlaQBs2AB8k0G6TyeCC6ZxjQBcceA5YYIBBI9RFCxBN_yjwjB6sTJaKGsp2bw1XZTzM7N2nzEfUEypT2b62cWlrrzWvWBdONcJO8xQ89RGJ3xLht5ltrS_hmKS15ukchk410UquWlSQQCLSxk8cEyBy7AhzQZ9EPYgA20UNmTBSKeIw76_9NWJXDjNGLO9rBXeIojDiGohXKJ7MqKNSSYu4q3q7BIFSPlmbaYh4tnalZFmlCA10RWVye9yZaRI06PZ12tf6MlMeu89NFGZxL4SR8U4cx8qZ0uPF1NHRKtjHyQt8RdicmG4TUu6XlQoyF7nLfx_AfpBCiyv98oNqUB5U8REfmVPdQuisB1g5ckQaQA7r_aBhaWSq21VQW9ANKEMl36P4THDs-MJRseEBXcBGnmG0NF5yM46XZ6xLEdJuTaegUQXeRuUtySMzNP44dyd9aZ3-M3qZGnq8knIts3gFmaRxqmiq6Oudhc2k0tjx5PC_ce-PC2cGL_1u0m4aGJkFMlAdtgJtsysm9pkF-Ayiv-Kr0xDF9yTDh4gBbVEq0QHbczYoxsa16hTUSQZwLzWn3Bxg745eH4898GjwUfpXmyNUDZGce0hgVCSdx40yv9tjLZUPqWx4JhkPkGCdbNjnCCLPfVziaDZyKFuPTZcTjbw8ZHvLFJG-lhtzCnRvZxbAnO_iRejnbCpi0qc6jktr93Xh0lqBZuDcqmGI6CMIQBvrohsuYF2p4CA7PCUppOWNIrSIXKnPJzjAuO6KnXHsAuNCNgvsjvClPv2cROGC-aMTn3vWqhZo_toxk4SrV5gR_b_Zf6ssxhjhhEf8FAKcPZltpeaINUrXrJjPonCSYttHcXKcOQxv_u_JjYWQQQUpUNMruyjiQfLWCbqznWuk_t7kdjzkc4fzPVBOmEOciAiBC6fbNuBFmHgXWo2xJwSRq3_3yWSKnSZRSJZ2x7pSb3us3D2zAKhhdtA7HAZjAE3UEmKmKRxJjZf3ABISNGKrBCPiLyL0rQjICAIUNXpCbRgRcnHo8coZ0EzZz9fMKkTLZQhnMHCNxUS1Lmot29NhmsFMHczWc_f-IMwqmSzVCFZqR3cr90XansUxCYLup-ZOcNrQ9lzx9Xzm-rEntg9uHY9JMY06g2iOV6P9wC-zjnnpd2pNQ9F5U56qefOq7HXAB-5M_ZMi4iW4s7O9K4CCa19E0XiPltC2fP4_eCJHl7LwEd2Whh6ARRXsrwRhJzTWyrsIU2xV2ReKOgzXEZ849kDm1haxk3aNMoST_AE895T_gGnrtTQLE1epMrs1UlJ6kJp0MFbbE9cFyCOy5FPqlYrAGn19ws9LmO7oDHhEfSFJGD8wwpotYi50lBNUeasGnkK9qh2DMWxGQde6QR_1uwl6jg-5Syk25_KymrF3DdnaFOWwLqFRHGg&cid=CAASEuRoq7UdgWg_hRNWLgZhRHxSLA&rfl=1%2Chttps%253A%252F%252Fwww.newser.com%252Fstory%252F305100%252Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%253Futm_source%253Dpart%2526utm_medium%253Duol%2526utm_campaign%253Drss_taglines_more%240
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
195072137d3810c9f02c551801a8a5caa3cbbb5b71110dda88486002c4c0c21e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11409
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 099D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ClG9rM8YDZFTkDOKIDMyt-eOTJj_7FITB2lyGeXw4iYVAsd_OFBx8kFZfYbo8EmFuyuYbG0Wz7A9b9mFkz_5iBu27CgXaQrJTD-ARMRtFnJ_EuIOc
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 099D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:56:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 May 2021 11:56:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 099D 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Mon, 26 Apr 2021 11:57:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 099D 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 May 2021 11:57:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 26 Apr 2021 11:57:42 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 5F1D 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8a2b3462c740c8347f2e5db24143b43e7cfd0adfae2f65f3ae30254985a300e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
8606185217770904955
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 May 2021 11:57:16 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5F1D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 06:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
453077
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Apr 2022 06:06:25 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame D219
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Mon, 26 Apr 2021 11:57:42 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
101795143535705479
tpc.googlesyndication.com/daca_images/simgad/ Frame D219 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/101795143535705479
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f27af9873da50427ff76f55927849a11346f4832fb5dbe9005790ef2564decf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 03:24:31 GMT
x-content-type-options
nosniff
age
376391
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80660
x-xss-protection
0
last-modified
Mon, 29 Mar 2021 03:06:51 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 03:24:31 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D219 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 03:59:16 GMT
x-content-type-options
nosniff
server
cafe
age
28706
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 27 Apr 2021 03:59:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D219 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 05:03:57 GMT
x-content-type-options
nosniff
server
cafe
age
24825
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 27 Apr 2021 05:03:57 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 099D 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8a2b3462c740c8347f2e5db24143b43e7cfd0adfae2f65f3ae30254985a300e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
8606185217770904955
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 May 2021 11:57:16 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 099D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 06:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
453077
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Apr 2022 06:06:25 GMT
pixel
cm.g.doubleclick.net/ Frame E571 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVQhbV-oJ9ur0jqf1V1ZTA7-eepB6Alk9w6HGptLCURGzi3xG64AArDucM3uuCMJ-FihAJadPQ7iKaoOe-LwLBxegJIMI06WFWDMQQbsH9y8SEjCBIAANQRSunlFUWsyJzFHOFgLdXLTXcTeRQa3ZQt0pJncGX0eO8-1k-Bn-iwNox2YjT_AHFgcqo9FfD7b9ADo0855h0vUB_EDJ9zM3XKYxlZWg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E571
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDRijdQd-vYBLSarRW3tQLQ&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDRijdQd-vYBLSarRW3tQLQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVQhbV-oJ9ur0jqf1V1ZTA7-eepB6Alk9w6HGptLCURGzi3xG64AArDucM3uuCMJ-FihAJadPQ7iKaoOe-LwLBxegJIMI06WFWDMQQbsH9y8SEjCBIAANQRSunlFUWsyJzFHOFgLdXLTXcTeRQa3ZQt0pJncGX0eO8-1k-Bn-iwNox2YjT_AHFgcqo9FfD7b9ADo0855h0vUB_EDJ9zM3XKYxlZWg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Apr 2021 11:57:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDRijdQd-vYBLSarRW3tQLQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E571
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIaqtkhDhduXm5VvvJe51gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDRijdQd-vYBLSarRW3tQLQ&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDRijdQd-vYBLSarRW3tQLQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVQhbV-oJ9ur0jqf1V1ZTA7-eepB6Alk9w6HGptLCURGzi3xG64AArDucM3uuCMJ-FihAJadPQ7iKaoOe-LwLBxegJIMI06WFWDMQQbsH9y8SEjCBIAANQRSunlFUWsyJzFHOFgLdXLTXcTeRQa3ZQt0pJncGX0eO8-1k-Bn-iwNox2YjT_AHFgcqo9FfD7b9ADo0855h0vUB_EDJ9zM3XKYxlZWg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Apr 2021 11:57:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDRijdQd-vYBLSarRW3tQLQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 89A7 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 26 Apr 2021 11:23:05 GMT
expires
Tue, 26 Apr 2022 11:23:05 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2077
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame DD36 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e2a4d2681f1a4753ae48f6de1824424aac4e7e16b274076fdf5c890ad863b0c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.170.237 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-170-237.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Apr 2021 11:57:42 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
setuid
ib.adnxs.com/ Frame B52A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBsGTjle4NBGZD31t9sXqEg&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBsGTjle4NBGZD31t9sXqEg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNVtulQNizQ8pWGL0PcEzfJpWwqI4361N0PPn7lPRe9PFWk0BulY1zI90_7llFCxLwQrssjGHVBbBIDA270cFiwF0T_x3huQ8wy1Dj0j2M8-4i_qzrHY4hUsbrA7I5Cl2Vs8OKrLv9iJTVgtBUZ30ACv2ygCRH_ukzhv7DOmuz5g0q1j5dS8b1IH58L68tzNDK3k88XCjn1u3fTiEc6wDTIxrKrc3g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:42 GMT
X-Proxy-Origin
89.249.64.203; 89.249.64.203; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.154:80
AN-X-Request-Uuid
d521d6f9-2f78-4374-8268-3ad21bedf0c8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBsGTjle4NBGZD31t9sXqEg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B52A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjAzMDUyOTI2MDQyOTU2NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjAzMDUyOTI2MDQyOTU2NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNVtulQNizQ8pWGL0PcEzfJpWwqI4361N0PPn7lPRe9PFWk0BulY1zI90_7llFCxLwQrssjGHVBbBIDA270cFiwF0T_x3huQ8wy1Dj0j2M8-4i_qzrHY4hUsbrA7I5Cl2Vs8OKrLv9iJTVgtBUZ30ACv2ygCRH_ukzhv7DOmuz5g0q1j5dS8b1IH58L68tzNDK3k88XCjn1u3fTiEc6wDTIxrKrc3g
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:42 GMT
X-Proxy-Origin
89.249.64.203; 89.249.64.203; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.68:80
AN-X-Request-Uuid
24e1865d-8bdf-4567-ae63-b209356898b0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjAzMDUyOTI2MDQyOTU2NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B52A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAst8ZqvNranJ2fLCJCFMEI&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAst8ZqvNranJ2fLCJCFMEI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNVtulQNizQ8pWGL0PcEzfJpWwqI4361N0PPn7lPRe9PFWk0BulY1zI90_7llFCxLwQrssjGHVBbBIDA270cFiwF0T_x3huQ8wy1Dj0j2M8-4i_qzrHY4hUsbrA7I5Cl2Vs8OKrLv9iJTVgtBUZ30ACv2ygCRH_ukzhv7DOmuz5g0q1j5dS8b1IH58L68tzNDK3k88XCjn1u3fTiEc6wDTIxrKrc3g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAst8ZqvNranJ2fLCJCFMEI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B52A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWI1ZTQxNzgtM2U0Ni02YzRlLTYxZWQtYjM1NGZlZjllMDA5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWI1ZTQxNzgtM2U0Ni02YzRlLTYxZWQtYjM1NGZlZjllMDA5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNVtulQNizQ8pWGL0PcEzfJpWwqI4361N0PPn7lPRe9PFWk0BulY1zI90_7llFCxLwQrssjGHVBbBIDA270cFiwF0T_x3huQ8wy1Dj0j2M8-4i_qzrHY4hUsbrA7I5Cl2Vs8OKrLv9iJTVgtBUZ30ACv2ygCRH_ukzhv7DOmuz5g0q1j5dS8b1IH58L68tzNDK3k88XCjn1u3fTiEc6wDTIxrKrc3g
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 26 Apr 2021 11:57:42 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWI1ZTQxNzgtM2U0Ni02YzRlLTYxZWQtYjM1NGZlZjllMDA5
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B57D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 26 Apr 2021 11:23:04 GMT
expires
Tue, 26 Apr 2022 11:23:04 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2078
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4727t6qteyti
hal9000.redintelligence.net/zone/ Frame 5F1D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCayOktaqGYOnyFaWGjuwP94CtuAq1zfmDV_zYuavlDPAuEAEg2Oq2IGCV-vCBjAfIAQmpAgod8OC3T7Q-qAMBqgTsAU_Q1e8_BKYiGM9uFFGtua4pmsQnHcbRSXP1-WshbsGrZNADKUC31hZRfSw4mdUQ1zPF813_sZR0vx2eZU5HsxsKlhxsNJ7D3UIJsemQc_5C-Nt9laBaOn2pjuON0AguyhYTqwf6sI3MW99SpJEKSqB3dBJqdsQZwP97FChNoZpeOhYb9VraZiHRScAol_N5ceG7j9SOcREDsLg9cv6GA9sH7q3GragTDjBUBsA6xxy3Cxyl-S0yNgnm_z4m3iDp6ibxRAcigxNK_5TNrmKf9vNgsey4Mc-XzyJ0A14ZwkFyRx21wgDbRd4Ds3jIwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgxMzU4OTkxNTk0OTc2NDaACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASEuRos4oV1an3P-lt-BGYfID0TQ%26sig%3DAOD64_2WCSjIIh8uPs93PdBoMgPCMrI7eA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-BB46uWUl_0trKF8LVopnSmM0YeXHtrOWNcNtK7JYqNrJLyal7iIThW8HAW9Bryq1JcUpA6S83m56JUE51V2sdyPZTy_7G1cdPUdMnSRGc8-r2o6xPFknXrtaPK-0ZubGUEXXT8QAEFlpgMizZYwyVy41W4tA%26cry%3D1%26dbm_d%3DAKAmf-CECLzxUnlXOFbIt0zdaMS7eXCMa7wOu9eNyOC1MglqxHrX7f12NGo_y7l4S7barcY2kmja0G8AZNW8cu8jGPxuuH7WSIKtg8mQR6JE8U2Tlsk2B2LO9Y9_YfpvsWbImxaD_LYovTi0WXMWV6cgQLdSFjY8e9LlGNBlKhn8LkTUGsf9yTmyXLHiauBKYE8OgeIzFO9836GxHUFk-CzOmpQKkCVlzB0-jpewq-t0Vm_HY8fLnOrfYS9k6Ll42B3fXjRe5_9_7V68x9wk8Fku375BgYDtqrrHQC12nOX4Dqt_S8qulMw6psCVI_68y1_GsFjDCJer_iZI3tXcJpstebB3zdHlYtTRcHNMBlbE4pRdaJTZVqoiUKqy3v64UntZEZK2uUP7m3FE455vd77j23WX8yWOPEZ56QiZhzuRVPOQ39bwiqJI049DVLkl_NBofnvg_DMKFjkUXNjPBZkY00UocPQFCjEQbkjiO3e4ttRAE8jgc4WXemfIhoHhabw4BV6FODamPX5ckztI0Fg-9RFKFPZ5abolxYyBtVAdbO4joappp82CPHCMEd9QbsH4wptj6MeornnTaI7pE2GSN1Orm9-Qgp2wuVbhbSwvrT7YpkGt_2I%26adurl%3D
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
af44e015e3927ecac9c5e87f15a0bdb25d1717f8b7fc85be78da49f711131473

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4055
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ Frame 3B5A 		2 KB
566 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter:800
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 11:46:57 GMT
server
ESF
date
Mon, 26 Apr 2021 11:57:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 11:57:42 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9E7E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl2OOzwyMMcrqvJIhlX8nc54PULgAAW7EFp5wpPZSmBULxF-rerP-Zkq_rQJoM; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 26 Apr 2021 11:57:42 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 26-Apr-2021 12:57:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 26 Apr 2021 11:57:42 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 26 Apr 2021 11:57:42 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A1ED 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 26 Apr 2021 11:23:04 GMT
expires
Tue, 26 Apr 2022 11:23:04 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2078
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3B5A 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 17:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67697
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 26 Apr 2021 17:09:25 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3B5A 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 23:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46001
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 26 Apr 2021 23:11:01 GMT
ma1tq3l10cm4
hal9000.redintelligence.net/zone/ Frame 099D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/ma1tq3l10cm4?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCisnetaqGYOzyFaWGjuwP94CtuAq1zfmDV5zfuavlDPAuEAEg2Oq2IGCV-vCBjAfIAQmpAgod8OC3T7Q-qAMBqgTwAU_QL4uqPWqmF2sSoOI-jlqKGPvhrl5NvQ-DTIv01Qq51k9KHlAWQxrkJWhBAfyKp4RC2SCMYkwdRhjsn1-pIJntz1SLAU-TWeETN4ufiYssLlPHwV8sAZTABpKbmyUbHAa_xJHDfgGVEuMXPakgZY4GETRIJ7NYSpkV7y6e9Dp26wjzsoi0UiOppquwWwP2Q2H9uxAQDEEkGRQE4I8guyqp3iCUbIoArYj7DMqpa_ld9ueh69v_Clap7waCQA6x7bD6xXgxMCfgLk52DzJY2YnXCyY-GyFlfEgaXEpmmc8-e23XG27CPZOadln9JJhCEsAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTM1ODk5MTU5NDk3NjQ2gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoq7UdgWg_hRNWLgZhRHxSLA%26sig%3DAOD64_3_Wn6NB4hG0M-AF7jDDG-v3s_kwQ%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-BLA9PxMNcjbATgq5nVHkXd6i-TALvPxYlZ_6u9NSFIc-681qzrJXCFWs3lCPdTMVfA2dhj2NYkiHnh1eqfeyH4w97uuSfiMRDOq5Cqrxd5SYKeq9QVuKGnSKdWhS6oBJ8tDrO78HrLeNK0IIUTO2CX7Ew3RQ%26cry%3D1%26dbm_d%3DAKAmf-BZQyET1n11I-UK2Cgjm6xPOq7GWE8mFhEvDcwptk0k8GmJzmU2AbAM0LVfwfy3p_BgpOZn_9OCg7fmg27yzSusZeJg6ofx9Fjg48OOSP6dTG5jqSuk1hQDj7UKnVU1gXjcgciVgd6kpRAgeGB6pH3PS4LdPjVTE7r8ZhTCfsz5mybo_muAJgllLFbmCaGgJEekJfC51U98-DBFQkcFEVUNGO-Bbd5yklU1LKNnpoHu-dp6Q0uCTwnDIdCZo9vtSNkCPBXufO_I-D4yWTQxDbmC97fWUla_c_-USZLiu8b5ln9Fgy8DJLnJGMBr2mVjPiVJwe8aOD_aD-o3j0CIZ1KHX4iMDAO-SULvBM8Qe4LxCIXtk2EXog5GCchKQBxCUWrvXuMpg0KInJP5uqjxAbLQP3qFXXoAYFuXZtjVFkJg_Qr6kr2xg5rcrz6zcm0Swhonw67O_lHvarfZxz3gSTfG7zTy7HjZhnRY8h8MvEXY-oR3bSZFb7OaD1i0VamClI64fp2JntYCgLVNvDIaPmCaY2xNk9Jm4jcTtpZgGrhkOPtcE6PXj575p2t_3Jl_efH3Y4SbbZaDJNMLfQsUqwsXyoY_K-a52s48bfwfCz8DFTJ-EVI%26adurl%3D
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
867d4eeaf974d04e7844787f286fa04071a02d784f5579e17bf867a8c381d48d

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4052
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
events
prd-collector-anon.ex.co/main/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/aa6b7784-6c11-4b79-917c-5f1bd774afe6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:42 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
548 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 11:20:30 GMT
server
ESF
date
Mon, 26 Apr 2021 11:57:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 11:57:42 GMT
events
prd-collector-anon.ex.co/main/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/aa6b7784-6c11-4b79-917c-5f1bd774afe6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:42 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:b540 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uxu1dKx6LlJTShyUwnH-A8MNGa0Uc6ftZ309G_-PcBZA5zvnETlHpLPodazavG4SLH2uWEOVwch5l9bsL9fxLc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 26 Apr 2021 12:02:42 GMT
truncated
/ 		548 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
902dde5c61e28b2ea557a81ff2d3a2be505654f7a8d74b35c52410f47dc75f66

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		484 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f677418329f1492ff13d5041c5872f1570eda43eaca5d1854a61de27385dab66

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		478 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23727e1fd90dc2bc2566aeef37ee69dd72c888dd8ba8d726f45e843c85eb0d67

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		365 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04b2684e2a85ed8bf65eb0e6a3b4d942ebe82fcec4169bf3b322b9ad06f6565f

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame F063 		335 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:48b::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8f7abefb15bb45806215e2c20e834844820f1db6080071ddaf14289122710243

