www.newseveryday.com Open in urlscan Pro
35.186.240.185 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://urldefense.us/v3/__https://signal2domain.online/click?redirect=https*3A*2F*2Fwww.newseveryday.com*2F&dID=1...
Effective URL:
https://www.newseveryday.com/
Submission: On January 26 via api (January 26th 2022, 7:25:26 pm UTC) from US — Scanned from US

Summary HTTP 160 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 35 IPs in 1 countries across 27 domains to perform 160 HTTP transactions. The main IP is 35.186.240.185, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.newseveryday.com.
TLS certificate: Issued by R3 on January 11th 2022. Valid for: 3 months.

This is the only time www.newseveryday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.233.38.149 18.233.38.149	14618 (AMAZON-AES) (AMAZON-AES)
1 1	174.129.26.116 174.129.26.116	14618 (AMAZON-AES) (AMAZON-AES)
1	35.186.240.185 35.186.240.185	15169 (GOOGLE) (GOOGLE)
39	2a02:6ea0:c40... 2a02:6ea0:c400::12	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	96.16.28.127 96.16.28.127	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6810:a010	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a03:2880:f21... 2a03:2880:f212:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f21... 2a03:2880:f212:1e4:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:220... 2606:2800:220:de:468:2285:c1:4a3	15133 (EDGECAST) (EDGECAST)
2	2607:f8b0:400... 2607:f8b0:4006:808::200a	15169 (GOOGLE) (GOOGLE)
1	23.52.163.40 23.52.163.40	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
2	52.200.255.42 52.200.255.42	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800b... 2620:116:800b:21:292:74bc:93af:7512	14618 (AMAZON-AES) (AMAZON-AES)
1 3	13.226.31.20 13.226.31.20	16509 (AMAZON-02) (AMAZON-02)
4	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21d... 2600:9000:21dd:5400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	198.145.13.12 198.145.13.12	2044 (DF-PTL01) (DF-PTL01)
1	54.230.162.78 54.230.162.78	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
13	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
25	2607:f8b0:400... 2607:f8b0:4006:81d::2