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UwX8pKC6Dlub7bxu0Lt2m_zthwm8Tth8gY2wR8czcSRnICPufobogANcccEkeuXCE2dCSAIu0MMSRQA5M9C-Fj4-rIDZA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
96803
last-modified
Wed, 21 Apr 2021 06:02:13 GMT
server
UploadServer
etag
"4784a1a0f6335f802e1d435bfeb03274"
vary
Accept-Encoding
x-goog-hash
crc32c=HTEgng==, md5=R4ShoPYzX4AuHUNb/rAydA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1618984933820372
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
96803
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 26 Apr 2021 12:02:42 GMT
track
atrack.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1619438262288&cid=604f799c916b9e0a5a77a356&cou=DE&AV_SUBID=113220&sn=113220&AV_PAGE_LOAD_UID=ce2c9b94-51f8-46f4-ba52-be844200179d&AV_CDIM4=ce2c9b94-51f8-46f4-ba52-be844200179d&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.35.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
events
prd-collector-anon.ex.co/main/ 		0
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/aa6b7784-6c11-4b79-917c-5f1bd774afe6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:42 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
request.php
hal90007.redintelligence.net/ Frame 5F1D
Redirect Chain
  • https://hal90007.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=f5a2a2c6a9&subid=&uid=63e2aa4724610e8a&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90007.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=f5a2a2c6a9&subid=&uid=63e2aa4724610e8a&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=f5a2a2c6a9&subid=&uid=63e2aa4724610e8a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCayOktaqGYOnyFaWGjuwP94CtuAq1zfmDV_zYuavlDPAuEAEg2Oq2IGCV-vCBjAfIAQmpAgod8OC3T7Q-qAMBqgTsAU_Q1e8_BKYiGM9uFFGtua4pmsQnHcbRSXP1-WshbsGrZNADKUC31hZRfSw4mdUQ1zPF813_sZR0vx2eZU5HsxsKlhxsNJ7D3UIJsemQc_5C-Nt9laBaOn2pjuON0AguyhYTqwf6sI3MW99SpJEKSqB3dBJqdsQZwP97FChNoZpeOhYb9VraZiHRScAol_N5ceG7j9SOcREDsLg9cv6GA9sH7q3GragTDjBUBsA6xxy3Cxyl-S0yNgnm_z4m3iDp6ibxRAcigxNK_5TNrmKf9vNgsey4Mc-XzyJ0A14ZwkFyRx21wgDbRd4Ds3jIwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgxMzU4OTkxNTk0OTc2NDaACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASEuRos4oV1an3P-lt-BGYfID0TQ%26sig%3DAOD64_2WCSjIIh8uPs93PdBoMgPCMrI7eA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-BB46uWUl_0trKF8LVopnSmM0YeXHtrOWNcNtK7JYqNrJLyal7iIThW8HAW9Bryq1JcUpA6S83m56JUE51V2sdyPZTy_7G1cdPUdMnSRGc8-r2o6xPFknXrtaPK-0ZubGUEXXT8QAEFlpgMizZYwyVy41W4tA%26cry%3D1%26dbm_d%3DAKAmf-CECLzxUnlXOFbIt0zdaMS7eXCMa7wOu9eNyOC1MglqxHrX7f12NGo_y7l4S7barcY2kmja0G8AZNW8cu8jGPxuuH7WSIKtg8mQR6JE8U2Tlsk2B2LO9Y9_YfpvsWbImxaD_LYovTi0WXMWV6cgQLdSFjY8e9LlGNBlKhn8LkTUGsf9yTmyXLHiauBKYE8OgeIzFO9836GxHUFk-CzOmpQKkCVlzB0-jpewq-t0Vm_HY8fLnOrfYS9k6Ll42B3fXjRe5_9_7V68x9wk8Fku375BgYDtqrrHQC12nOX4Dqt_S8qulMw6psCVI_68y1_GsFjDCJer_iZI3tXcJpstebB3zdHlYtTRcHNMBlbE4pRdaJTZVqoiUKqy3v64UntZEZK2uUP7m3FE455vd77j23WX8yWOPEZ56QiZhzuRVPOQ39bwiqJI049DVLkl_NBofnvg_DMKFjkUXNjPBZkY00UocPQFCjEQbkjiO3e4ttRAE8jgc4WXemfIhoHhabw4BV6FODamPX5ckztI0Fg-9RFKFPZ5abolxYyBtVAdbO4joappp82CPHCMEd9QbsH4wptj6MeornnTaI7pE2GSN1Orm9-Qgp2wuVbhbSwvrT7YpkGt_2I%26adurl%3D&documentReferer=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&ancestorOrigins=https%3A%2F%2Fwww.newser.com&random=2140321860645&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
804c86c1057e0964c143160826c0e6ed5d7d524eeb9c2d46a952fe699c583522

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:42 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
91975200131870100710612011576007
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
894
Expires
Mon, 26 Apr 2021 12:57:42 +0200

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:42 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=f5a2a2c6a9&subid=&uid=63e2aa4724610e8a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCayOktaqGYOnyFaWGjuwP94CtuAq1zfmDV_zYuavlDPAuEAEg2Oq2IGCV-vCBjAfIAQmpAgod8OC3T7Q-qAMBqgTsAU_Q1e8_BKYiGM9uFFGtua4pmsQnHcbRSXP1-WshbsGrZNADKUC31hZRfSw4mdUQ1zPF813_sZR0vx2eZU5HsxsKlhxsNJ7D3UIJsemQc_5C-Nt9laBaOn2pjuON0AguyhYTqwf6sI3MW99SpJEKSqB3dBJqdsQZwP97FChNoZpeOhYb9VraZiHRScAol_N5ceG7j9SOcREDsLg9cv6GA9sH7q3GragTDjBUBsA6xxy3Cxyl-S0yNgnm_z4m3iDp6ibxRAcigxNK_5TNrmKf9vNgsey4Mc-XzyJ0A14ZwkFyRx21wgDbRd4Ds3jIwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgxMzU4OTkxNTk0OTc2NDaACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASEuRos4oV1an3P-lt-BGYfID0TQ%26sig%3DAOD64_2WCSjIIh8uPs93PdBoMgPCMrI7eA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-BB46uWUl_0trKF8LVopnSmM0YeXHtrOWNcNtK7JYqNrJLyal7iIThW8HAW9Bryq1JcUpA6S83m56JUE51V2sdyPZTy_7G1cdPUdMnSRGc8-r2o6xPFknXrtaPK-0ZubGUEXXT8QAEFlpgMizZYwyVy41W4tA%26cry%3D1%26dbm_d%3DAKAmf-CECLzxUnlXOFbIt0zdaMS7eXCMa7wOu9eNyOC1MglqxHrX7f12NGo_y7l4S7barcY2kmja0G8AZNW8cu8jGPxuuH7WSIKtg8mQR6JE8U2Tlsk2B2LO9Y9_YfpvsWbImxaD_LYovTi0WXMWV6cgQLdSFjY8e9LlGNBlKhn8LkTUGsf9yTmyXLHiauBKYE8OgeIzFO9836GxHUFk-CzOmpQKkCVlzB0-jpewq-t0Vm_HY8fLnOrfYS9k6Ll42B3fXjRe5_9_7V68x9wk8Fku375BgYDtqrrHQC12nOX4Dqt_S8qulMw6psCVI_68y1_GsFjDCJer_iZI3tXcJpstebB3zdHlYtTRcHNMBlbE4pRdaJTZVqoiUKqy3v64UntZEZK2uUP7m3FE455vd77j23WX8yWOPEZ56QiZhzuRVPOQ39bwiqJI049DVLkl_NBofnvg_DMKFjkUXNjPBZkY00UocPQFCjEQbkjiO3e4ttRAE8jgc4WXemfIhoHhabw4BV6FODamPX5ckztI0Fg-9RFKFPZ5abolxYyBtVAdbO4joappp82CPHCMEd9QbsH4wptj6MeornnTaI7pE2GSN1Orm9-Qgp2wuVbhbSwvrT7YpkGt_2I%26adurl%3D&documentReferer=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&ancestorOrigins=https%3A%2F%2Fwww.newser.com&random=2140321860645&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Mon, 26 Apr 2021 12:57:42 +0200
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.newser.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
382450
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 22 Apr 2022 01:43:32 GMT
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v3/ Frame 3B5A 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v3/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:800
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 03:36:31 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:31:27 GMT
server
sffe
age
116471
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18116
x-xss-protection
0
expires
Mon, 25 Apr 2022 03:36:31 GMT
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame 89A7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 22:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
50173
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Mon, 25 Apr 2022 22:01:29 GMT
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame B57D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 22:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
50173
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Mon, 25 Apr 2022 22:01:29 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.newser.com&sn=113220&cd4=ce2c9b94-51f8-46f4-ba52-be844200179d&cd5=default&ic=0&tgt=0&app=&wi=416&he=235&test=2&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=604f799c916b9e0a5a77a356&e=inventory&vi=0&cb=1619438262447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.226.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame A1ED 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 22:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
50173
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Mon, 25 Apr 2022 22:01:29 GMT
/
premiumsrv.aniview.com/api/adserver/tag/2/ 		19 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/2/?cou=DE&AV_SUBID=113220&sn=113220&AV_PAGE_LOAD_UID=ce2c9b94-51f8-46f4-ba52-be844200179d&AV_CDIM4=ce2c9b94-51f8-46f4-ba52-be844200179d&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=604f799c916b9e0a5a77a356&format=json&tgt=0&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=2&pce=1&npx=1&AV_DETDOMAIN=www.newser.com&AV_DADPOS=3&v=6.1.1.243&responsive=1&avtoken=262447&AV_WIDTH=416&AV_HEIGHT=235&AV_DNT=0&cb=1619438262470
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.30.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
4cb9a7fce5da9d0d7c7b78e96dcf0b0f8c43d152be4718e0546b2c9110a3b8a5

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.newser.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 14 Apr 2021 22:11:02 GMT
Grover_Logo_Claim-top-White.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame 3B5A 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/Grover_Logo_Claim-top-White.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
805dc2ef7778678ace99530207d0bcda25f70b3c2ae08bca8259c079454eb0a4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
184871
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2144
x-xss-protection
0
last-modified
Fri, 23 Apr 2021 11:57:52 GMT
server
sffe
date
Sat, 24 Apr 2021 08:36:31 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Apr 2022 08:36:31 GMT
sim.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame 3B5A 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/sim.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba2e1fef17c14f30d59cd311adb42f9393ba132e6689fb5784e092a5638606
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
187563
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Fri, 23 Apr 2021 11:57:52 GMT
server
sffe
date
Sat, 24 Apr 2021 07:51:39 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Apr 2022 07:51:39 GMT
phones_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame 3B5A 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/phones_2.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b026d5118326e37e2324456275ac6971462e1c6a8a90213c55bb4a098aa3b4f4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
187563
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48894
x-xss-protection
0
last-modified
Fri, 23 Apr 2021 11:57:52 GMT
server
sffe
date
Sat, 24 Apr 2021 07:51:39 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Apr 2022 07:51:39 GMT
1phones.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame 3B5A 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/1phones.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8deed8d38bdd3b2902629c02ad1eb000b082b2519fb73d31a63d37181cf77fc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
187563
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26884
x-xss-protection
0
last-modified
Fri, 23 Apr 2021 11:57:52 GMT
server
sffe
date
Sat, 24 Apr 2021 07:51:39 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Apr 2022 07:51:39 GMT
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.m3u8
mcd.ex.co/video/upload/sp_hd/v1490095101/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
0390d2d7d2af6cb46729c908b30822550a91c3bc6aa7de77f21f626ce681fb40

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:43 GMT
Status
200 OK
Connection
keep-alive
Content-Length
1078
X-Request-Id
9e709271a728c67ac709a0eb512597eb
X-Served-By
cache-wdc5558-WDC
Last-Modified
Mon, 26 Apr 2021 08:39:09 GMT
Server
cloudinary
X-Timer
S1619426380.389211,VS0,VE1
ETag
"a9a493d0a3ad44a8711e367f5180e57f"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31545761
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
request.php
hal90005.redintelligence.net/ Frame 099D
Redirect Chain
  • https://hal90005.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=d17e81bd0a&subid=&uid=424dd3ca5e371417&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90005.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=d17e81bd0a&subid=&uid=424dd3ca5e371417&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=d17e81bd0a&subid=&uid=424dd3ca5e371417&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCisnetaqGYOzyFaWGjuwP94CtuAq1zfmDV5zfuavlDPAuEAEg2Oq2IGCV-vCBjAfIAQmpAgod8OC3T7Q-qAMBqgTwAU_QL4uqPWqmF2sSoOI-jlqKGPvhrl5NvQ-DTIv01Qq51k9KHlAWQxrkJWhBAfyKp4RC2SCMYkwdRhjsn1-pIJntz1SLAU-TWeETN4ufiYssLlPHwV8sAZTABpKbmyUbHAa_xJHDfgGVEuMXPakgZY4GETRIJ7NYSpkV7y6e9Dp26wjzsoi0UiOppquwWwP2Q2H9uxAQDEEkGRQE4I8guyqp3iCUbIoArYj7DMqpa_ld9ueh69v_Clap7waCQA6x7bD6xXgxMCfgLk52DzJY2YnXCyY-GyFlfEgaXEpmmc8-e23XG27CPZOadln9JJhCEsAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTM1ODk5MTU5NDk3NjQ2gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoq7UdgWg_hRNWLgZhRHxSLA%26sig%3DAOD64_3_Wn6NB4hG0M-AF7jDDG-v3s_kwQ%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-BLA9PxMNcjbATgq5nVHkXd6i-TALvPxYlZ_6u9NSFIc-681qzrJXCFWs3lCPdTMVfA2dhj2NYkiHnh1eqfeyH4w97uuSfiMRDOq5Cqrxd5SYKeq9QVuKGnSKdWhS6oBJ8tDrO78HrLeNK0IIUTO2CX7Ew3RQ%26cry%3D1%26dbm_d%3DAKAmf-BZQyET1n11I-UK2Cgjm6xPOq7GWE8mFhEvDcwptk0k8GmJzmU2AbAM0LVfwfy3p_BgpOZn_9OCg7fmg27yzSusZeJg6ofx9Fjg48OOSP6dTG5jqSuk1hQDj7UKnVU1gXjcgciVgd6kpRAgeGB6pH3PS4LdPjVTE7r8ZhTCfsz5mybo_muAJgllLFbmCaGgJEekJfC51U98-DBFQkcFEVUNGO-Bbd5yklU1LKNnpoHu-dp6Q0uCTwnDIdCZo9vtSNkCPBXufO_I-D4yWTQxDbmC97fWUla_c_-USZLiu8b5ln9Fgy8DJLnJGMBr2mVjPiVJwe8aOD_aD-o3j0CIZ1KHX4iMDAO-SULvBM8Qe4LxCIXtk2EXog5GCchKQBxCUWrvXuMpg0KInJP5uqjxAbLQP3qFXXoAYFuXZtjVFkJg_Qr6kr2xg5rcrz6zcm0Swhonw67O_lHvarfZxz3gSTfG7zTy7HjZhnRY8h8MvEXY-oR3bSZFb7OaD1i0VamClI64fp2JntYCgLVNvDIaPmCaY2xNk9Jm4jcTtpZgGrhkOPtcE6PXj575p2t_3Jl_efH3Y4SbbZaDJNMLfQsUqwsXyoY_K-a52s48bfwfCz8DFTJ-EVI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&ancestorOrigins=https%3A%2F%2Fwww.newser.com&random=4520319804249&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7910b9e6eb6ba05dc7cd8be541c36c2d236d6f0af0ba14a900e67eeacd4c674b

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:45 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
42806000100536000710624011576005
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
889
Expires
Mon, 26 Apr 2021 12:57:45 +0200

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:45 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=d17e81bd0a&subid=&uid=424dd3ca5e371417&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCisnetaqGYOzyFaWGjuwP94CtuAq1zfmDV5zfuavlDPAuEAEg2Oq2IGCV-vCBjAfIAQmpAgod8OC3T7Q-qAMBqgTwAU_QL4uqPWqmF2sSoOI-jlqKGPvhrl5NvQ-DTIv01Qq51k9KHlAWQxrkJWhBAfyKp4RC2SCMYkwdRhjsn1-pIJntz1SLAU-TWeETN4ufiYssLlPHwV8sAZTABpKbmyUbHAa_xJHDfgGVEuMXPakgZY4GETRIJ7NYSpkV7y6e9Dp26wjzsoi0UiOppquwWwP2Q2H9uxAQDEEkGRQE4I8guyqp3iCUbIoArYj7DMqpa_ld9ueh69v_Clap7waCQA6x7bD6xXgxMCfgLk52DzJY2YnXCyY-GyFlfEgaXEpmmc8-e23XG27CPZOadln9JJhCEsAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTM1ODk5MTU5NDk3NjQ2gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoq7UdgWg_hRNWLgZhRHxSLA%26sig%3DAOD64_3_Wn6NB4hG0M-AF7jDDG-v3s_kwQ%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-BLA9PxMNcjbATgq5nVHkXd6i-TALvPxYlZ_6u9NSFIc-681qzrJXCFWs3lCPdTMVfA2dhj2NYkiHnh1eqfeyH4w97uuSfiMRDOq5Cqrxd5SYKeq9QVuKGnSKdWhS6oBJ8tDrO78HrLeNK0IIUTO2CX7Ew3RQ%26cry%3D1%26dbm_d%3DAKAmf-BZQyET1n11I-UK2Cgjm6xPOq7GWE8mFhEvDcwptk0k8GmJzmU2AbAM0LVfwfy3p_BgpOZn_9OCg7fmg27yzSusZeJg6ofx9Fjg48OOSP6dTG5jqSuk1hQDj7UKnVU1gXjcgciVgd6kpRAgeGB6pH3PS4LdPjVTE7r8ZhTCfsz5mybo_muAJgllLFbmCaGgJEekJfC51U98-DBFQkcFEVUNGO-Bbd5yklU1LKNnpoHu-dp6Q0uCTwnDIdCZo9vtSNkCPBXufO_I-D4yWTQxDbmC97fWUla_c_-USZLiu8b5ln9Fgy8DJLnJGMBr2mVjPiVJwe8aOD_aD-o3j0CIZ1KHX4iMDAO-SULvBM8Qe4LxCIXtk2EXog5GCchKQBxCUWrvXuMpg0KInJP5uqjxAbLQP3qFXXoAYFuXZtjVFkJg_Qr6kr2xg5rcrz6zcm0Swhonw67O_lHvarfZxz3gSTfG7zTy7HjZhnRY8h8MvEXY-oR3bSZFb7OaD1i0VamClI64fp2JntYCgLVNvDIaPmCaY2xNk9Jm4jcTtpZgGrhkOPtcE6PXj575p2t_3Jl_efH3Y4SbbZaDJNMLfQsUqwsXyoY_K-a52s48bfwfCz8DFTJ-EVI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&ancestorOrigins=https%3A%2F%2Fwww.newser.com&random=4520319804249&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Mon, 26 Apr 2021 12:57:45 +0200
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042001&jk=764541358020753&bg=!AgGlAUXNAAZUuIlwVLg7ACkAdvg8Wp3-kV9J7ll54aVA5X38cuaCmBRm9dj7iH49tIKKffVlfH5qQgIAAACVUgAAABBoAQcKAPgETBRChlgYP_LoNCIgRL99aN61XNd4GDgw9e0vNOXVD3woO95SIL9uoR8B-_VvNrNJeR5zx_ggP5QIeSQS4zUhHEUApkSAEORA_iQ-PzyzofDtbEMWEEcNs9aU66eKlqEcnB88YdwLYHMwVj-G3voxmfsSR_Z31ZH-2UkE9QKOv_LKkMXJk7HX-UN3w9DuWPo1h7wvWiaHrkmI8r9RYpaqRJEVojre7Pzbyt6yF1xa_FqYf_hm2FTqxo9Xgd3yLk_2j5sUhUiINarr5LyDoh6NSKMn52FcM6Hnz_JexxP-C-vPAclLtYbRw5lzBzbVviWf-o7Nwl-HQpkCDslrFp_NYA3dXQkzn08WKYVfWhQDqdkTrqzlLPP1Lr5k9HWBFUQ-OsgR4BOw4nq8jUOVR7GJvHeZU_uWoC82Qe53YMGAUnMUpEWDHdkGI_wWkSGqLpPBe_UiXwkg3t0nI-B7o6c6a6udrN76RZTtA4pXRn5lam1hFKtIHue_yH4y4dwk2YqXPn6s2wM0-YGb_FnFthYjmTpW3qXYSIM16rlB-ESk1B5aAD52Yhj-quxt5SI3NKscmYSjdlCUtJHYUptdgjb3ZU7An-Ux1IaW0-NlFSkCPueWBNkCBkbf32CxOmGHxLZfbHmsBlgXQ-qsbYQveBqaRp3EWX3QapV2EQGEkOGEehn824tKARlefW9m9FC-PyluHauyywwgUNKLVWF4VFmA7MHVT-VaRwrS60EVY1gnuvPZTo95sH7UCDl69CW8hoKWtMvehq5IgI0x8T1N53_2DX-BWK8dtzU6u5eydMHTN8yFUWX4MJFGmxVaRHW_qPEqHEyHNnXJgfQLmed9tWgNM_6xFW1eBx39qAM7rvgLNsVOoIrdY28d-V6TghjZ5iYyTr8_tIyUEn_IE1TQQtA9V0GwFYyGA7a1Nkj9El9bBC--aaU6uaEABtFvEK6ZGiXcS2f491IbNpD13eJsNF9yFpCgSx2kFOqSpH3bEyhC7P7lhzGpN7ZLpxrUxJ1Vns5Q2hUQekqXOjE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A1ED 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtXVttqqGYLjWAZqu7gP7iqSQDgAAAAA4AeAEAg&bg=!jI-lj8vNAAZUuIlwVLg7ACkAdvg8Wux2RyQE2D_gWKvs3QR-nBamr6ztvaHKXGHuICNQH1ZMS3483gIAAACHUgAAAA9oAQeZAmV_2PFDp2jFvyFYgABsAvZjdJTyW1d80hx6ga37Jx4v-YvKE1_VKFI3QNah7Zsx0uBpIF6d4t25mJETx57_HF0n-xQLFJbzieJprApTD_w20Zqcvs_l4rBbAGSywdg_va93OOcFfZs8xjZV1Gen7JU3WXpRogdAHzGE9FIlwgi8a3ahbRxA8HHYtEGX1p4v7JR3sGOwt10_DTfRclJmuqxEIsw7QMqy5KT-VEjDqAckpxDbOiZULH5-rLgjpbp7fDYpCHH0-44dGTBs2Ul1moz9Fmg-U05aC-vcE6BRkiCi0F8zbVMDvGRrvp7vfih87FzPSYtfqSYrh7HhHqIJgH80gueFtVeq3NjGoQVHEXnBImX-b2WxSAdkjc7z44TQR7gYak162wln6ndVdPyX3D7JDpQIQt1u4EzmQjAw8rrWpENo3ibFrftM7u-WGMeBcj04AVMy7SqMgAHG4DrcI_6u3UPI0T4RVxl4tvrJxi5FBAW6UtG-u212ziWs4e6Qc3sIRL8Apo7MDUa4plFvvdY17nYvqJn0NVPKX98jU95_45M_ePbZx3d0zEN7sdb2eIe1rlQgp3e5SO4MxHAaD14dCU4BPHWl7PCXWeE1TCi4QUul16s6o0FTwXXzH1UdiNdLtpMhX74ibzuq7tNJTT1wnVq3PypJSNOvT1h9geyr7lvynwhqlUsdziA-KXV2rIL8ByJsmXax-v5QUJAhLLFpflINAQV90ABCR6yYoZG6YULcGapsEYEg3bNxKycl4q22deliTGxIKF2VhXnZBcA4pljAXIP7PnqCq0PPUAk83_8mpjG5
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B57D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFN6ptaqGYImdPJyI9u8Pm8a3sAYAAAAAOAHgBAI&bg=!_P-l_7vNAAZUuIlwVLg7ACkAdvg8WoKy2d_Gk03KR7fJTmuTFJy8dmUCTxOJHn6fvUfRNeIBnlJjRAIAAACtUgAAAA1oAQcKAKcus4h918tTdQUaSNKrvCNx4Y7AxRO0yflpjtobog2EwOR5ezkxYjWIVyPl0h1l4ljNQExzvKq_eeGwzajckqtkWWGB9XP-hi-wfxwbKdFplUcRh4gqRZU8AJvOP-iSh-xzMzKPe9JC-muAVQ4drZDbvlgXAO2fxHO94wjroQXWJE4Gkn8HLxIYKMz9A1_JPmvuF_BQRK5MshvhFbgeYaIv4flfYEpYp5kCYqyuKDkKdfmavbbsfB2ougc9_taBaNJQQGaPNoD_7x1mBwV-0V9HZpp3pFJuJ1bGdEN7W-pC-2vk1AFvMB310TFzBSMw12AAwFOIAxX1dd4bTTh2MZMsqQnuYbEt_G9ByjV8i5sc1Aw4Jy0ljqtg-s9k9U4Xq0eHMvvgB_G03dIfi8QnD6lRuFKb78FOlLpGJJm6uvGF6YOw9I3zzhOsFILIN4oz8_4QOPa2wXQyfqC7PpkKfFvfBYp3tGEPLQTFW5_fqqS6SU1jGD5wkAHC_9wjJIQsMC8qSHgw0pZv_fpfC_xE_wUREzskwAEFnUmr2_op9dH4JNLyl-Ej23GSdEZnKdXV_K3HVSh6qgw5WKuCU54zRuRXq7VVN_JIHh6z6QSkKgNGNeH60DZAuxwli53LagSN2ba3nOsBdWHHsqPO0xMVnZyq5NHqwEZPRnvAQK5baD476kH_U4h-h4uI-GYQh8e_49fO7D8qEYQGry8vrOMA-debH7h6t2goUxlFw_mvw78XSSx6P6hhlS547TYAsZboMZY_6Gl2mN-BTPLZy8eaQMHV5hRQ6vAe5Ru-iyF9yDCGvluUKe84zTAtjqRr-UHtawK88aWt-4bRT3lRGXVy6UyOPw3uA6X8V6N-n5mzGBFIk1fLIVjfYsyTcZrgnNcMmpTTGmuBpBwqlu4qs_xnLgiMf730LB1lxmkl5dkzgmJ7ANDYE6kfdfFOteMf35sdv7ROia6Ysj0JQ10lrzqGF6bxE048IaGUlawyf5NQ4sz0Cy_dmtlGPg9UZRYpsdpzkJhBmdqlshXCv8fcTBU
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CNGWntPtm_ACFZ3Fuwgd2tMJDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3012593838778.41
5994599.fls.doubleclick.net/ Frame 175E
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3012593838778.41?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGWntPtm_ACFZ3Fuwgd2tMJDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3012593838778.41?
390 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGWntPtm_ACFZ3Fuwgd2tMJDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3012593838778.41?
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
db36c9ab0f6aec2b674e58cd8bf40af54551d50eaac901c49dc8e005fcc4d3de
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5994599.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CNGWntPtm_ACFZ3Fuwgd2tMJDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3012593838778.41?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl2OOzwyMMcrqvJIhlX8nc54PULgAAW7EFp5wpPZSmBULxF-rerP-Zkq_rQJoM; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 26 Apr 2021 11:57:43 GMT
expires
Mon, 26 Apr 2021 11:57:43 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 26 Apr 2021 11:57:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGWntPtm_ACFZ3Fuwgd2tMJDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3012593838778.41?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal90007.redintelligence.net/ Frame B8E7 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/request_content.php?s=91975200131870100710612011576007&a=3e2749d2
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
d7876d89ace0b3db7a3c0f5664b4487258b28e5e99a6a3a04cac748afdb77860

Request headers

Host
hal90007.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=97b3435d74baf9cc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/

Response headers

Date
Mon, 26 Apr 2021 11:57:43 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 26 Apr 2021 12:57:43 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1332
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C2B8 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 26 Apr 2021 06:38:34 GMT
expires
Tue, 27 Apr 2021 06:38:34 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
19148
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5F1D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8264b655bc4bf20d9612196a2c14dc94a4f7999e6a60fb60a312efd205d2d8fe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame C2B8 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGHPGgPrYPhy0bnJTsQPjOU&google_cver=1&google_push=AQvitUK3LMdbzkOqpm2fS_Ky8P0Oy_Xs0eRBDinQpGGQLhpGHMCyp0vFwFZYu2KzOIAEbKlZljm7IY-Fx8JgS93UPQon1m9veWA
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame C2B8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENRgWNt5VJKps8jsrB2pHAE&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENRgWNt5VJKps8jsrB2pHAE&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TWJuVHNyY0oxTEFaUlk1&google_gid=CAESENRgWNt5VJKps8jsrB2pHAE&google_cver=1&google_push=AQvitUL9hj1XBtgFEi32CyxiDaJFZs8v13bvzzYqRYCXrBm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TWJuVHNyY0oxTEFaUlk1&google_gid=CAESENRgWNt5VJKps8jsrB2pHAE&google_cver=1&google_push=AQvitUL9hj1XBtgFEi32CyxiDaJFZs8v13bvzzYqRYCXrBm9eGvzZOzpDVNECxKru0sayio_usxSiutQKTfoM0Ht5pRhrMoxpQo
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:42 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-080424a23a22eec76@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TWJuVHNyY0oxTEFaUlk1&google_gid=CAESENRgWNt5VJKps8jsrB2pHAE&google_cver=1&google_push=AQvitUL9hj1XBtgFEi32CyxiDaJFZs8v13bvzzYqRYCXrBm9eGvzZOzpDVNECxKru0sayio_usxSiutQKTfoM0Ht5pRhrMoxpQo
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame C2B8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFv-0-NLvDlhkW4Y1Q5mnL0&google_cver=1&google_push=AQvitUJQII9F89WFbaFrrj69KhaUkYhcnl6BsM4dsn6ZPt2pi8QX9LbJcJxam99eAH0OeXakSGdzmMUpEPH-S8NEDqEbKafntoZJ&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFv-0-NLvDlhkW4Y1Q5mnL0&google_cver=1&google_push=AQvitUJQII9F89WFbaFrrj69KhaUkYhcnl6BsM4dsn6ZPt2pi8QX9LbJcJxam99eAH0OeXakSGdzmMUpEPH-S8NEDqEbKafntoZ...
43 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFv-0-NLvDlhkW4Y1Q5mnL0&google_cver=1&google_push=AQvitUJQII9F89WFbaFrrj69KhaUkYhcnl6BsM4dsn6ZPt2pi8QX9LbJcJxam99eAH0OeXakSGdzmMUpEPH-S8NEDqEbKafntoZJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUJQII9F89WFbaFrrj69KhaUkYhcnl6BsM4dsn6ZPt2pi8QX9LbJcJxam99eAH0OeXakSGdzmMUpEPH-S8NEDqEbKafntoZJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:43 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
645fa297b9482b16-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
09afa3f2d200002b163d3c5000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
41
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
645fa296af4f2b16-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFv-0-NLvDlhkW4Y1Q5mnL0&google_cver=1&google_push=AQvitUJQII9F89WFbaFrrj69KhaUkYhcnl6BsM4dsn6ZPt2pi8QX9LbJcJxam99eAH0OeXakSGdzmMUpEPH-S8NEDqEbKafntoZJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUJQII9F89WFbaFrrj69KhaUkYhcnl6BsM4dsn6ZPt2pi8QX9LbJcJxam99eAH0OeXakSGdzmMUpEPH-S8NEDqEbKafntoZJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09afa3f22900002b1625a77000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C2B8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMyxMJIilkhxPTWSvJPWzvY&google_cver=1&google_push=AQvitUKx_4ElU2gG4LltShOr1DjZZMiI9WmOWTheP3IbsfjtSet4JULJLJ-VCwOjoCQ8I01KAF4brRrg3hz_1NP1fqQPAjg...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUKx_4ElU2gG4LltShOr1DjZZMiI9WmOWTheP3IbsfjtSet4JULJLJ-VCwOjoCQ8I01KAF4brRrg3hz_1NP1fqQPAjgo_j0&google_hm=Njc4MTMyNjIxNDEyNDQ4Mzc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUKx_4ElU2gG4LltShOr1DjZZMiI9WmOWTheP3IbsfjtSet4JULJLJ-VCwOjoCQ8I01KAF4brRrg3hz_1NP1fqQPAjgo_j0&google_hm=Njc4MTMyNjIxNDEyNDQ4MzcwNA%3D%3D
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 26 Apr 2021 11:57:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUKx_4ElU2gG4LltShOr1DjZZMiI9WmOWTheP3IbsfjtSet4JULJLJ-VCwOjoCQ8I01KAF4brRrg3hz_1NP1fqQPAjgo_j0&google_hm=Njc4MTMyNjIxNDEyNDQ4MzcwNA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame C2B8 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEHlx1_dxNITZaGDX0CO5Pe8&google_cver=1&google_push=AQvitULFHmW5QyXEFtRsUeR2YfHE0a6s6mhPjmYvi50rzb-F0VxSAG3ScFj490JsXEKausvoEDLJtY4JJnUpDmi9lMMZ1nIRHHfS
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 27 Apr 2021 11:57:42 GMT
pixel
cm.g.doubleclick.net/ Frame C2B8
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8xexexL4Q_ePyrzaojmCnw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8xexexL4Q_ePyrzaojmCnw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJ4aqEsvbAszSIZRlp5Grkl5Nejb7ye_tY75kJu4Fih6LuyT_cCDGEXpte6euhGXeuKV80HW7RwkNtW5pSSHyqCRlxW-Nt_
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8xexexL4Q_ePyrzaojmCnw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJ4aqEsvbAszSIZRlp5Grkl5Nejb7ye_tY75kJu4Fih6LuyT_cCDGEXpte6euhGXeuKV80HW7RwkNtW5pSSHyqCRlxW-Nt_
Date
Mon, 26 Apr 2021 11:57:41 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C2B8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIlmz_GtbvnkW_TTlhmjJmg&google_cver=1&google_push=AQvitULuCSTZyRemgNya3BYKMRoCAmME6dOnQt07C3nNhFVfGYctftZkYSvKuTJJaWRYpp0xhBE...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSlE2UlUtMUMtRFo2Rw==&google_push=AQvitULuCSTZyRemgNya3BYKMRoCAmME6dOnQt07C3nNhFVfGYctftZkYSvKuTJJaWRYpp0xhBEUsRFlFKfSUDWlnE1i2q4lltl4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSlE2UlUtMUMtRFo2Rw==&google_push=AQvitULuCSTZyRemgNya3BYKMRoCAmME6dOnQt07C3nNhFVfGYctftZkYSvKuTJJaWRYpp0xhBEUsRFlFKfSUDWlnE1i2q4lltl4
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSlE2UlUtMUMtRFo2Rw==&google_push=AQvitULuCSTZyRemgNya3BYKMRoCAmME6dOnQt07C3nNhFVfGYctftZkYSvKuTJJaWRYpp0xhBEUsRFlFKfSUDWlnE1i2q4lltl4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame C2B8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IebvzQ3Uo0hfQBoupMz4_i-m7sRmVq6_IETSLIlm_HFbtvwIRIqjj9wasV2qO_pdY8Gxdc
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sync
pixel.advertising.com/ups/58195/ Frame 7036 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.153.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-153-186.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.advertising.com
:scheme
https
:path
/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

date
Mon, 26 Apr 2021 11:57:43 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security
max-age=31536000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C4B8 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D1%26key%3D
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=59282
Expires
Tue, 27 Apr 2021 04:25:47 GMT
Date
Mon, 26 Apr 2021 11:57:45 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set usermatch
ssum.casalemedia.com/ Frame 6E77 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D42%26key%3D
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1909dc22083cbd058681c3fd768eaabf2db9e32b6966cb43b94f39144754fd31

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YIaqtkhDhduXm5VvvJe51gAA; CMPS=3274; CMPRO=1102; CMST=YIaqtmCGqrYA; CMRUM3=2d6086aab62760CAESEDRijdQd-vYBLSarRW3tQLQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|39|73|64|51|47|13
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1772
Expires
Mon, 26 Apr 2021 11:57:46 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:46 GMT
Connection
keep-alive
Set-Cookie
CMID=YIaqtkhDhduXm5VvvJe51gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 26 Apr 2022 11:57:46 GMT CMPS=3274;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Jul 2021 11:57:46 GMT CMPRO=1102;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Jul 2021 11:57:46 GMT CMRUM3=2f6086aaba05a0&e66086aaba27600&406086aaba05a0&336086aaba05a0&276086aaba0b40&f16086aaba05a0&496086aaba05a00&0d6086aaba05a0&2d6086aab62760CAESEDRijdQd-vYBLSarRW3tQLQ;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 26 Apr 2022 11:57:46 GMT CMST=YIaqtmCGqroA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 27 Apr 2021 11:57:46 GMT
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame B91D 		0
0
ac
www9.smartadserver.com/ 		0
0
ac
www9.smartadserver.com/ 		0
0
ac
www9.smartadserver.com/ 		0
0
avpb3.js
player.aniview.com/script/6.1/ Frame F063 		265 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:48b::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
f552246407a4f8b34a08fc42783296a8579d8f934081a0086cf37d051f334d6d

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzA7CrwF8sSzYBT4PYrX9KBj608I9g_GwC-nyc0kQBnFwMaCe3p1rgMawww85lqLeyQBpWBp6LT-88CZgmyn-M
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
85397
last-modified
Wed, 21 Apr 2021 06:01:48 GMT
server
UploadServer
etag
"b80011497556c9d2e7a91056588d67c1"
vary
Accept-Encoding
x-goog-hash
crc32c=dVs1tg==, md5=uAARSXVWydLnqRBWWI1nwQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1618984908608984
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
85397
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 26 Apr 2021 12:02:42 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.newser.com&rs=www.newser.com&sid=74171&t=1619438262&cip=89.249.64.203&sn=113220&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=416&he=235&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=2&aafaid=&proto=https&uid=1619438262743-995581060291-020940-015-005965&cha=0.7&cb=73252675030&cd4=ce2c9b94-51f8-46f4-ba52-be844200179d&cd5=default&d9=1000&AV_WIDTH=416&AV_HEIGHT=235&nid=56ea678d181f46c76f8b45fb&ncid=604f799c916b9e0a5a77a356&e=request&cb=1619438262848&asid=5c18de8b073ef432d306911b%2C5fd1f2cc9772f87a350a855b%2C60254eaaea2c62223814f756%2C5ee3d57071193a26344a4076%2C5eef7f575bd96c62a62226b9%2C5b1d079c073ef4676d0569ca%2C5c18de8528a061035b671e18%2C5eae8e6f8ba53f19af36ed1c%2C604f799a88cd2d40eb1059b6&ofpr=%2C1.5%2C1%2C%2C2%2C%2C%2C1%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.226.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
v1
prg.smartadserver.com/prebid/ 		809 B
922 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
c63e90138b24de4b2b8ec2f251dba851c5539836755e602b5b738d12d9ec918a

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.newser.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ 		809 B
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
59915f0c49acb532a732c5b2c1ce70aa6cad370f1536944d0df12d59a85968c9

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:42 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.newser.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
tag
playbuzzmm.ads.tremorhub.com/ad/ 		55 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playbuzzmm.ads.tremorhub.com/ad/tag?adCode=g9rc5-3scjl&playerWidth=416&playerHeight=235&srcPageUrl=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&supplyCode=PlaybuzzMM&mediaId=VideoId&schain=1.0,1!playbuzz.com,0010J00001qMZJwQAO,1,47bb13dd9f9e5891024915b16a39d337_172315822,Rev%20Content,heavy.com&transactionId=1733eda0-c874-49b4-a190-0758f68630f7&floor=USD:2&referrer=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&hb=1&fmt=json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:681:3bdd:ce03:aa95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
d53f9894af2c23043907256a4ac6fb36cf2147ae62303261092284cec575311c

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:43 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.newser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
activeview
pagead2.googlesyndication.com/pcs/ Frame DD36 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjJ366kIKJI8Uv-dVj7UnXRTvJQoQJg-0VSm2Rbz4BTpMRtl9XIOu_Ia9oEPy2b98YAnrQrtulbcBQLiv-HhWU1DykGSTgwRF-3subUkgojyHbdGxEAj-aV-pGtw&sai=AMfl-YSWtxCFGKTinAyjDhIdZ-109t6-aoA7ElaJbtE21kR9csiCLgYKbcxvpMZYlujXx3lAkZ_b978eRT3OaMekhr438-7n7L5RlzPcRXKLbAckR8vIOfgqwAbWEzzL&sig=Cg0ArKJSzPJGHMk6-VCXEAE&cid=CAASF-RoUSlKqbIEvDeTBEFdlNDwL0kRb3CX&id=lidar2&mcvt=1000&p=296,987,546,1287&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=815455304&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619438261887&dlt=8&rpt=236&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CNGWntPtm_ACFZ3Fuwgd2tMJDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3012593838778.41
adservice.google.com/ddm/fls/z/ Frame 175E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNGWntPtm_ACFZ3Fuwgd2tMJDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3012593838778.41
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNGWntPtm_ACFZ3Fuwgd2tMJDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3012593838778.41?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
728x90_OMAC_2016_Launch%20(4).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame B8E7 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/advertiser/32995/creativesup/728x90_OMAC_2016_Launch%20(4).jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=91975200131870100710612011576007&a=3e2749d2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d

Request headers

Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:43 GMT
Last-Modified
Mon, 20 Jun 2016 09:28:47 GMT
Server
nginx
ETag
"5767b74f-af88"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
44936
viewability
hal90007.redintelligence.net/ Frame B8E7 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/viewability?s=91975200131870100710612011576007&a=340e6bf1&vb=m
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=91975200131870100710612011576007&a=3e2749d2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal90007.redintelligence.net/request_content.php?s=91975200131870100710612011576007&a=3e2749d2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame B8E7 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1619426305/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
7d720c3f8b613cd0d3c39fa3d1a869527094736e439755aa1d8961e770357484

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:43 GMT
Last-Modified
Mon, 26 Apr 2021 08:38:34 GMT
Server
cloudinary
X-Timer
S1619426381.017666,VS0,VE31
ETag
"b3bb7436c2779355cc39d9eed4717992"
X-Served-By
cache-wdc5558-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31545600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1225
X-Cache-Hits
0
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1619426305/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Protocol
HTTP/1.1
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 26 Apr 2021 11:57:43 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1619426305/ 		81 KB
82 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
f8546a1e7fae1c181f72a2729edd8594597c16114304fffd29678397639628b9

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-83095

Response headers

Date
Mon, 26 Apr 2021 11:57:43 GMT
Content-Range
bytes 0-83095/1071224
Connection
keep-alive
Content-Length
83096
X-Served-By
cache-wdc5558-WDC
Last-Modified
Mon, 26 Apr 2021 08:38:34 GMT
Server
cloudinary
X-Timer
S1619426382.612108,VS0,VE32
ETag
"c92bba538ac0d21c671eff4eb7297b96"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31545720
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
e90d5db9-5deb-46f3-9494-e8a4ab568773
https://www.newser.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.newser.com/e90d5db9-5deb-46f3-9494-e8a4ab568773
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
0f1147339ebb2d5167f1aa14e3152ffd7b9bf1652bb763dfd24fb25fb9a8df3c

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:43 GMT
Last-Modified
Mon, 26 Apr 2021 08:38:42 GMT
Server
cloudinary
X-Timer
S1619426911.515461,VS0,VE1
ETag
"54559ecc2baf53cda01cb4b610c32116"
X-Served-By
cache-wdc5530-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31546306
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1234
X-Cache-Hits
1
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Protocol
HTTP/1.1
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 26 Apr 2021 11:57:43 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ 		200 KB
200 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
303d58af9bd5a06f3252faf47c310f07bea55900b613d634bd7da959b346777c

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-204355

Response headers

Date
Mon, 26 Apr 2021 11:57:43 GMT
Content-Range
bytes 0-204355/2740100
Connection
keep-alive
Content-Length
204356
X-Served-By
cache-wdc5533-WDC
Last-Modified
Mon, 26 Apr 2021 08:38:42 GMT
Server
cloudinary
X-Timer
S1619426911.898593,VS0,VE0
ETag
"97cad35a7a28ed00268c809bdbc4a6b0"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31546127
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
activeview
pagead2.googlesyndication.com/pcs/ Frame 5F1D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-9fMTQ1eWv1Pj5LvYjXSacQZvrlAk5jlYCAmHS5A10L1cnBcze_bS2uqEj0iHUCyNLGBT25hogxBMHP6S4JblSnQ-qS13X-Nvc5qmAKLMEitf&sai=AMfl-YQZgHWP4QtlE_ywtYbWDUs5iOXrzkHGRQuwbDUdmaEoRx7WlY8RQtF75st4xjMZLBeyFZPTe9wpmkrSvoLmfKZj98EMI_TN1IYy4hmHZaFQ2BMso2QlAdxexLgT&sig=Cg0ArKJSzIEzznV04PttEAE&cid=CAASEuRos4oV1an3P-lt-BGYfID0TQ&id=lidar2&mcvt=1000&p=55,561,149,1289&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1569744204&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619438261802&dlt=89&rpt=996&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Protocol
HTTP/1.1
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 26 Apr 2021 11:57:43 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ 		304 KB
304 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
f4a049af35ab4a5bc619d2848719127e1a19033ddbd1a6fabc9927ff0a9ce2e3

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=204356-515495

Response headers

Date
Mon, 26 Apr 2021 11:57:43 GMT
Content-Range
bytes 204356-515495/2740100
Connection
keep-alive
Content-Length
311140
X-Served-By
cache-wdc5533-WDC
Last-Modified
Mon, 26 Apr 2021 08:38:42 GMT
Server
cloudinary
X-Timer
S1619426911.898593,VS0,VE0
ETag
"97cad35a7a28ed00268c809bdbc4a6b0"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31546127
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
truncated
/ 		554 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
452d1771c6e4f4a4981f681d311aabb02f3b79661e4b3688293506891c4549ad

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		484 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f677418329f1492ff13d5041c5872f1570eda43eaca5d1854a61de27385dab66

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		478 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23727e1fd90dc2bc2566aeef37ee69dd72c888dd8ba8d726f45e843c85eb0d67

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
prd-collector-anon.ex.co/main/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/aa6b7784-6c11-4b79-917c-5f1bd774afe6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Mon, 26 Apr 2021 11:57:43 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ 		243 KB
244 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
8d7724c42432de12e8bef80bc5b3b025e434dd4b4ba8ee05f968bbb279165887

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=515496-764783

Response headers

Date
Mon, 26 Apr 2021 11:57:43 GMT
Content-Range
bytes 515496-764783/2740100
Connection
keep-alive
Content-Length
249288
X-Served-By
cache-wdc5533-WDC
Last-Modified
Mon, 26 Apr 2021 08:38:42 GMT
Server
cloudinary
X-Timer
S1619426911.898593,VS0,VE0
ETag
"97cad35a7a28ed00268c809bdbc4a6b0"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31546127
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Protocol
HTTP/1.1
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 26 Apr 2021 11:57:43 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ 		296 KB
296 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
0ca65819fa6e63cb416b262899e69957f638d41702075bd48fe35a878dcf9a09

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=764784-1067463

Response headers

Date
Mon, 26 Apr 2021 11:57:44 GMT
Content-Range
bytes 764784-1067463/2740100
Connection
keep-alive
Content-Length
302680
X-Served-By
cache-wdc5533-WDC
Last-Modified
Mon, 26 Apr 2021 08:38:42 GMT
Server
cloudinary
X-Timer
S1619426911.898593,VS0,VE0
ETag
"97cad35a7a28ed00268c809bdbc4a6b0"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31546126
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Protocol
HTTP/1.1
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 26 Apr 2021 11:57:44 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Protocol
HTTP/1.1
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 26 Apr 2021 11:57:44 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ 		271 KB
272 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
f77d8ef7d87546e709eafa95a707f6c03e20f7fe44f3d12b01ddbd9915b2b915

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1067464-1345139

Response headers

Date
Mon, 26 Apr 2021 11:57:44 GMT
Content-Range
bytes 1067464-1345139/2740100
Connection
keep-alive
Content-Length
277676
X-Served-By
cache-wdc5533-WDC
Last-Modified
Mon, 26 Apr 2021 08:38:42 GMT
Server
cloudinary
X-Timer
S1619426911.898593,VS0,VE0
ETag
"97cad35a7a28ed00268c809bdbc4a6b0"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31546126
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9A78 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=F317B17B-12F8-43F7-8FCA-BCDAA239829F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=63936
Expires
Tue, 27 Apr 2021 05:43:21 GMT
Date
Mon, 26 Apr 2021 11:57:45 GMT
Connection
keep-alive
Vary
Accept-Encoding
CookieSyncV.html
csync.smartadserver.com/diff/rtb/csync/ Frame 7D1C 		1018 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3039&dcid=4&iscname=false&cname=
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486

Request headers

Host
csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"f7993322e8eb79ecae2b39841d5f82cc:1617179570.110025"
Last-Modified
Wed, 31 Mar 2021 08:31:34 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=3600
Date
Mon, 26 Apr 2021 11:57:44 GMT
Content-Length
445
Connection
keep-alive
CookieSyncV.html
csync.smartadserver.com/diff/rtb/csync/ 		0
0
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ 		258 KB
258 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
59f0b33d7356877f42b0618402da05032b4681f8b6c6c6329dfdab493325dca4

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1345140-1609279

Response headers

Date
Mon, 26 Apr 2021 11:57:44 GMT
Content-Range
bytes 1345140-1609279/2740100
Connection
keep-alive
Content-Length
264140
X-Served-By
cache-wdc5533-WDC
Last-Modified
Mon, 26 Apr 2021 08:38:42 GMT
Server
cloudinary
X-Timer
S1619426911.898593,VS0,VE0
ETag
"97cad35a7a28ed00268c809bdbc4a6b0"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31546126
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Protocol
HTTP/1.1
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 26 Apr 2021 11:57:44 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
CookieSyncV.html
csync.smartadserver.com/diff/rtb/csync/ Frame 7F81 		1018 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3039&dcid=4&iscname=false&cname=
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486

Request headers

Host
csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"f7993322e8eb79ecae2b39841d5f82cc:1617179570.110025"
Last-Modified
Wed, 31 Mar 2021 08:31:34 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=3600
Date
Mon, 26 Apr 2021 11:57:44 GMT
Content-Length
445
Connection
keep-alive
consent-string.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 7D1C 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/consent-string.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3039&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674B) /
Resource Hash
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:47 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 08:31:34 GMT
server
ECS (frb/674B)
age
71949
etag
"f720a7f2a8432d0f18de76239266413f:1619011619.5319"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
6396
TemplatePool.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 7D1C 		75 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3039&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash
ed8a20d02872e9859380c4a2431fa5c5cbbfcedc75f46dbcd46512dfb4b8bf88

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:47 GMT
content-encoding
gzip
last-modified
Thu, 22 Apr 2021 15:57:23 GMT
server
ECS (frb/67C0)
age
71951
etag
"2ee4a75eb5f57a57fd92f908d41f95bb:1619107062.239623"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
3472
CookieSync.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 7D1C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3039&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:47 GMT
content-encoding
gzip
last-modified
Thu, 22 Apr 2021 15:57:24 GMT
server
ECS (frb/6762)
age
71955
etag
"5c225f0da4164867a9eba01d527131e3:1619107061.081056"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1566
CookieSyncCtrl.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 7D1C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSyncCtrl.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3039&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:47 GMT
content-encoding
gzip
last-modified
Thu, 22 Apr 2021 15:57:26 GMT
server
ECS (frb/6776)
age
71954
etag
"c77fb70e5e267321a13fbe8a4c2eb33b:1619107061.529571"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1560
consent-string.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 7F81 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/consent-string.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3039&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:47 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 08:31:34 GMT
server
ECS (frb/67AA)
age
71952
etag
"f720a7f2a8432d0f18de76239266413f:1619011619.5319"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
6396
TemplatePool.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 7F81 		75 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3039&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
ed8a20d02872e9859380c4a2431fa5c5cbbfcedc75f46dbcd46512dfb4b8bf88

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:47 GMT
content-encoding
gzip
last-modified
Thu, 22 Apr 2021 15:57:23 GMT
server
ECS (frb/67C2)
age
71953
etag
"2ee4a75eb5f57a57fd92f908d41f95bb:1619107062.239623"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
3472
CookieSync.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 7F81 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3039&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:47 GMT
content-encoding
gzip
last-modified
Thu, 22 Apr 2021 15:57:24 GMT
server
ECS (frb/674C)
age
71958
etag
"5c225f0da4164867a9eba01d527131e3:1619107061.081056"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1566
CookieSyncCtrl.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame 7F81 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSyncCtrl.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3039&dcid=4&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:47 GMT
content-encoding
gzip
last-modified
Thu, 22 Apr 2021 15:57:26 GMT
server
ECS (frb/6776)
age
71954
etag
"c77fb70e5e267321a13fbe8a4c2eb33b:1619107061.529571"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1560
viewability
hal90007.redintelligence.net/ Frame B8E7 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/viewability?s=91975200131870100710612011576007&a=340e6bf1&vb=v
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=91975200131870100710612011576007&a=3e2749d2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal90007.redintelligence.net/request_content.php?s=91975200131870100710612011576007&a=3e2749d2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:47 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame DE8D 		995 B
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-185.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgI541yEAoYASABKAEwtNWahAY4AUABSAEQtNWahAYYAA..; uuid2=4976030529260429564; anj=dTM7k!M40<EVNsVF']wIg2Ilgjcg6S!A#FB.TOK`YT5U?QgGs:ieP#ph/s8XiIuGbcxP3Qi*rRJif8vPglJ?Xk`[z3qib/nGdD1[AwfJ[Z/^#%WO5!lC*Lq29fGe4>(PS>YOnej=1^zK%A5-f`V(GM3PVX23nXm/!>!I+3+yyT
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Tue, 26 Apr 2022 11:57:45 GMT
Date
Mon, 26 Apr 2021 11:57:45 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame ECBF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Mon, 26 Apr 2021 11:57:45 GMT
Content-Length
1151
Connection
keep-alive
iframe
mantodea.mantisadnetwork.com/prebid/ Frame 420E 		332 B
570 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1619438259908&secure=true&version=9&mobile=false&title=Feds%20Doubted%20the%20Kidnapping%20Story.%20They%20Shouldn%27t%20Have&url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.15.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-15-148.compute-1.amazonaws.com
Software
/ Express
Resource Hash
dcdd298c3cc61adb49700ead4da02f60b10cab0a1df4888019d121a02e3b275c

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?tz=-120&buster=1619438259908&secure=true&version=9&mobile=false&title=Feds%20Doubted%20the%20Kidnapping%20Story.%20They%20Shouldn%27t%20Have&url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

date
Mon, 26 Apr 2021 11:57:45 GMT
content-type
text/html; charset=utf-8
content-length
332
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"14c-ox8oPFrHKR2sNnUKayj3lhejm5I"
index.html
cdn.districtm.io/ids/ Frame ED12 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

date
Mon, 26 Apr 2021 11:57:45 GMT
set-cookie
__cfduid=dbed0c577b3febcf0a3c45273d18ad0c71619438265; expires=Wed, 26-May-21 11:57:45 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
09afa3fb3c0000cdab88a5e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
645fa2a52b3fcdab-CDG
Cookie set check.html
biddr.brealtime.com/ Frame 8EC9 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

Date
Mon, 26 Apr 2021 11:57:45 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dbcba4fa283d48fa0dc257a55ae8703881619438265; expires=Wed, 26-May-21 11:57:45 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
Ff6EmSueVNfPi17r8wKQ854J0NpJ39gY216tMHqXcfMY1v0rRcILngP83+CS+PYF1s5zxwa4TEI=
x-amz-request-id
YWKEY68YY6XM5CJE
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
3729
Expires
Mon, 26 Apr 2021 11:58:45 GMT
Cache-Control
public, max-age=60
cf-request-id
09afa3fb6c0000691e3d8a6000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
645fa2a57898691e-CDG
Content-Encoding
gzip
showad.js
ads.pubmatic.com/AdServer/js/ Frame 464E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D1%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D1%26key%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=F317B17B-12F8-43F7-8FCA-BCDAA239829F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D1%26key%3D

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=63936
Expires
Tue, 27 Apr 2021 05:43:21 GMT
Date
Mon, 26 Apr 2021 11:57:45 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame B11D 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d4c620b70419b6eb0cbd0eb034610854e9f606f807543f5abf55d946431b7398

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YIaqtkhDhduXm5VvvJe51gAA; CMPS=3274; CMPRO=1102; CMST=YIaqtmCGqrYA; CMRUM3=2d6086aab62760CAESEDRijdQd-vYBLSarRW3tQLQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|241|73|206|5|105|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1535
Expires
Mon, 26 Apr 2021 11:57:45 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:45 GMT
Connection
keep-alive
Set-Cookie
CMID=YIaqtkhDhduXm5VvvJe51gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 26 Apr 2022 11:57:45 GMT CMPS=3274;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Jul 2021 11:57:45 GMT CMPRO=1102;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Jul 2021 11:57:45 GMT CMRUM3=286086aab905a00&ce6086aab905a00&e66086aab927600&f16086aab905a0&276086aab90b40&696086aab905a0&496086aab905a00&056086aab905a0&2d6086aab62760CAESEDRijdQd-vYBLSarRW3tQLQ;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 26 Apr 2022 11:57:45 GMT CMST=YIaqtmCGqrkA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 27 Apr 2021 11:57:45 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9A78 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=26110447&p=158901&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1a8779c89819f926bf89f13ed35bfe40f3df4bffeff821c62eb6ee3df586f81e

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:43 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
async_usersync
secure.adnxs.com/ Frame DE8D 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:46 GMT
X-Proxy-Origin
89.249.64.203; 89.249.64.203; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.89:80
AN-X-Request-Uuid
b370b592-e0d7-4cc7-a46a-3e486638d5c4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 2493 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Mon, 26 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1315
x-powered-by
ASP.NET
date
Mon, 26 Apr 2021 11:57:44 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 53A3
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1691578934495065504
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1691578934495065504
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 26 Apr 2021 11:57:50 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-1691578934495065504; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 11:57:50 GMT; path=/ PugT=1619438270; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 11:57:50 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 11:57:50 GMT; path=/
X-lat
amspug013:0:511
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1691578934495065504
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
/
dsp.adfarm1.adition.com/cookie/ Frame F2C8 		0
0
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame BF5F 		0
0
bridge
cm.adgrx.com/ Frame 827F 		0
0
pubmatic&gdpr=0&gdpr_consent=
sync.1rx.io/usersync2/ Frame 7FC8 		0
0
cm
green.erne.co/pubmatic/ Frame A396 		0
0
dpe
ad4m.at/ad/ Frame 46FD 		42 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 26 Apr 2021 11:57:45 GMT
content-type
image/gif
content-length
42
set-cookie
__cfduid=db28b36bb59f7b458283fa01806b2f9f51619438265; expires=Wed, 26-May-21 11:57:45 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
09afa3fb8b00000eb358b01000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
645fa2a5a9040eb3-FRA
i.match
a.tribalfusion.com/ Frame 2C36 		43 B
901 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
a.tribalfusion.com
:scheme
https
:path
/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aTnsIHNj6WkCyhURALhFhvbTvvZaYVwAiyTooJvYsUGcxayrPCHHSrVIdlnobnPrXOcI4CV3a3WXuQjJsyAIQR7kT
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 26 Apr 2021 11:57:45 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=df3f992ae209780f77d4ff07d94568e4f1619438265; expires=Wed, 26-May-21 11:57:45 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aXnvJOOZb3VhUEjUAvvi9Dw9EQFCvccc4ueMtJW0W7UaZcuuunvkfHR0WID4dETVKbXJiPLTDXxTqFUs6hNJqxKSIZb01d8SsD7cxLTiaYFFQgmYX4U7Yj6Xb6G; path=/; domain=.tribalfusion.com; expires=Sun, 25-Jul-2021 11:57:45 GMT; SameSite=None; Secure; ANON_ID_old=aXnvJOOZb3VhUEjUAvvi9Dw9EQFCvccc4ueMtJW0W7UaZcuuunvkfHR0WID4dETVKbXJiPLTDXxTqFUs6hNJqxKSIZb01d8SsD7cxLTiaYFFQgmYX4U7Yj6Xb6G; path=/; domain=.tribalfusion.com; expires=Sun, 25-Jul-2021 11:57:45 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
09afa3fb8500004ed4da2cc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
645fa2a5a91b4ed4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
rtset
bh.contextweb.com/bh/ Frame 35DF 		0
0
141
match.deepintent.com/usersync/ Frame 5D6D 		0
0
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 9C1E
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=228c67b4-1b5c-46cb-8e1f-31c9aba29685-tuct780303c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=228c67b4-1b5c-46cb-8e1f-31c9aba29685-tuct780303c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=228c67b4-1b5c-46cb-8e1f-31c9aba29685-tuct780303c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=228c67b4-1b5c-46cb-8e1f-31c9aba29685-tuct780303c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 26 Apr 2021 11:57:48 GMT
via
1.1 varnish
x-served-by
cache-hhn11538-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1619438268.281139,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=228c67b4-1b5c-46cb-8e1f-31c9aba29685-tuct780303c;Version=1;Path=/;Domain=.taboola.com;Expires=Tue, 26-Apr-2022 11:57:48 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=228c67b4-1b5c-46cb-8e1f-31c9aba29685-tuct780303c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Mon, 26 Apr 2021 11:57:48 GMT
via
1.1 varnish
x-served-by
cache-hhn11538-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1619438268.263920,VS0,VE9
x-vcl-time-ms
9
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9A78
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8xexexL4Q_ePyrzaojmCnw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=59282
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Tue, 27 Apr 2021 04:25:47 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 9A78 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F317B17B-12F8-43F7-8FCA-BCDAA239829F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
645fa2a5bd3e4d89-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09afa3fb9400004d897e118000000001
info
uipglob.semasio.net/pubmatic/1/ Frame 9A78 		0
0
p.gif
visitor.fiftyt.com/ Frame 9A78 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 9A78
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjMxN0IxN0ItMTJGOC00M0Y3LThGQ0EtQkNEQUEyMzk4MjlG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:45 GMT
X-lat
amspug005:0:578
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9A78
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEERxoO3LysoPT7xUADGOx2E&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEERxoO3LysoPT7xUADGOx2E&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:44 GMT
X-lat
amspug004:0:420
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEERxoO3LysoPT7xUADGOx2E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 9A78 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 25 Apr 2021 11:57:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9A78
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:46 GMT
X-lat
lhrpug004:0:470
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Mon, 26 Apr 2021 11:57:43 GMT
Server
MT3 3660 495c301 master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 26 Apr 2021 11:57:42 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9A78
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4103781883286397064
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4103781883286397064
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:48 GMT
X-lat
lhrpug015:0:334
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:48 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4103781883286397064
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 9A78
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=64e02ea2-73b0-45e2-ba0e-bc9ec0662a40
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=64e02ea2-73b0-45e2-ba0e-bc9ec0662a40
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:45 GMT
X-lat
lhrpug011:0:553
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=64e02ea2-73b0-45e2-ba0e-bc9ec0662a40
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 9A78
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4976030529260429564&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4976030529260429564&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:44 GMT
X-lat
amspug014:0:277
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:45 GMT
X-Proxy-Origin
89.249.64.203; 89.249.64.203; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid
2943f43a-9de2-4a53-a896-a94af02cba2d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4976030529260429564&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
F317B17B-12F8-43F7-8FCA-BCDAA239829F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9A78 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/F317B17B-12F8-43F7-8FCA-BCDAA239829F?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 9A78
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F317B17B-12F8-43F7-8FCA-BCDAA239829F&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-syIlspNE2uWKvJc3AGHpnFWmx8KlOZg-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-syIlspNE2uWKvJc3AGHpnFWmx8KlOZg-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:30:19 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 26 Apr 2021 11:57:47 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-syIlspNE2uWKvJc3AGHpnFWmx8KlOZg-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
getuid
ads.avct.cloud/ Frame 9A78
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 9A78
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:43 GMT
X-lat
amspug015:0:280
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9A78
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3599435174562322988&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3599435174562322988&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:45 GMT
X-lat
lhrpug003:0:497
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3599435174562322988&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 26 Apr 2021 11:57:45 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 9A78
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIaquQAAeMwqPQA4&gdpr=0&gdpr_consent=&_test=YIaquQAAeMwqPQA4
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIaquQAAeMwqPQA4&gdpr=0&gdpr_consent=&_test=YIaquQAAeMwqPQA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:45 GMT
X-lat
lhrpug002:0:644
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619438265.456689,VS0,VE0
x-served-by
cache-hhn4047-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIaquQAAeMwqPQA4&gdpr=0&gdpr_consent=&_test=YIaquQAAeMwqPQA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pubmaticmatch
match.adsby.bidtheatre.com/ Frame 9A78 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 9A78
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:45 GMT
X-lat
amspug016:0:417
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:45 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 9A78 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F317B17B-12F8-43F7-8FCA-BCDAA239829F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:45 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9A78
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4976030529260429564
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4976030529260429564
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:46 GMT
X-lat
lhrpug002:0:361
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:46 GMT
X-Proxy-Origin
89.249.64.203; 89.249.64.203; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.29:80
AN-X-Request-Uuid
37c7ab19-6d14-4c7d-b2a3-57ce203fd433
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4976030529260429564
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9A78
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2278784d-2046-45b6-8d5e-71f5982a203f
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2278784d-2046-45b6-8d5e-71f5982a203f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:48 GMT
X-lat
lhrpug011:0:516
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2278784d-2046-45b6-8d5e-71f5982a203f
date
Mon, 26 Apr 2021 11:57:48 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
quant.js
secure.quantserve.com/ Frame 420E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1619438259908&secure=true&version=9&mobile=false&title=Feds%20Doubted%20the%20Kidnapping%20Story.%20They%20Shouldn%27t%20Have&url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:45 GMT
content-encoding
gzip
etag
"9iaPKZLFg6XYoMRMhilE8g=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 03 May 2021 11:57:45 GMT
query
ecs.mantisadnetwork.com/sync/pixel/ Frame 420E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=64e02ea2-73b0-45e2-ba0e-bc9ec0662a40
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=64e02ea2-73b0-45e2-ba0e-bc9ec0662a40
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1619438259908&secure=true&version=9&mobile=false&title=Feds%20Doubted%20the%20Kidnapping%20Story.%20They%20Shouldn%27t%20Have&url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.15.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-15-148.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:45 GMT
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=64e02ea2-73b0-45e2-ba0e-bc9ec0662a40
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
casale
match.adsrvr.org/track/cmf/ Frame B11D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YIaqtkhDhduXm5VvvJe51gAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.128.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame B11D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESED6B_GoV29WTxsptEvE6X-w&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESED6B_GoV29WTxsptEvE6X-w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 26 Apr 2021 11:57:45 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESED6B_GoV29WTxsptEvE6X-w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B11D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:46 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:46 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YIaqtkhDhduXm5VvvJe51gAABE4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B11D 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YIaqtkhDhduXm5VvvJe51gAABE4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
YIaqtkhDhduXm5VvvJe51gAABE4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B11D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YIaqtkhDhduXm5VvvJe51gAABE4AAAAB
43 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YIaqtkhDhduXm5VvvJe51gAABE4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Mon, 26 Apr 2021 11:57:47 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YIaqtkhDhduXm5VvvJe51gAABE4AAAAB
Connection
keep-alive
Content-Length
0
ix
ad4m.at/ad/sim/ Frame B11D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame B11D
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Apr 2021 11:57:47 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 26 Apr 2021 11:57:46 GMT
server
nginx/1.18.0
content-length
76
htw-pixel.gif
js-sec.indexww.com/ht/ Frame B11D 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YIaqtkhDhduXm5VvvJe51gAA%261102
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=583
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Apr 2021 12:07:28 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 370A
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.142.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
ccdcb22736d1255907703bc6f735be7437704c8316898c62b886058d59879c8b

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum-sec.casalemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
EQUser=UID=2ab3e1d2-ff83-49f4-bd33-77fb7987651a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Mon, 26 Apr 2021 11:57:50 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 26 Apr 2021 11:57:50 GMT
pragma
no-cache

Redirect headers

date
Mon, 26 Apr 2021 11:57:49 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=2ab3e1d2-ff83-49f4-bd33-77fb7987651a; Path=/; Domain=eqads.com; Expires=Mon, 26 Jul 2021 11:57:49 GMT; Secure; SameSite=None
rules-p-8p-p7hkcWNjJm.js
rules.quantcount.com/ Frame 420E 		3 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-8p-p7hkcWNjJm.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:5800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 23:18:47 GMT
via
1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
age
45539
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:14:17 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
x-amz-cf-id
wWIJp3zvPelv5Yk-eSr9Jiyrao_7QIxzOAYafnYk6dRnQzqCmznDTg==
pixel;r=1804731279;labels=property.5f4e89f15abbca000788396e;rf=0;a=p-8p-p7hkcWNjJm;url=https%3A%2F%2Fmantodea.mantisadnetwork.com%2Fprebid%2Fiframe%3Ftz%3D-120%26buster%3D1619438259908%26secure%3Dt...
pixel.quantserve.com/ Frame 420E 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1804731279;labels=property.5f4e89f15abbca000788396e;rf=0;a=p-8p-p7hkcWNjJm;url=https%3A%2F%2Fmantodea.mantisadnetwork.com%2Fprebid%2Fiframe%3Ftz%3D-120%26buster%3D1619438259908%26secure%3Dtrue%26version%3D9%26mobile%3Dfalse%26title%3DFeds%2520Doubted%2520the%2520Kidnapping%2520Story.%2520They%2520Shouldn%2527t%2520Have%26url%3Dhttps%253A%252F%252Fwww.newser.com%252Fstory%252F305100%252Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%253Futm_source%253Dpart%2526utm_medium%253Duol%2526utm_campaign%253Drss_taglines_more;ref=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more;uht=2;fpan=1;fpa=P0-659305356-1619438265520;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;d=mantodea.mantisadnetwork.com;je=0;sr=1600x1200x24;dst=1;et=1619438265520;tzo=-120;ogl=
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1619438259908&secure=true&version=9&mobile=false&title=Feds%20Doubted%20the%20Kidnapping%20Story.%20They%20Shouldn%27t%20Have&url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:45 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
activityi;dc_pre=CKX_zdTtm_ACFSnIuwgdn6MGzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2579859255082.224
5994599.fls.doubleclick.net/ Frame 8BF5
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2579859255082.224?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CKX_zdTtm_ACFSnIuwgdn6MGzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2579859255082.224?
391 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKX_zdTtm_ACFSnIuwgdn6MGzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2579859255082.224?
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
8f8dac5a256ef7a961e919e9e8f0d88f578df2ab1e62e7c8d63257ad261e5fd0
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5994599.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKX_zdTtm_ACFSnIuwgdn6MGzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2579859255082.224?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl2OOzwyMMcrqvJIhlX8nc54PULgAAW7EFp5wpPZSmBULxF-rerP-Zkq_rQJoM; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 26 Apr 2021 11:57:45 GMT
expires
Mon, 26 Apr 2021 11:57:45 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 26 Apr 2021 11:57:45 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKX_zdTtm_ACFSnIuwgdn6MGzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2579859255082.224?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal90005.redintelligence.net/ Frame 563E 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/request_content.php?s=42806000100536000710624011576005&a=8d501117
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6485a8591ca28ea25a88d35eb3ad8ddd323a1db1c051206a40e10fbc0b03bfae

Request headers

Host
hal90005.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=c3ea5383fea9bea8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/

Response headers

Date
Mon, 26 Apr 2021 11:57:46 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 26 Apr 2021 12:57:46 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2116
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3452 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 26 Apr 2021 06:38:34 GMT
expires
Tue, 27 Apr 2021 06:38:34 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
19151
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 099D 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ed4a343523509f279aa613621dbe61843e638d55adbe5c13de23f188f21845c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 3452
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEN4zubFh_65-JZhuy4BLMNg&google_cver=1&google_push=AQvitUKUp04lWdopUsIsEoy-JMGXQ8WW85ojesGX9exNtvciCZGPYX0_CjEI_WjRbTYQ3h30FT8pJHJa6U7o30Qf...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKUp04lWdopUsIsEoy-JMGXQ8WW85ojesGX9exNtvciCZGPYX0_CjEI_WjRbTYQ3h30FT8pJHJa6U7o30QfUTRzJs204UiW
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKUp04lWdopUsIsEoy-JMGXQ8WW85ojesGX9exNtvciCZGPYX0_CjEI_WjRbTYQ3h30FT8pJHJa6U7o30QfUTRzJs204UiW
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 26 Apr 2021 11:57:43 GMT
Server
MT3 3660 495c301 master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKUp04lWdopUsIsEoy-JMGXQ8WW85ojesGX9exNtvciCZGPYX0_CjEI_WjRbTYQ3h30FT8pJHJa6U7o30QfUTRzJs204UiW
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 26 Apr 2021 11:57:42 GMT
/
dsp.adfarm1.adition.com/cookie/ Frame 3452 		0
0
pixel
cm.g.doubleclick.net/ Frame 3452
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELUaprzcva6vTOS_TVMFKyA&google_cver=1&google_push=AQvitULaPj5KPn6qXie_qgFO20WGwAvwuEX-zOekzHNil1sOSN9RJ4fhUY6Qw0SND1V7OjuEWIlssJa5yTbJNSrNpgKD...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULaPj5KPn6qXie_qgFO20WGwAvwuEX-zOekzHNil1sOSN9RJ4fhUY6Qw0SND1V7OjuEWIlssJa5yTbJNSrNpgKDj4_xTk25&google_hm=A5mhZsxvTFS5a2mU80vV-g==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULaPj5KPn6qXie_qgFO20WGwAvwuEX-zOekzHNil1sOSN9RJ4fhUY6Qw0SND1V7OjuEWIlssJa5yTbJNSrNpgKDj4_xTk25&google_hm=A5mhZsxvTFS5a2mU80vV-g==
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULaPj5KPn6qXie_qgFO20WGwAvwuEX-zOekzHNil1sOSN9RJ4fhUY6Qw0SND1V7OjuEWIlssJa5yTbJNSrNpgKDj4_xTk25&google_hm=A5mhZsxvTFS5a2mU80vV-g==
date
Mon, 26 Apr 2021 11:57:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
dot.gif
s0.2mdn.net/ Frame 3452 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEHlx1_dxNITZaGDX0CO5Pe8&google_cver=1&google_push=AQvitUK0bNmAdQjNWIIY-A6HRqkgCu3RI014DHfzBeBeL4RJ-4DE5J6ZO7e3FwXt2QNHyX6_Obx_XXfAER8Gy8t-Cjcd20RcR_I
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 27 Apr 2021 11:57:45 GMT
pixel
cm.g.doubleclick.net/ Frame 3452
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFrOnd1-oJ67RF9qfQDzLww&google_cver=1&google_push=AQvitUJJ7RbUsU2XsL-s2b73US-PXpCbsqDgLj4aiQ6fUvhva3kTV72iRNgB5TN4WGGiiBLRhmTLSjNtCrORm5WXQRdnpv_...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFrOnd1-oJ67RF9qfQDzLww&google_cver=1&google_push=AQvitUJJ7RbUsU2XsL-s2b73US-PXpCbsqDgLj4aiQ6fUvhva3kTV72iRNgB5TN4WGGiiBLRhmTLSjNtCrORm5WXQRdnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUJJ7RbUsU2XsL-s2b73US-PXpCbsqDgLj4aiQ6fUvhva3kTV72iRNgB5TN4WGGiiBLRhmTLSjNtCrORm5WXQRdnpv_14Gz2
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUJJ7RbUsU2XsL-s2b73US-PXpCbsqDgLj4aiQ6fUvhva3kTV72iRNgB5TN4WGGiiBLRhmTLSjNtCrORm5WXQRdnpv_14Gz2&go...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUJJ7RbUsU2XsL-s2b73US-PXpCbsqDgLj4aiQ6fUvhva3kTV72iRNgB5TN4WGGiiBLRhmTLSjNtCrORm5WXQRdnpv_14Gz2&google_tc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUJJ7RbUsU2XsL-s2b73US-PXpCbsqDgLj4aiQ6fUvhva3kTV72iRNgB5TN4WGGiiBLRhmTLSjNtCrORm5WXQRdnpv_14Gz2&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
414
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3452
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIlmz_GtbvnkW_TTlhmjJmg&google_cver=1&google_push=AQvitUL62--_ExXYkpA_yq3LFd0fvI9e4aqhrN1G9nw7Wf6G_9nVNyjggpmEC7j5rkfKSAQ2XBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSlE2UlUtMUMtRFo2Rw==&google_push=AQvitUL62--_ExXYkpA_yq3LFd0fvI9e4aqhrN1G9nw7Wf6G_9nVNyjggpmEC7j5rkfKSAQ2XBAFUBJTN0Q4obu3Co2E9Kw-T9E
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSlE2UlUtMUMtRFo2Rw==&google_push=AQvitUL62--_ExXYkpA_yq3LFd0fvI9e4aqhrN1G9nw7Wf6G_9nVNyjggpmEC7j5rkfKSAQ2XBAFUBJTN0Q4obu3Co2E9Kw-T9E
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSlE2UlUtMUMtRFo2Rw==&google_push=AQvitUL62--_ExXYkpA_yq3LFd0fvI9e4aqhrN1G9nw7Wf6G_9nVNyjggpmEC7j5rkfKSAQ2XBAFUBJTN0Q4obu3Co2E9Kw-T9E
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3452
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENc5h_fVMBhRZBK8C3OYIb0&google_cver=1&google_push=AQvitUJf2MLaJ61zQu6r850H8VZEY7o7Rtg4uWWcd-Z-Z98liHg_uuc6Km0Bm38HZ_a-uhx_ws...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hRndFcXBKRTJ1RzcxLklnZEdUNEY1ejFCY1dYTGcwZX5B&google_push=AQvitUJf2MLaJ61zQu6r850H8VZEY7o7Rtg4uWWcd-Z-Z98liHg_uuc6K...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hRndFcXBKRTJ1RzcxLklnZEdUNEY1ejFCY1dYTGcwZX5B&google_push=AQvitUJf2MLaJ61zQu6r850H8VZEY7o7Rtg4uWWcd-Z-Z98liHg_uuc6Km0Bm38HZ_a-uhx_wsjhkZcNFCDT5FFJSqblWI9zteEmHg
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 26 Apr 2021 11:57:47 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hRndFcXBKRTJ1RzcxLklnZEdUNEY1ejFCY1dYTGcwZX5B&google_push=AQvitUJf2MLaJ61zQu6r850H8VZEY7o7Rtg4uWWcd-Z-Z98liHg_uuc6Km0Bm38HZ_a-uhx_wsjhkZcNFCDT5FFJSqblWI9zteEmHg
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3452 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-ufcQ29kChnE_ettW_WCdLgyoPXzZKVku7A4LLA63s6EvN2u08c5-aejgTYkC7zaowdB3sQ
Requested by
Host: ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
URL: https://ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:45 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dc_pre=CKX_zdTtm_ACFSnIuwgdn6MGzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2579859255082.224
adservice.google.com/ddm/fls/z/ Frame 8BF5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKX_zdTtm_ACFSnIuwgdn6MGzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2579859255082.224
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKX_zdTtm_ACFSnIuwgdn6MGzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2579859255082.224?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6E77
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESED6B_GoV29WTxsptEvE6X-w&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESED6B_GoV29WTxsptEvE6X-w&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 26 Apr 2021 11:57:46 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESED6B_GoV29WTxsptEvE6X-w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6E77
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:46 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:46 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIaqtkhDhduXm5VvvJe51gAABE4AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6E77 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YIaqtkhDhduXm5VvvJe51gAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.128.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
YIaqtkhDhduXm5VvvJe51gAABE4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6E77 		43 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YIaqtkhDhduXm5VvvJe51gAABE4AAAAB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6E77
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622030266
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622030266
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Apr 2021 11:57:46 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:45 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622030266
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
x.bidswitch.net/ Frame 6E77 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.158.103 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-158-103.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 6E77
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=MbnTsrcJ1LAZRY5&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=MbnTsrcJ1LAZRY5&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Apr 2021 11:57:46 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:45 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-080424a23a22eec76@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=MbnTsrcJ1LAZRY5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6E77
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0628220402000c79132e071f&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0628220402000c79132e071f&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Apr 2021 11:57:47 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0628220402000c79132e071f&expiration=[EXPIRATION]&gdpr=1
Date
Mon, 26 Apr 2021 11:57:47 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
cookiesyncendpoint
sync.aniview.com/ Frame 6E77 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1619438262743-995581060291-020940-015-005965&biddername=42&key=YIaqtkhDhduXm5VvvJe51gAA%261102
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619438262743-995581060291-020940-015-005965%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.116.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-116-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:49 GMT
content-length
0
sync
pre.ads.justpremium.com/v/1.0/t/ Frame ED79 		0
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 833D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=F317B17B-12F8-43F7-8FCA-BCDAA239829F; KCCH=YES; chkChromeAb67Sec=1; DPSync3=1620604800%3A201_227_226_221; SyncRTB3=1620691200%3A35%7C1620604800%3A222_3_56_161_8_165_99_7_54_22_13_81_176_71_230_189_220_166_55_204_88_231_21%7C1620000000%3A223_15_2_67%7C1620259200%3A63%7C1621987200%3A203; KRTBCOOKIE_22=14911-3599435174562322988; PUBMDCID=3; KRTBCOOKIE_218=22978-YIaquQAAeMwqPQA4&KRTB&23194-YIaquQAAeMwqPQA4&KRTB&23209-YIaquQAAeMwqPQA4&KRTB&23244-YIaquQAAeMwqPQA4; KRTBCOOKIE_377=6810-64e02ea2-73b0-45e2-ba0e-bc9ec0662a40&KRTB&22918-64e02ea2-73b0-45e2-ba0e-bc9ec0662a40&KRTB&23031-64e02ea2-73b0-45e2-ba0e-bc9ec0662a40; KRTBCOOKIE_153=1923-aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li&KRTB&19420-aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li&KRTB&22979-aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li; KRTBCOOKIE_57=22776-4976030529260429564; KRTBCOOKIE_80=16514-CAESEERxoO3LysoPT7xUADGOx2E&KRTB&22987-CAESEERxoO3LysoPT7xUADGOx2E&KRTB&23025-CAESEERxoO3LysoPT7xUADGOx2E; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_27=16735-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&KRTB&16736-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&KRTB&23019-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&KRTB&23114-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289; PugT=1619438266
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=63935
Expires
Tue, 27 Apr 2021 05:43:21 GMT
Date
Mon, 26 Apr 2021 11:57:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0E7E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.212.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-212-16.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KNYJQ6RU-1C-DZ6G; rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4WPGUmesEFiaAnqRSjT4sl0Fg1EK+hUVPp2REB9Ko2i2DakxOMWpH+S3NzCR; ses15=; vis15=345018^1; audit=1|naVuGyos1qofzBVn6ROBeAZ1csWKyxPo82Zsa5yIZbQ4onC2FhVF1WMMaB3lLrscwFCfoC+4IsU+TNnOA5mQhbKpUjWTmmg0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 26 Apr 2021 11:57:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
iframe
sync.teads.tv/ Frame F04C 		0
0
sync
ib.3lift.com/ Frame BAC6 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 563E 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=42806000100536000710624011576005&a=8d501117
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 19:15:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146551
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Apr 2022 19:15:15 GMT
mircosoft-300-600%20(1).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 563E 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/advertiser/32995/creativesup/mircosoft-300-600%20(1).jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=42806000100536000710624011576005&a=8d501117
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
5057f7beaa08450682a5418bdce93e9783bd704527406843fb019ea0a52778d4

Request headers

Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:47 GMT
Last-Modified
Mon, 20 Jun 2016 09:27:03 GMT
Server
nginx
ETag
"5767b6e7-f6a2"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
63138
viewability
hal90005.redintelligence.net/ Frame 563E 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/viewability?s=42806000100536000710624011576005&a=ca1c249c&vb=m
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=42806000100536000710624011576005&a=8d501117
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal90005.redintelligence.net/request_content.php?s=42806000100536000710624011576005&a=8d501117
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:46 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 563E 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame 9A78 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158901&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:46 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?r=www.newser.com&sn=113220&cd4=ce2c9b94-51f8-46f4-ba52-be844200179d&cd5=default&ic=0&tgt=0&app=&wi=416&he=235&test=2&apppkg=&fv=3&proto=https
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.226.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 26 Apr 2021 11:57:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
usersync.html
cdn.undertone.com/js/ Frame 8E8A 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:f400:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

content-type
text/html
last-modified
Wed, 16 Dec 2020 12:35:23 GMT
server
AmazonS3
content-encoding
gzip
date
Mon, 26 Apr 2021 06:59:38 GMT
etag
W/"8ee422394c26ec0371c4676b43dd838d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
STzH8UOFduZzvI0t2Nt9oIvShQ8pw3roVFYg6rep4DeGaEqeXBk4EQ==
age
17890
sync_iframe
sync.bfmio.com/ Frame EB70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifg=1&id=&gdpr=0&gc=&gce=1&us_privacy=1---
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.45.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__141_cid=99B53FBFFA154012A108191486A8A3EE; __io_cid=5be549eea33cda257de1cb6ade1bebcb5d887a27
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

Date
Mon, 26 Apr 2021 11:57:47 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9682 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=F317B17B-12F8-43F7-8FCA-BCDAA239829F; chkChromeAb67Sec=1; DPSync3=1620604800%3A201_227_226_221; SyncRTB3=1620691200%3A35%7C1620604800%3A222_3_56_161_8_165_99_7_54_22_13_81_176_71_230_189_220_166_55_204_88_231_21%7C1620000000%3A223_15_2_67%7C1620259200%3A63%7C1621987200%3A203; KRTBCOOKIE_22=14911-3599435174562322988; PUBMDCID=3; KRTBCOOKIE_218=22978-YIaquQAAeMwqPQA4&KRTB&23194-YIaquQAAeMwqPQA4&KRTB&23209-YIaquQAAeMwqPQA4&KRTB&23244-YIaquQAAeMwqPQA4; KRTBCOOKIE_377=6810-64e02ea2-73b0-45e2-ba0e-bc9ec0662a40&KRTB&22918-64e02ea2-73b0-45e2-ba0e-bc9ec0662a40&KRTB&23031-64e02ea2-73b0-45e2-ba0e-bc9ec0662a40; KRTBCOOKIE_153=1923-aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li&KRTB&19420-aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li&KRTB&22979-aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li; KRTBCOOKIE_57=22776-4976030529260429564; KRTBCOOKIE_80=16514-CAESEERxoO3LysoPT7xUADGOx2E&KRTB&22987-CAESEERxoO3LysoPT7xUADGOx2E&KRTB&23025-CAESEERxoO3LysoPT7xUADGOx2E; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_27=16735-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&KRTB&16736-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&KRTB&23019-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&KRTB&23114-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289; PugT=1619438266; SPugT=1619438266
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=63934
Expires
Tue, 27 Apr 2021 05:43:21 GMT
Date
Mon, 26 Apr 2021 11:57:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 7364 		1007 B
865 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
7dcf695057fbd3a80a8397d8466885b5928d925a3a51e6cdaf787601bc8d9d2e

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=149dadeb-5eb6-0d1d-2edb-2105503c1d94|1619438260
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=149dadeb-5eb6-0d1d-2edb-2105503c1d94|1619438260; Version=1; Expires=Tue, 26-Apr-2022 11:57:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1619438267|mOgegqnskin0vNomiygu; Version=1; Expires=Tue, 11-May-2021 11:57:47 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 26 Apr 2021 11:57:47 GMT
content-type
text/html
content-length
547
content-encoding
gzip
via
1.1 google
alt-svc
clear
v2
de.tynt.com/deb/ Frame 504A 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=auLbLMbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=auLbLMbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

cache-control
max-age=86400
expires
Tue, 27 Apr 2021 11:57:49 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 26 Apr 2021 11:57:49 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
53f6f4f6-679d-a0a3-45da-ff18cb4ce320
pr-bh.ybp.yahoo.com/sync/openx/ Frame 7364 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/53f6f4f6-679d-a0a3-45da-ff18cb4ce320?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7364
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=MbnTsrcJ1LAZRY5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=MbnTsrcJ1LAZRY5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:47 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:47 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-0c15f6a621e7ffebe@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=MbnTsrcJ1LAZRY5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7364
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=0399a166-cc6f-4c54-b96b-6994f34bd5fa
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=d711314e-7446-4423-a975-af821be3c2ed&expires=10&ssp=openx&bsw_param=0399a166-cc6f-4c54-b96b-6994f34bd5fa
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=340&user_id=d711314e-7446-4423-a975-af821be3c2ed&expires=10&ssp=openx&bsw_param=0399a166-cc6f-4c54-b96b-6994f34bd5fa
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=dcee53a2-edb4-4b2c-9acc-7133174ad2e1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=dcee53a2-edb4-4b2c-9acc-7133174ad2e1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=dcee53a2-edb4-4b2c-9acc-7133174ad2e1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:48 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=dcee53a2-edb4-4b2c-9acc-7133174ad2e1
date
Mon, 26 Apr 2021 11:57:48 GMT
via
1.1 google
server
OXGW/16.205.4
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
ox
match.prod.bidr.io/cookie-sync/ Frame 7364 		0
0
sd
eu-u.openx.net/w/1.0/ Frame 7364
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f24b6086-aab9-4f00-a1a2-bc10888e3de4
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f24b6086-aab9-4f00-a1a2-bc10888e3de4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:47 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 26 Apr 2021 11:57:45 GMT
Server
MT3 3660 495c301 master zrh-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f24b6086-aab9-4f00-a1a2-bc10888e3de4
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 26 Apr 2021 11:57:44 GMT
sd
us-u.openx.net/w/1.0/ Frame 7364
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ik8pfXUec3g5GyV-dk48eSdJdSk5TyQoIB0G-xG0
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ik8pfXUec3g5GyV-dk48eSdJdSk5TyQoIB0G-xG0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:47 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ik8pfXUec3g5GyV-dk48eSdJdSk5TyQoIB0G-xG0
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7364
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7148491099707590407
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7148491099707590407
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:48 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:48 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7148491099707590407
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 7364 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=c73192b2-f731-32ea-740d-e9ed341b2e69&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.128.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7364 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWI1ZTQxNzgtM2U0Ni02YzRlLTYxZWQtYjM1NGZlZjllMDA5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7364
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAst8ZqvNranJ2fLCJCFMEI&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAst8ZqvNranJ2fLCJCFMEI&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:47 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAst8ZqvNranJ2fLCJCFMEI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9682 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=82109609&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7ac27fff38529a351928fa457eb45bc5b6ea0d963f4999f93bf8e68ce7fe9848

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:46 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 4D02 		0
0
sync
usr.undertone.com/userPixel/ Frame 8E8A
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=4976030529260429564
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=4976030529260429564
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.56.236 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:48 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 11:57:48 GMT
X-Proxy-Origin
89.249.64.203; 89.249.64.203; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.75:80
AN-X-Request-Uuid
bedaf5fc-5edb-4655-8bb3-e62017139f79
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=4976030529260429564
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 8E8A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=8c5cf595-f79e-0e89-1e88-f62ac3b70e3b
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=8c5cf595-f79e-0e89-1e88-f62ac3b70e3b
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.56.236 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:48 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

date
Mon, 26 Apr 2021 11:57:47 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=8c5cf595-f79e-0e89-1e88-f62ac3b70e3b
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame 8E8A
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9e6a09b7-a686-11eb-9cd3-02d3e634cab0
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-bLImlBhE2uHFc65mgRUFi9g_BWUd25qh~A~UP9e6a09b7-a686-11eb-9cd3-02d3e634cab0
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-bLImlBhE2uHFc65mgRUFi9g_BWUd25qh~A~UP9e6a09b7-a686-11eb-9cd3-02d3e634cab0
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.56.236 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:48 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Mon, 26 Apr 2021 11:57:47 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-bLImlBhE2uHFc65mgRUFi9g_BWUd25qh~A~UP9e6a09b7-a686-11eb-9cd3-02d3e634cab0
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame 8E8A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=64e02ea2-73b0-45e2-ba0e-bc9ec0662a40&ttl=1622030267
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=64e02ea2-73b0-45e2-ba0e-bc9ec0662a40&ttl=1622030267
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.56.236 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:48 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 11:57:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=64e02ea2-73b0-45e2-ba0e-bc9ec0662a40&ttl=1622030267
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
247
sync.php
pixel.rubiconproject.com/exchange/ Frame 8E8A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
sync
usr.undertone.com/userPixel/ Frame 8E8A
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=670e2fc9c09785aabfbf0ac05112e6e7690c96c7
0
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=670e2fc9c09785aabfbf0ac05112e6e7690c96c7
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.56.236 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:49 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=670e2fc9c09785aabfbf0ac05112e6e7690c96c7
Date
Mon, 26 Apr 2021 11:57:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Protocol
HTTP/1.1
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 26 Apr 2021 11:57:49 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ 		296 KB
296 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
d27e9d16a3820e90e60ed0eec68eafe0617c9ae53a6672f748bb830029ce4ced

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1609280-1911959

Response headers

Date
Mon, 26 Apr 2021 11:57:49 GMT
Content-Range
bytes 1609280-1911959/2740100
Connection
keep-alive
Content-Length
302680
X-Served-By
cache-wdc5533-WDC
Last-Modified
Mon, 26 Apr 2021 08:38:42 GMT
Server
cloudinary
X-Timer
S1619426911.898593,VS0,VE0
ETag
"97cad35a7a28ed00268c809bdbc4a6b0"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31546121
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
showad.js
ads.pubmatic.com/AdServer/js/ Frame 464E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=F317B17B-12F8-43F7-8FCA-BCDAA239829F; chkChromeAb67Sec=1; DPSync3=1620604800%3A201_227_226_221; SyncRTB3=1620691200%3A35%7C1620604800%3A222_3_56_161_8_165_99_7_54_22_13_81_176_71_230_189_220_166_55_204_88_231_21%7C1620000000%3A223_15_2_67%7C1620259200%3A63%7C1621987200%3A203; KRTBCOOKIE_22=14911-3599435174562322988; PUBMDCID=3; KRTBCOOKIE_218=22978-YIaquQAAeMwqPQA4&KRTB&23194-YIaquQAAeMwqPQA4&KRTB&23209-YIaquQAAeMwqPQA4&KRTB&23244-YIaquQAAeMwqPQA4; KRTBCOOKIE_377=6810-64e02ea2-73b0-45e2-ba0e-bc9ec0662a40&KRTB&22918-64e02ea2-73b0-45e2-ba0e-bc9ec0662a40&KRTB&23031-64e02ea2-73b0-45e2-ba0e-bc9ec0662a40; KRTBCOOKIE_153=1923-aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li&KRTB&19420-aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li&KRTB&22979-aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li; KRTBCOOKIE_57=22776-4976030529260429564; KRTBCOOKIE_80=16514-CAESEERxoO3LysoPT7xUADGOx2E&KRTB&22987-CAESEERxoO3LysoPT7xUADGOx2E&KRTB&23025-CAESEERxoO3LysoPT7xUADGOx2E; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_27=16735-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&KRTB&16736-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&KRTB&23019-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&KRTB&23114-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289; PugT=1619438266; SPugT=1619438266; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=63933
Expires
Tue, 27 Apr 2021 05:43:21 GMT
Date
Mon, 26 Apr 2021 11:57:48 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 464E 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=97261911&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:47 GMT
Content-Length
0
match
c1.adform.net/serving/cookie/ Frame 7176
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=F317B17B-12F8-43F7-8FCA-BCDAA239829F
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F317B17B-12F8-43F7-8FCA-BCDAA239829F
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F317B17B-12F8-43F7-8FCA-BCDAA239829F
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=82109609&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=F317B17B-12F8-43F7-8FCA-BCDAA239829F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 26 Apr 2021 11:57:48 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=8498197492646175207; expires=Fri, 25 Jun 2021 11:57:48 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 26 Apr 2021 11:57:48 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F317B17B-12F8-43F7-8FCA-BCDAA239829F
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Wed, 26 May 2021 11:57:48 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
receive
pixel.tapad.com/idsync/ex/ Frame 6C6F
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
95 B
154 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=82109609&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1619438261059; TapAd_DID=9a5da931-a686-11eb-b89e-2a657357e39a; TapAd_3WAY_SYNCS=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 26 Apr 2021 11:57:48 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

Server
nginx
Date
Mon, 26 Apr 2021 11:57:48 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 11:57:48 GMT; path=/
X-lat
lhrpug005:0:444
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame F03B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:MbnTsrcJ1LAZRY5&gdpr=0&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:MbnTsrcJ1LAZRY5&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=82109609&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2278784d-2046-45b6-8d5e-71f5982a203f; PUBMDCID=3; KRTBCOOKIE_860=16335-oQd6_DxkSPh6Nb-4-hVfEFn5QMs; PugT=1619438269; KRTBCOOKIE_279=22890-9f7b04f0-a686-11eb-9749-09462eaa0c2c&KRTB&23011-9f7b04f0-a686-11eb-9749-09462eaa0c2c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 26 Apr 2021 11:57:50 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:MbnTsrcJ1LAZRY5; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 11:57:50 GMT; path=/ PugT=1619438270; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 11:57:50 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 11:57:50 GMT; path=/
X-lat
lhrpug014:0:547
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Mon, 26 Apr 2021 11:57:49 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:MbnTsrcJ1LAZRY5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-080424a23a22eec76@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=MbnTsrcJ1LAZRY5; Domain=.w55c.net; Expires=Thu, 26-May-2022 11:57:50 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Wed, 26-May-2021 11:57:50 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
usersync
match.bnmla.com/ Frame 5CE4 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=82109609&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.158 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 26 Apr 2021 11:57:51 GMT
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame C819
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oQd6_DxkSPh6Nb-4-hVfEFn5QMs
42 B
778 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oQd6_DxkSPh6Nb-4-hVfEFn5QMs
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=82109609&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2278784d-2046-45b6-8d5e-71f5982a203f; PugT=1619438268; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 26 Apr 2021 11:57:49 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_860=16335-oQd6_DxkSPh6Nb-4-hVfEFn5QMs; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 11:57:49 GMT; path=/ PugT=1619438269; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 11:57:49 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 11:57:49 GMT; path=/
X-lat
lhrpug015:0:537
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Mon, 26 Apr 2021 11:57:49 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oQd6_DxkSPh6Nb-4-hVfEFn5QMs
Set-Cookie
sa-user-id=s%3A0-a1077afc-3c64-48f8-7a35-bfb8fa155f10.2%2FBdwOADF5CaqEpKVh2WHbjfFkkFpQZxI2QznJDnIiE; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-a1077afc-3c64-48f8-7a35-bfb8fa155f10%24ip%2489.249.64.203.nZJQNrxRFZaI0iXGuCYcF4P5DMNvchCxj0mesmUvq1E; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 36DD
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:99B53FBFFA154012A108191486A8A3EE
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:99B53FBFFA154012A108191486A8A3EE
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=82109609&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=F317B17B-12F8-43F7-8FCA-BCDAA239829F; KRTBCOOKIE_22=14911-3599435174562322988; PUBMDCID=3; KRTBCOOKIE_218=22978-YIaquQAAeMwqPQA4&KRTB&23194-YIaquQAAeMwqPQA4&KRTB&23209-YIaquQAAeMwqPQA4&KRTB&23244-YIaquQAAeMwqPQA4; KRTBCOOKIE_377=6810-64e02ea2-73b0-45e2-ba0e-bc9ec0662a40&KRTB&22918-64e02ea2-73b0-45e2-ba0e-bc9ec0662a40&KRTB&23031-64e02ea2-73b0-45e2-ba0e-bc9ec0662a40; KRTBCOOKIE_153=1923-aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li&KRTB&19420-aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li&KRTB&22979-aD2Nbz9s12pzaYFsPDyYa2070TtzPYA6am-Sc4Li; KRTBCOOKIE_57=22776-4976030529260429564; KRTBCOOKIE_80=16514-CAESEERxoO3LysoPT7xUADGOx2E&KRTB&22987-CAESEERxoO3LysoPT7xUADGOx2E&KRTB&23025-CAESEERxoO3LysoPT7xUADGOx2E; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_27=16735-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&KRTB&16736-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&KRTB&23019-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289&KRTB&23114-uid:bb7d6086-aab9-4c00-a970-61aa3d07a289; PugT=1619438266; SPugT=1619438266; chkChromeAb67Sec=2; DPSync3=1620604800%3A226_221_219_197_232_201_227%7C1619481600%3A174; SyncRTB3=1621987200%3A203%7C1624579200%3A69%7C1620259200%3A63%7C1620691200%3A35%7C1620604800%3A166_233_8_81_176_204_222_22_5_161_88_54_21_165_7_13_230_78_3_56_104_55_231_57_220_189_99_71%7C1620000000%3A67_2_15_223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 26 Apr 2021 11:57:48 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 11:57:48 GMT; path=/
X-lat
lhrpug019:0:293
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
nginx
date
Mon, 26 Apr 2021 11:57:48 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:99B53FBFFA154012A108191486A8A3EE
expires
Sun, 25 Apr 2021 11:57:48 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
/
pixel.onaudience.com/ Frame 9682
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=F317B17B-12F8-43F7-8FCA-BCDAA239829F
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f87e4f630068dd74e7d506c17011bea9
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f87e4f630068dd74e7d506c17011bea9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.222.80.231 , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Mon, 26 Apr 2021 11:57:50 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f87e4f630068dd74e7d506c17011bea9
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 9682
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f24b6086-aab9-4f00-a1a2-bc10888e3de4
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f24b6086-aab9-4f00-a1a2-bc10888e3de4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:51 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 26 Apr 2021 11:57:45 GMT
Server
MT3 3660 495c301 master zrh-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f24b6086-aab9-4f00-a1a2-bc10888e3de4
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 26 Apr 2021 11:57:44 GMT
/
loadm.exelator.com/load/ Frame 9682 		0
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=F317B17B-12F8-43F7-8FCA-BCDAA239829F&gdpr=0&gdpr_consent=&j=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:48 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
Pug
simage2.pubmatic.com/AdServer/ Frame 9682
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9f7b04f0-a686-11eb-9749-09462eaa0c2c&gdpr=0&gdpr_consent=
1 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9f7b04f0-a686-11eb-9749-09462eaa0c2c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:49 GMT
X-lat
lhrpug008:0:485
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9f7b04f0-a686-11eb-9749-09462eaa0c2c&gdpr=0&gdpr_consent=
Date
Mon, 26 Apr 2021 11:57:48 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
9f7b04f1-a686-11eb-9749-09462eaa0c2c
v2
de.tynt.com/deb/ Frame 2C97 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aYM3dqbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=aYM3dqbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

cache-control
max-age=86400
expires
Tue, 27 Apr 2021 11:57:49 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 26 Apr 2021 11:57:48 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame E5B4 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aVbmTmbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=aVbmTmbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

cache-control
max-age=86400
expires
Tue, 27 Apr 2021 11:57:49 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 26 Apr 2021 11:57:48 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame 4963 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aMI2rSbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=aMI2rSbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

cache-control
max-age=86400
expires
Tue, 27 Apr 2021 11:57:49 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 26 Apr 2021 11:57:48 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame 8F77 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aQZNIebZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=aQZNIebZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

cache-control
max-age=86400
expires
Tue, 27 Apr 2021 11:57:49 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 26 Apr 2021 11:57:49 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame 51DF 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aEhRN6bZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=aEhRN6bZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

cache-control
max-age=86400
expires
Tue, 27 Apr 2021 11:57:49 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 26 Apr 2021 11:57:49 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.newser.com&rs=www.newser.com&sid=74171&t=1619438262&cip=89.249.64.203&sn=113220&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=416&he=235&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=2&aafaid=&proto=https&uid=1619438262743-995581060291-020940-015-005965&cha=0.7&cb=73252675030&cd4=ce2c9b94-51f8-46f4-ba52-be844200179d&cd5=default&d9=1000&AV_WIDTH=416&AV_HEIGHT=235&nid=56ea678d181f46c76f8b45fb&ncid=604f799c916b9e0a5a77a356&e=bid&cb=1619438269846&asid=5ee3d57071193a26344a4076%2C604f799a88cd2d40eb1059b6&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.226.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0533 		334 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117044
x-xss-protection
0
expires
Mon, 26 Apr 2021 11:57:49 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A5CB 		334 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117044
x-xss-protection
0
expires
Mon, 26 Apr 2021 11:57:49 GMT
bridge3.453.0_en.html
imasdk.googleapis.com/js/core/ Frame 85AE 		570 KB
186 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.453.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
190793
date
Fri, 23 Apr 2021 03:56:55 GMT
expires
Sat, 23 Apr 2022 03:56:55 GMT
last-modified
Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
288054
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame A5CB 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Mon, 26 Apr 2021 11:57:49 GMT
integrator.js
adservice.google.com/adsid/ Frame A5CB 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.newser.com
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 11:57:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.453.0_en.html
imasdk.googleapis.com/js/core/ Frame 9F82 		570 KB
186 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.453.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
190793
date
Fri, 23 Apr 2021 03:56:55 GMT
expires
Sat, 23 Apr 2022 03:56:55 GMT
last-modified
Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
288055
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 0533 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Mon, 26 Apr 2021 11:57:50 GMT
integrator.js
adservice.google.com/adsid/ Frame 0533 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.newser.com
Requested by
Host: www.newser.com
URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 11:57:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CCDD 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:14:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2609
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Mon, 26 Apr 2021 12:14:21 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 58B3 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:14:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2609
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Mon, 26 Apr 2021 12:14:21 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 85AE 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_newser.com_5&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&cust_params=publisher_name%3Dnewser.com&env=vp&correlator=3405221358407999&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t&vid_d&vid_kw&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3369369648&sdk_apis=2%2C8&sid=84DEDEF9-A2B5-4318-A47F-1090AD4CA64A&eid=44730612%2C44739826%2C668123729&url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&ref=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&dt=1619438270217&cookie_enabled=1&scor=18739272916310&ged=ve4_td0_tt0_pd0_la0_er2038.533.2192.833_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
695f1646b07d0cd788f458ed2bda9670f7067463c4a1a0095e76523f0160da9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
714
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 370A 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame 9F82 		156 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=631098092647027&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3695250513&sdk_apis=2%2C8&sid=3BA33B62-48F3-434E-B929-468E86130ED0&eid=420706097%2C44737473%2C44739826&url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&ref=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&dt=1619438270220&cookie_enabled=1&scor=3316197715631521&ged=ve4_td0_tt0_pd0_la0_er2038.533.2192.833_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 85AE 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_newser.com_5&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dnewser.com&url=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&max_ad_duration=30000&min_ad_duration=0&sid=84DEDEF9-A2B5-4318-A47F-1090AD4CA64A&adk=3369369648&cookie_enabled=1&correlator=3405221358407999&dt=1619438270416&ged=ve4_td0_tt0_pd0_la0_er2038.533.2273.949_vi0.0.1200.1600_vp0_ts0_eb16491&is_amp=0&npa=false&osd=2&ref=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&utm_medium=uol&utm_campaign=rss_taglines_more&scor=18739272916310&sdk_apis=2%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&vis=1&u_so=l&eid=44730612%2C44739826%2C668123729&hl=en&frm=0&sdki=44d&sdkv=h.3.453.0&sdr=1&vid_kw&vid_t&kfa=0&tfcd=0&ctv=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:57:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
de.tynt.com/deb/ Frame 8A69 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aAb9LgbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=aAb9LgbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

cache-control
max-age=86400
expires
Tue, 27 Apr 2021 11:57:50 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 26 Apr 2021 11:57:50 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame 031A 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aIsVNgbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=aIsVNgbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more

Response headers

cache-control
max-age=86400
expires
Tue, 27 Apr 2021 11:57:50 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 26 Apr 2021 11:57:49 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ 		230 KB
231 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
c14bfcff02f65a690cc8b872c50fd955d16bc2bf57c90ecac47dbb541fc1dd98

Request headers

Referer
https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1911960-2147899

Response headers

Date
Mon, 26 Apr 2021 11:57:51 GMT
Content-Range
bytes 1911960-2147899/2740100
Connection
keep-alive
Content-Length
235940
X-Served-By
cache-wdc5533-WDC
Last-Modified
Mon, 26 Apr 2021 08:38:42 GMT
Server
cloudinary
X-Timer
S1619426911.898593,VS0,VE0
ETag
"97cad35a7a28ed00268c809bdbc4a6b0"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31546119
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1619426305/landscape5a67bcd6-d37c-4187-bbb2-786755e2f712_1619426114602.ts
Protocol
HTTP/1.1
Server
184.86.103.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.newser.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Mon, 26 Apr 2021 11:57:51 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
usync.js
eus.rubiconproject.com/ Frame 0E7E 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.212.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-212-16.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ed2d993c35cd51826ee304739d91e554bd9faa1b120602fc4b3baa15941a9e35

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 11:57:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 20:34:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=65840
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9242
Expires
Tue, 27 Apr 2021 06:15:12 GMT
khaos.jpg
token.rubiconproject.com/ Frame 0E7E 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
Domain
www9.smartadserver.com
URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=7325267503054837950&pgdomain=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&vph=235&vpw=416&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00001qMZJwQAO,1,,Rev%20Content,heavy.com&cbb=9438262840
Domain
www9.smartadserver.com
URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=913531&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=7325267503054837951&pgdomain=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&vph=235&vpw=416&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00001qMZJwQAO,1,,Rev%20Content,heavy.com&cbb=9438262845
Domain
www9.smartadserver.com
URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=7325267503054837952&pgdomain=https%3A%2F%2Fwww.newser.com%2Fstory%2F305100%2Fus-wrongly-thought-diplomat-staged-his-own-kidnapping.html%3Futm_source%3Dpart%26utm_medium%3Duol%26utm_campaign%3Drss_taglines_more&vph=235&vpw=416&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00001qMZJwQAO,1,,Rev%20Content,heavy.com&cbb=9438262845
Domain
csync.smartadserver.com
URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3039&dcid=4&iscname=false&cname=
Domain
dsp.adfarm1.adition.com
URL
https://dsp.adfarm1.adition.com/cookie/?ssp=9
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
Domain
green.erne.co
URL
https://green.erne.co/pubmatic/cm?
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F317B17B-12F8-43F7-8FCA-BCDAA239829F&sInitiator=external&gdpr=0&gdpr_consent=
Domain
visitor.fiftyt.com
URL
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F317B17B-12F8-43F7-8FCA-BCDAA239829F&gdpr=
Domain
ads.avct.cloud
URL
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
dsp.adfarm1.adition.com
URL
https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKG2_Wj90C4e_1TPZIuKdd8&google_cver=1&google_push=AQvitUKr5mO-GX_NRcUQdtj_JlJDYUqMxxvu1DPOUB7SohQ3fpXJq3PQ_BPD4e4CzVmOQc-EvfmeaXFhJJvABcXcxSrez9itIV4
Domain
pre.ads.justpremium.com
URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=ae6z5gk1619438260049
Domain
sync.teads.tv
URL
https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A12%7D
Domain
ib.3lift.com
URL
https://ib.3lift.com/sync?
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ox
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=2ab3e1d2-ff83-49f4-bd33-77fb7987651a&expiration=1627300670
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/khaos.jpg?

Verdicts & Comments Add Verdict or Comment

724 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated number| _sf_startpt function| $ function| jQuery function| css_browser_selector number| rolloverTimeoutId number| readTimeout number| clearReadTimeout boolean| loaded boolean| ready boolean| showingRollover boolean| videoClickEventRecorded boolean| registerOpen boolean| isMobileDevice undefined| countdown boolean| isCountdownRunning boolean| ab string| browserWidthCode function| setLoaded function| setReady function| isEmpty function| IsPWAInstalled function| IsPWAStandalone function| IsPWA function| IsPWAURL function| IsMobile function| IsTablet function| IsDesktop function| IsMobilePWA function| IsTabletPWA function| IsDesktopPWA function| IsMobileNonPWA function| IsTabletNonPWA function| IsDesktopNonPWA function| isMobile function| dateAddMinutes function| dateDiffMinutes function| GetOSVersion function| GetBrowserVersion function| AjaxCall function| AjaxCallPost function| AjaxCallSync function| adjustVoteBoxes function| AjaxReplace function| AjaxUpdate function| AjaxUpdateAndRefresh function| ScrollTop function| GetMonthAbbreviation function| EmailAStoryShow function| EmailAStoryClose function| sendEmailStory function| sendEmailStorySuccess function| sendEmailStoryError function| ReportAStoryErrorShow function| ReportAStoryErrorClose function| ReportAStoryError function| ReportAStoryErrorSuccess function| ReportAStoryErrorError number| icurscroll number| qcurscroll object| toid number| pstatus number| pstatusQuote boolean| scrollVid boolean| scrollQuo boolean| scrollImg function| play function| pause function| playpause function| prevImage function| nextImage function| iScrollTo function| changeiScrollCount function| checkPrevNextImage number| icruscroll2 object| toid2 number| pstatus2 boolean| scrollImg2 function| play2 function| pause2 function| playpause2 function| prevImage2 function| nextImage2 function| iScrollTo2 function| changeiScrollCount2 function| checkPrevNextImage2 number| vcurscroll function| prevVideo function| nextVideo function| vScrollTo function| changeVideoCount function| checkPrevNextVideo function| playQuote function| pauseQuote function| playpauseQuote function| prevQuote function| nextQuote function| qScrollTo function| changeqScrollCount function| checkPrevNextQuote function| BuildAjaxURL function| StoryGetRows function| StoryGetRowsBuffer function| StoryGetRowsBufferCall function| StoryGetRowsBufferCallSuccess function| StoryGetRowsBufferCallError function| StoryAddToGrid function| StoryShowNBUFrontPage function| StoryShowLatest function| StoryShowPopular function| GridMainNavSelect function| ResetGridNav function| StoryShowLatestAll function| StoryShowLatestToday function| StoryShowLatestYesterday function| StoryShowLatestPickADate function| StoryShowPopularType function| StoryShowDate function| StoryReloadGrid function| StoryGetNewGrid function| StoryGetNewGridSuccess function| StoryGetNewGridError function| StoryNewGrid function| StoryStartAutorefresh function| StoryCancelAutorefresh function| StoryAutorefresh function| StoryAutorefreshSuccess function| StoryAutorefreshError function| StoryCheckAutorefresh function| StoryScrolledToTop function| StoryCheckAutorefreshScroll function| StoryViewHide function| StoryViewHideCalendar function| GetCalendarDate function| ChangeHardSoftSliderValue function| ConvertHardSoftValueToSliderValue function| ConvertSliderValueToHardSoftValue function| HardSoftLeft function| HardSoftRight function| HardSoftReset function| StoryHandleGridScroll function| Calendar function| calendarGoToDate function| calendarShowNextMonth function| calendarShowPrevMonth object| DYNIFS function| doPopup function| doPopupShow function| closePopup function| HoverScreen function| UnhoverScreen function| storyParagraphLinks number| actions function| carousel_itemLoadCallback function| carousel_initCallback object| addedItems function| carousel_itemAddCallback function| carousel_getItemHTML function| CheckForCarouselSameLink function| StoryCarouselNext function| CheckAdForRefresh function| HideSpinner function| wait function| initCarousel undefined| selectedMediaId object| imageIDs object| mediaCount boolean| playing number| timeout undefined| myCarousel number| largeMediaClicks function| stopError function| sizeThis function| initCarouselGallery function| initjCarouselGallery function| initMediaArray function| selectMedia function| goNextImage function| goPrevImage function| goPlayPause function| pauseLarge function| playLarge function| checkLoadLargeMediaAd function| showAd function| hideAd function| initVideoArray function| selectVideo function| goNextVideo function| goPrevVideo function| AnalyticsCustomEvent function| VideoAnalyticsCustomEvent function| closePromotion function| closePromotionSuccess function| NavMouseOver function| NavMouseOut function| SubMenu function| showSubMenu function| hideSubMenu function| hideOverlay function| CustomizeSettingsOpen function| CustomizeSettingsClose function| markStoryRead function| isRead function| ShowLightBox function| HideLightBox function| getPageSize function| ParseMessage function| mouseLeaves function| containsForMouseLeaves function| stringTrim function| getIEVersion function| trim function| renderSquareNew function| renderSquareNewStory function| renderSquare function| IsLoggedIn function| GetCookie function| ExtractCookieValue function| createCookie function| readCookie function| GetCurrentTime function| sleep function| sleep2 object| Mouse function| mouseMoveHandler object| PositionNew function| Slider function| ToggleMyAccount function| OpenRegister function| CloseRegister function| CloseShare function| YesNoToggleClick function| ShowWhatIsThis function| HideWhatIsThis function| ShowHelp function| HideHelp function| SizeShade function| GetComments function| GetCommentsSuccess function| GetCommentsError function| ReplaceInterrupter function| InterrupterCallbackSuccess function| InterrupterCallbackError function| ScrollToId function| refreshAd function| SubmitStoryTrack function| StoryImageGalleryMore function| ScrolledToTop function| LazyLoadImagesReady function| LazyLoadImagesScroll function| alignSkin function| AreCookiesEnabled function| GetCookieValue function| GetKeyValuePair function| NewsletterSignUp function| fb_click function| tw_click function| HeaderSearch function| ShowLogin function| ShowNewserSignUp function| ShowLoggedIn function| ShowMegaMenu function| HideOtherMegaMenus function| redirectToComments function| redirectToStory function| redirectToStoryMobile function| removeQuerystring function| BuildCarouselUrl function| GetCarouselCallSuccess function| GetCarouselCallError function| ConnectionsFacebookConnect function| ConnectionsFacebookConnectSuccess function| ConnectionsFacebookDisconnect function| ConnectionsFacebookDisconnectSuccess function| ConnectionsTwitterConnect function| LogIntoNewser function| ConnectWithFacebook function| LoginWithFacebook function| TwitterResponse function| Register function| vote function| votenew function| parseQueryString function| isIE function| checkEnter function| ScrollToViewMoreImages function| StoryMediaViewMore function| MediaGetDataSuccess function| MediaGetDataError function| MediaImageShrinkEnlarge function| MediaAllResize function| MediaMainResize function| MediaOtherResize function| MediaOtherLoad function| overrideRecaptcha function| CloseAppPromo function| UpdatePageMetaData function| VotingShowResults function| CloseActionBar function| MetricsAB function| OpenABPopup function| CloseABPopup function| ABSwap function| RefreshGoogleAd function| doPopupR function| MetricsABR function| ABPopupShow function| ABPopupClose function| RefreshAllAds function| RefreshAllGoogleAds function| RefreshAllProperMediaAds function| BuildNewProperMediaAds function| ResponsiveCheckSize function| debounce function| HomeSideBySideNavigate function| HomeSideBySideNavigateSuccess function| HomeSideBySideNavigateError function| ToggleNav function| ShowCopyURLMsg object| xDown object| yDown function| handleTouchStart function| handleTouchMove function| SwipeLeft function| SwipeRight boolean| IsPageVisible string| hidden string| visibilityChange function| handleVisibilityChange object| PageActivityTime function| myActivityMouseDownCheck function| myActivityTouchStartCheck function| myActivityKeyDownCheck function| myActivityScrollCheck function| myActivityMouseMoveCheck function| myActivityFocusCheck function| myActivityOnlineCheck function| myActivityResumeCheck function| MyActivity function| PageInactivitySeconds function| CheckForTopOfGridPage function| GetPageStoryIdIfNoPrev function| CheckForUpdatesStart function| CheckForUpdatesCancel function| CheckForUpdates function| CheckForUpdatesSuccess function| CheckForUpdatesError function| CheckForUpdatesDone function| ProcessUpdates function| UpdateInAppBadge function| RemoveInAppBadge function| SetInAppBadge function| FixTextForNativo function| RemoveNativo boolean| BeforeInstallPromptFired function| PresentAddToHome function| myAppInstalledEventHandler function| AppInstalledEventHandler boolean| PWAInstallFunctionRunning function| PWAInstall function| PWAInstallSuccess function| PWAInstallError function| PWAUninstall function| PWAUninstallSuccess function| PWAUninstallError function| PWAVisit function| PWAVisitSuccess function| PWAVisitError string| ip function| NewserLog function| FlushCachedPagesFromCache number| width number| height object| jscd object| twttr object| properSpecialOps string| PWAAdHide object| propertag object| _gaq object| _qevents string| NewserClassification object| tyche undefined| playwire_lastAd undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus undefined| pageos object| _pwTycheAB object| pwKinesisCreds number| cmpVersion boolean| tycheSampling number| tycheSamplingRate string| tychePath boolean| rampSampling number| rampSamplingRate string| rampPath number| _pageViewSR boolean| _pageViewSampling object| _pwLogger boolean| excludeMoat boolean| pwKruxEnabled string| _pwKassandraVer boolean| _pwUserInCA object| webpackJsonppageos object| __core-js_shared__ object| core object| PageOS object| ramp boolean| loggedIn string| ajaxAdControl object| c boolean| NewsletterSignupSideShown number| NewsletterSignupSideWait object| NewsletterSignupSideStart object| NewsletterSignupSideInterval function| NewsletterSignupSideCheck function| NewsletterSignupSideClose function| NewsletterSignupSideSubscribe function| NewsletterSignupSideSubscribeSuccess function| NewsletterSignupSideSubscribeError object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer string| FBAPI function| fbAsyncInit boolean| _isMobile number| pageHeight number| pageWidth object| arrayPageSize string| sitePageName object| calObj function| focusOn string| testCaseValue boolean| mediaMainImageSmall number| StoryInSection1_activePage function| StoryInSection1_updateDots function| StoryInSection1_ScrollTo function| StoryInSection1_setBullets function| NewsletterPromoSignUp function| NewsletterPromoSignUpSuccess function| NewsletterPromoSignUpError number| storyMediaStoryId number| storyMediaArticleMediaId string| storyMediaArticleMediaType string| storyMediaForceBigImage function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| __twttrll object| __twttr boolean| payload_loaded object| FB function| w_event function| createElementFromHTML function| stripScripts function| generateID function| checkScriptHead function| observe_mutation function| getCpcPrediction object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client boolean| recaptchaSuccess string| recaptchaResponse boolean| doesSupportRecaptcha boolean| recaptchaOveridden function| RecaptchaSuccess function| RecaptchaError function| onReturnCallback boolean| PWAEnabled object| checkForUpdatesTimeOfLastCall object| checkForUpdatesTimeLastCallStarted object| checkForUpdatesCallXhr number| checkForUpdatesRefreshSeconds number| checkForUpdatesInactivitySeconds object| checkForUpdatesId number| checkForUpdatesInterrupterId undefined| SwipeEnabled string| pubcidCookie object| _comscore object| _sf_async_config function| LazyLoadBindScroll object| jQuery11240014712675223919947 object| sifi_att_42656 boolean| adBlockEnabled object| testAd object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| googletag function| proper_log function| proper_debug_console function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant object| TraceKit function| UAParser object| device string| SYNC_ENDPOINT string| NON_MEASURABLE string| ENDPOINT_TEST number| accountId object| recaptcha object| njl function| CookieMessageClose function| PWAIPShow function| PWAIPInstall function| PWAIPClose function| PWAIPHide object| responsiveSize number| responsiveOldSize number| responsiveNewSize function| myResponsiveCheck object| Modernizr object| ua_result object| revcontent function| revCriteoRTUSCallback function| renderRCWidget number| c_start number| c_end object| closure_lm_205803 object| TRUE_ANTHEM number| __a function| udm_ object| ns_p object| COMSCORE object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint string| requestType boolean| edge string| bidder boolean| withCredentials function| proper_0feef13c_7fb9a69c_1 function| proper_7de39cd4_5b934916_2 string| proper_ad_page_uuid string| proper_ad_session_uuid string| x object| apstag function| proper_998800f0_7bbac70e_3 object| g367CB268B1094004A3689751E7AC568F undefined| g undefined| adscoreVerificationStatus undefined| freqms undefined| elapsed undefined| waitForAdscoreSignature object| response function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter boolean| apstagLOADED function| splitIndexSlots function| isSameSlot function| clearTargeting function| cygnus_index_judge function| cygnus_index_parse_res function| cygnus_index_set_targets function| cygnus_log function| index_render function| cygnus_copy function| getSlotInfo number| cygnus_tid object| index_slot_to_size object| index_slots_render object| index_slots_add function| getSubId_113220 object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| regeneratorRuntime object| pbStream string| pbPageIdentifier object| __EXCO function| Hls function| av_sciv_hndlr1619438262440 object| storageAni object| google_image_requests number| google_global_correlator object| closure_lm_153204 object| closure_lm_190280

16 Cookies

Domain/Path Name / Value
.newser.com/ Name: __asAB
Value: false
.newser.com/ Name: verizon_media_s2s_cookie
Value: y-mOy0NbFE2uHeqr1IlR9OKCqKV36lHoJv~A
.newser.com/ Name: mediagrid_cookie
Value: 0399a166-cc6f-4c54-b96b-6994f34bd5fa
.newser.com/ Name: proper_tracker_cookie
Value: eyJwaWQiOiIiLCJiaWRkZXJzIjp7Im1lZGlhZ3JpZCI6MSwidmVyaXpvbl9tZWRpYV9zMnMiOjF9LCJwcm9wZXJfdWlkIjoiMWQwN2FhNWItNmJhNy00NTJjLTg1OTUtYTI4Yzk0NmQxZmFhIn0=
.newser.com/ Name: properSessionData
Value: eyJ1dWlkIjoiMzM0Y2JiMDMtNDAyNS00YjBiLWI4MzgtYmE1NTNjYTQxYjFkIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwidXRtX2NhbXBhaWduIjoicnNzX3RhZ2xpbmVzX21vcmUiLCJ1dG1fc291cmNlIjoicGFydCIsInV0bV9tZWRpdW0iOiJ1b2wiLCJ1dG1fdGVybSI6IiIsInV0bV9jb250ZW50IjoiIiwicmV2ZW51ZSI6MH0=
www.newser.com/story/305100 Name: AB
Value: N
www.newser.com/ Name: _chartbeat2
Value: .1619438260016.1619438260016.1.CrtnpxBkKC1aD4aFF1C7qsv6a7e7P.1
www.newser.com/ Name: _cb_ls
Value: 1
www.newser.com/ Name: _pubcid
Value: 1d07aa5b-6ba7-452c-8595-a28c946d1faa
www.newser.com/ Name: _cb
Value: Dr6phPDqgWhYDyV5QD
.newser.com/ Name: __qca
Value: P0-906156759-1619438259862
www.newser.com/ Name: USERCREDENTIALS
Value: EMAIL=&PASSWORD=&USERID=0&VISITORID=1454384860
www.newser.com/story/305100 Name: g36FastPopSessionRequestNumber
Value: 1
www.newser.com/ Name: _cb_svref
Value: null
www.newser.com/ Name: ASP.NET_SessionId
Value: 2ydpb3u0mdsnmpfshux5s2ce
www.newser.com/story/305100 Name: ntvSession
Value: {}

10 Console Messages

Source Level URL
Text
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
GDPR CMP not found.
console-api log URL: https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more(Line 1990)
Message:
NewserConsolePWA: Service worker registered, scope: https://www.newser.com/
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USPAPI workflow exceeded timeout threshold.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
GDPR CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
GDPR CMP not found.
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.newser.com/story/305100/us-wrongly-thought-diplomat-staged-his-own-kidnapping.html?utm_source=part&utm_medium=uol&utm_campaign=rss_taglines_more
console-api info URL: https://player.ex.co/player/aa6b7784-6c11-4b79-917c-5f1bd774afe6(Line 6)
Message:
[exco-log] - 4/26/2021, 1:57:42 PM: logger - enabled

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.tribalfusion.com
aa.agkn.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
apex.go.sonobi.com
api.ipify.org
as-sec.casalemedia.com
assets.revcontent.com
atrack.avplayer.com
bcp.crwdcntrl.net
beacon.tru.am
bh.contextweb.com
bidder.criteo.com
biddr.brealtime.com
bids.proper.io
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
ccde9b4ae0b1b7105d848d3ef3b25d34.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.contentspread.net
cdn.districtm.io
cdn.engine.4dsply.com
cdn.intergi.com
cdn.revcontent.com
cdn.undertone.com
cdn.whizzco.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
connect.facebook.net
cs.admanmedia.com
csync.smartadserver.com
d.adroll.com
d.agkn.com
d1bvk193qme2fc.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
de.tynt.com
dis.criteo.com
dmx.districtm.io
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb.proper.io
ec-ns.sascdn.com
ecs.mantisadnetwork.com
engine.4dsply.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
global.proper.io
googleads.g.doubleclick.net
green.erne.co
hal9000.redintelligence.net
hal90005.redintelligence.net
hal90007.redintelligence.net
hb-api.omnitagjs.com
hb.emxdgt.com
hbopenbid.pubmatic.com
i.clean.gg
i.simpli.fi
ib.3lift.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.revcontent.com
imasdk.googleapis.com
img1-azrcdn.newser.com
img2-azrcdn.newser.com
jadserve.postrelease.com
js-sec.indexww.com
load77.exelator.com
loada.exelator.com
loadm.exelator.com
loadus.exelator.com
mantodea.mantisadnetwork.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mcd.ex.co
mwzeom.zeotap.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
playbuzzmm.ads.tremorhub.com
player.aniview.com
player.avplayer.com
player.ex.co
pm.w55c.net
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
pre.ads.justpremium.com
premiumsrv.aniview.com
prg.smartadserver.com
propermedia-d.openx.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
rddywd.com
rtb.gumgum.com
rules.quantcount.com
s.amazon-adsystem.com
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
simplifi.partners.tremorhub.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.chartbeat.com
static1-azrcdn.newser.com
static2-azrcdn.newser.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.bfmio.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
syndication.twitter.com
tag.1rx.io
thirdpartyoffers.juno.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
trends.revcontent.com
tru.am
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
usync.proper.io
visitor.fiftyt.com
www.google.com
www.google.de
www.googleadservices.com
www.googleapis.com
www.googletagservices.com
www.gstatic.com
www.newser.com
www9.smartadserver.com
x.bidswitch.net
ads.avct.cloud
bh.contextweb.com
cm.adgrx.com
csync.smartadserver.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
green.erne.co
ib.3lift.com
match.adsby.bidtheatre.com
match.deepintent.com
match.prod.bidr.io
pre.ads.justpremium.com
secure-assets.rubiconproject.com
sync.1rx.io
sync.teads.tv
token.rubiconproject.com
uipglob.semasio.net
visitor.fiftyt.com
www9.smartadserver.com
104.16.68.69
104.17.119.107
104.244.42.136
107.22.233.72
107.23.226.15
13.224.105.229
13.224.111.21
13.225.74.4
138.201.63.157
138.201.63.165
142.250.185.130
142.250.185.198
142.250.186.66
151.101.114.137
151.101.114.49
151.139.128.11
159.253.128.183
169.50.137.179
178.162.133.150
178.250.2.131
178.250.2.151
18.184.153.186
18.196.230.57
18.196.98.222
18.198.69.109
184.30.20.185
184.30.20.198
184.30.20.241
184.30.21.59
184.30.212.16
184.86.103.158
185.183.112.155
185.255.84.151
185.29.133.52
185.33.221.91
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.64.190.81
185.86.138.16
185.94.180.126
199.232.137.44
2001:678:cb4:bbbb::11
208.100.17.182
213.155.156.182
213.19.147.42
213.19.162.31
216.52.2.19
23.38.51.43
2600:1901:0:8eee::
2600:1f18:612b:4232:681:3bdd:ce03:aa95
2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37
2600:9000:20c8:4600:19:f03c:7200:21
2600:9000:20c8:5800:6:44e3:f8c0:93a1
2600:9000:20c8:e200:14:2602:6e80:93a1
2600:9000:20c8:f400:18:1fcd:34e:d2a1
2600:9000:211e:f400:1f:2473:9080:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:db6
2606:4700:20::681a:274
2606:4700:20::681a:bd1
2606:4700:3033::6815:3c4d
2606:4700:3036::ac43:8a2c
2606:4700::6810:9f11
2606:4700::6811:4f22
2606:4700::6812:c05
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:46::45
2620:1ec:bdf::45
2a00:1288:110:c305::8000
2a00:1450:4001:802::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2006
2a00:1450:4001:812::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a02:26f0:10c:48b::2c79
2a02:26f0:64::210:b540
2a02:26f0:6c00::210:ba29
2a02:6ea0:c700::4
2a02:fa8:8806:13::1370
2a03:2880:f01c:8012:face:b00c:0:3
3.126.158.103
3.126.56.137
3.218.8.230
3.228.45.187
34.192.170.233
34.95.69.49
34.98.107.212
35.158.21.212
35.158.49.68
35.168.30.167
35.170.116.13
35.227.248.159
35.244.159.8
35.244.174.68
37.157.4.40
37.252.173.62
38.27.122.158
40.114.51.62
44.238.170.237
51.222.80.231
52.11.196.81
52.18.52.16
52.205.35.62
52.22.15.148
52.29.225.117
52.4.152.106
52.48.137.92
54.183.56.236
54.194.230.135
54.204.142.198
54.226.160.243
54.241.108.168
54.78.254.47
54.88.209.254
63.33.113.39
63.35.128.189
64.136.53.215
65.9.66.59
66.155.71.150
68.232.35.16
69.173.144.138
72.21.206.140
85.114.131.234
88.214.206.247
88.99.165.19
004f5b53e3b0af46c7b516e3a748b0828193750986f6d3d4571042c3aaf8aa3d
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
0390d2d7d2af6cb46729c908b30822550a91c3bc6aa7de77f21f626ce681fb40
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
04b2684e2a85ed8bf65eb0e6a3b4d942ebe82fcec4169bf3b322b9ad06f6565f
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0945f6809946a07a2d3e6179b96fa559b18cb6cf8f1124fef1ff6f29235da2c7
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca65819fa6e63cb416b262899e69957f638d41702075bd48fe35a878dcf9a09
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f1147339ebb2d5167f1aa14e3152ffd7b9bf1652bb763dfd24fb25fb9a8df3c
1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1345fd31c871f1be80924e6020298e182023f420b49e740bed5903748fc27546
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1909dc22083cbd058681c3fd768eaabf2db9e32b6966cb43b94f39144754fd31
1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0
194668174020f4c9a143e8ada47099e890c638ddeac13f878c294e4cf9f57202
195072137d3810c9f02c551801a8a5caa3cbbb5b71110dda88486002c4c0c21e
19b92218cd644777e32e479710d1d71570b4e2ba5f6558c944efda747841553c
1a8779c89819f926bf89f13ed35bfe40f3df4bffeff821c62eb6ee3df586f81e
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122
1bc725ed81e63e6c320726140b02343158218593252843e11dcf84a897b817eb
1c6b092ba127041b63d54877f927535bf99dafbd361451ac24fbc8013191d798
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3
214494920ed035c684b3410272473d8c1d3ff2bda93a7b0b4715c734fe33fc57
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
23727e1fd90dc2bc2566aeef37ee69dd72c888dd8ba8d726f45e843c85eb0d67
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
27e62460ef6782469e782fb1285fb60fa684e5fd45418bd909dc55e0ae8dac1e
2850541eefcb545ac595504e0103a77bb0f8ae0ecdb92d2af5cabfb3edd7928d
2a3405435c61344e6ff0644a1884a931ab350d3436d3494adc343374a20b31e5
2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762
2bd87606287ca15f713a40bebb5853a144dae7ddbc579705ed200485fccfa028
2d8d5e5d1a958763cc003dc5291771d49b5c8a0c23870d5e254796868f9d56f6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2a4d2681f1a4753ae48f6de1824424aac4e7e16b274076fdf5c890ad863b0c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba
303d58af9bd5a06f3252faf47c310f07bea55900b613d634bd7da959b346777c
307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb
31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b
354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
392d2ce2b1e3bb2e2d06104ee52e93b504619689fd1ab42c58e483abd3b5d4ec
3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f9ebf128c9383c5fc8f3a73439f0e2dfb997f34318383e554b124e37c319c2e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
452d1771c6e4f4a4981f681d311aabb02f3b79661e4b3688293506891c4549ad
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
48431758a3f77e061b03b2432c09bab93f8292f0f8081096bdfa6a7b0fcf84fe
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49
49fc49597d38ee4da3f0451322e2368c2cb9808a9181ec1fce3c8c696d452456
4a716586c9c566e1c27a9bec7e06c741f5a40041419206547231f70c77262c17
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4cb9a7fce5da9d0d7c7b78e96dcf0b0f8c43d152be4718e0546b2c9110a3b8a5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
501ed6f37588ea4083347c8c1b9fd9bfbc560f8f9977aa2847749e0977063f6c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5057f7beaa08450682a5418bdce93e9783bd704527406843fb019ea0a52778d4
517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75
5272aed596706279548359445d38845b9da66be9a32b5a8c599b5c090e670772
53730a7fbcb3223f91059fe2cb0ed31fc1a9280048fea7f62cd0f047c4c2d3d2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
56b1340415d585288212c79f472c8a9f2cdaa1c2aa3495a54ac2f84703e09ec6
59352094433aa8c09e554c87ead604489226e4f28c48aba806a5cf3451596a4e
59915f0c49acb532a732c5b2c1ce70aa6cad370f1536944d0df12d59a85968c9
59f0b33d7356877f42b0618402da05032b4681f8b6c6c6329dfdab493325dca4
5ac213428350c605ccc1a805d95bcb46c2e51b9db6a98a4551171e0437072c9c
5b93ed81863f445fce8c9fa844f78076bc6ba4831f89e83d9aef021a65137a9d
5bc9f6445aa17af661acf6bda500a78865d086b0a84b427419914c73ca6bb6dd
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
5d77edb71e1031ff06541a7a2bd05cd3dbc3bfd5434711bae081fc06f8791558
5d78d2f1b38669d4d7d97bf6c79da5c93f2755276d6420ffe591a04f24c2c9d8
5de979b45e3ec35ac840427d8253eb968927b0dcadc5730bfb3ec752290dadd6
5ebd64cc00c3d7fdc052a0210d2805b2112ed47233e7657a82b2a90e30b61bf9
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f53a941275c1c7d2dbd55108e43e3ef28be7b14fdb6760c06f8e2b27fa08ad3
5f711418c6d788a071fa6725ea3025e3f38583f9e4fc8249a7f35c1c3ca3525a
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec
60ebe8fe961d20cdb3264d98cee38e50d10ba09d97928ae166a03c1acf5a6e79
622cb5c3b8b132ae76ae23953e341efa833dfdbe232d776919bbb67e23ba12ea
6485a8591ca28ea25a88d35eb3ad8ddd323a1db1c051206a40e10fbc0b03bfae
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
695f1646b07d0cd788f458ed2bda9670f7067463c4a1a0095e76523f0160da9f
695f471f6dd7ed55a6413cd77660297aaf2b0fc45ccc5d15de88728aa0979360
6987043c1b872ecf61a446206795f72a296544594a965be355c62d1d0357902c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c4051694f2c99a547693e8800f768ab26c55c9c1575f70bcab81796207fd51b
6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5
6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6f94014e7f3634aaa24b7c42f84bbc32da785c6ad42fd229674be824922349e6
6fb3e855e2d9d1cdad42abf72559469349e0ad63582d6b1296a420c3e24507a2
71b38b0086ccfc753a75f1ee9aeb0978303c6ec7851df126c0eae7a0dc2717a3
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7439ffb89ed0addf9171c312a6e987f323f9c0852478528d804c0a031e69a2d9
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
764e2d9c981d4c59ab3b49f663c30341777745a7bfb8b60fe0c617396a42b727
7910b9e6eb6ba05dc7cd8be541c36c2d236d6f0af0ba14a900e67eeacd4c674b
7ac27fff38529a351928fa457eb45bc5b6ea0d963f4999f93bf8e68ce7fe9848
7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95
7d720c3f8b613cd0d3c39fa3d1a869527094736e439755aa1d8961e770357484
7dcf695057fbd3a80a8397d8466885b5928d925a3a51e6cdaf787601bc8d9d2e
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7ed4a343523509f279aa613621dbe61843e638d55adbe5c13de23f188f21845c
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
804c86c1057e0964c143160826c0e6ed5d7d524eeb9c2d46a952fe699c583522
805dc2ef7778678ace99530207d0bcda25f70b3c2ae08bca8259c079454eb0a4
80b65a43e05bc5288e9d3518505cb1a9aecaa2ef814fd93121df26f28f332a88
8264b655bc4bf20d9612196a2c14dc94a4f7999e6a60fb60a312efd205d2d8fe
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
867d4eeaf974d04e7844787f286fa04071a02d784f5579e17bf867a8c381d48d
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86e5b8e9c18aed14901192768649a91e543744f3eb368ee2ea90e31b4fb3f92c
871a8f1084b6a27c4a67c854ba86e745d89be827f9bbc9057cbf3e535722cee1
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7724c42432de12e8bef80bc5b3b025e434dd4b4ba8ee05f968bbb279165887
8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5
8f7abefb15bb45806215e2c20e834844820f1db6080071ddaf14289122710243
8f8dac5a256ef7a961e919e9e8f0d88f578df2ab1e62e7c8d63257ad261e5fd0
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
902dde5c61e28b2ea557a81ff2d3a2be505654f7a8d74b35c52410f47dc75f66
91651ffba64af316abc6706ced9a15cb7a48545d26c93fc02b18b1aece1e2089
97b053b4c849fc3b1fa7005e3e1ac6a7a9a8fd773c42c84ce920ae077395915d
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
98ba2e1fef17c14f30d59cd311adb42f9393ba132e6689fb5784e092a5638606
996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269
9a43390d9221c1932b6363b87b2f9ada39f29009d59726c0ece778daf4154de1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9abdd4b576a68c1a29edab7c5fbd8af6555f0185b65215b13b0e48dbf47d5844
9ca5c7b9512739626f890d52f19eb2358cbb074e5a6921b072280ec1d95e06d6
9cf51c1f71e057038994960b9b2f870ba6b82de3e5002695c81c0b6542630ab8
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0
a002eadbd157c39cf70a3b69589d9e776510924cd270c7b5fe9a5585584eb698
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86
a0fe7023f569ee486074cb05c6055223e399b0f80961df7db5365a8a470a328e
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b
a1b54acfbe06d7df692389f781ce59e80007ee8fb61e64b00156668858113a29
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2a82eeb9ab6132115a4ac7fd50fef844e00dca4813ad53126554bc77f32da96
a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe
a2dac1098abcf2e7353e3a403f7c9564d6f5d90cb7809d35c74b7fa94b7d1344
a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ec8330a90caef4a8979d42f25f7e37780ad2cf4d86902b9e47eb57b00eee66
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8a2b3462c740c8347f2e5db24143b43e7cfd0adfae2f65f3ae30254985a300e
a8d51e44aebeb14e1eaf612b0af9fd0e05e81bf5c6f191bc52d8f1a3fcd79a9d
a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6
aab36c82cbfb0d7f3604cdb3493161850e68ab6f43df4ae207a70041374c8f95
ad952dc06db0dd7d40a40ce35965f830552d90af3fadd3b68b466d4219bdbc4a
ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae
af44e015e3927ecac9c5e87f15a0bdb25d1717f8b7fc85be78da49f711131473
afccc68137a6c79e137fe2888b6955f0f3187f0af65fc2eabe4b9783f07861de
b026d5118326e37e2324456275ac6971462e1c6a8a90213c55bb4a098aa3b4f4
b0763b05f76f3c2a0d56bf41801683e8dbf116e220b2f6f1aa04a87c93342f33
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b407f19b4a63d79472adfd0b7ed3a4c58e12748b140619096553898d9993eb32
b54568772ef8a0c621b60cdf1f24db74c5108dbd3133ea2a024e13d50d452e59
b95e374e88885171c44c508c9e386e92514ffc19d5f8d19222e0c047ce01242b
b97ff1109b709bf33a4a7593782b6f5f0fe56b3b46ef504dba244a9026c3fdbe
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703
bcc284b7b52478a7a983b4a14b79610bb644f87d91ada020860e3082c9dcf5e9
be1fe6ffaf80d817687ef8e757d9ae298ecec2ca89adb04a26c77dbcdf444f4d
c00e4b444e4089660152f10bb0cf87d45be907756bf33150841afc2f8a69d791
c09c2c7425fda774f4011b834ca8f377d98c8e9d38f66eee20b2fd71c5650874
c0e2de1910c51b9146fec0cc847f64b28a62b86f030e1ea05a7d8b05c130dc9f
c14bfcff02f65a690cc8b872c50fd955d16bc2bf57c90ecac47dbb541fc1dd98
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4c04f43b059e9f1d8eccacedd47c55f7f3668226946342d28594d45d0375402
c53e7730a5e3cec28effd0be2f795fca16c270c5a73838a354b9dbdf476ba3c3
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c63e90138b24de4b2b8ec2f251dba851c5539836755e602b5b738d12d9ec918a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca71eab219d850273b3d31594aab3ead49d717612856c6e825c7dedaf57f3fb2
cb2259c90e94db192ec8354abefa348eea93751deb94f457357cb2a92b809f08
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccdcb22736d1255907703bc6f735be7437704c8316898c62b886058d59879c8b
ce0fe60f324df2aacdcc306fa17b4cf1b66227ed8fc0406df0d5ecfdda833fee
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa262af02d97227f04de89b2a5faf13cda98cf8b4991f318d79826cb7546e03
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0c9fba34d6c385baa45e09556ffa98e4f617a9251eee6c432533f121cc27fec
d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1b1ae274b98b536cad52a99915d4fc0670fb156a0404ad097c4e873c7422f5b
d27e9d16a3820e90e60ed0eec68eafe0617c9ae53a6672f748bb830029ce4ced
d3a06829c824770163d5db87361760c827b78e25708a807c83fe28593c71ec52
d42cc9e1b906c512899ad5513baa71511929b1749f0f8603d6a6ec2d91432b30
d4c620b70419b6eb0cbd0eb034610854e9f606f807543f5abf55d946431b7398
d53f9894af2c23043907256a4ac6fb36cf2147ae62303261092284cec575311c
d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857
d75d87fc22a652912a9e07175e4c068604e972a2f8f786e6269e29748ec3a5ca
d7876d89ace0b3db7a3c0f5664b4487258b28e5e99a6a3a04cac748afdb77860
d8681f58e32b5f88d2d5908f03df48466abea3492a0037e127f6dc50792194a8
d8a8bbee03096f025ee76c6f3dfc3a74e5db52d65fca6f13169648637e5fbfc6
d8f64ca73c0faaf5d9d1e56252a2d89a23262ea516e7d731adaf5f255d4081a3
d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211
d9d56ba371a99b5c76a73f85319718e8ac8c0bbac5fcc5eccd52656061f02e6d
db36c9ab0f6aec2b674e58cd8bf40af54551d50eaac901c49dc8e005fcc4d3de
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
dcdd298c3cc61adb49700ead4da02f60b10cab0a1df4888019d121a02e3b275c
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc
e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8029618116c0a15a921368667fe90448d20dde10339aa8fa9d0844080e40e8d
e850ec15b8fc29369d1e0d0fc2aa5bff9e3f12b767b9300e1e399482b09e1399
e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d
ea04f751b4d0b37cdbd317309bc60fbd82df9c618b8524be326000abd7787945
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ed2d993c35cd51826ee304739d91e554bd9faa1b120602fc4b3baa15941a9e35
ed8a20d02872e9859380c4a2431fa5c5cbbfcedc75f46dbcd46512dfb4b8bf88
ee7171a1f00ae9e330eade97c6f34ac4d501f3fd554979e4871cac927e45e73a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1ed40ca2164437207161ab4c9fd4eae6831dcde78273e70074ea051010f592
ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3
f27af9873da50427ff76f55927849a11346f4832fb5dbe9005790ef2564decf1
f3f879e9b3918ab2d171c21ffd5335c69d7a5742bc99b44ffccf519b3199e355
f4a049af35ab4a5bc619d2848719127e1a19033ddbd1a6fabc9927ff0a9ce2e3
f552246407a4f8b34a08fc42783296a8579d8f934081a0086cf37d051f334d6d
f58042f628f5e720b04c0509796ad085435ed186d0268fc0562b40f589cb0ac5
f677418329f1492ff13d5041c5872f1570eda43eaca5d1854a61de27385dab66
f77d8ef7d87546e709eafa95a707f6c03e20f7fe44f3d12b01ddbd9915b2b915
f8546a1e7fae1c181f72a2729edd8594597c16114304fffd29678397639628b9
f8deed8d38bdd3b2902629c02ad1eb000b082b2519fb73d31a63d37181cf77fc
fb28a7094c14ceebd4d7fc09cb4390c9a346eaf050a24a573887f437c0dcc890
fb7ef2657296a9b0e9b388c14c171953f0303a32b0d98bd7e3cfa9bb466fc53e
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077
fe5aba0ddb4e89693b7cf6f94dec5ffad359b3f61445798f112a2f295fe865cc
fea33f31bdbc5d0213fc42cea42c6dbc41a7ea5b922a55c287205bd8e7cdbc1e
febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8
ff91a33e7a09f6045e38d66a225979897d8c704afff670898a6ee7711579a82f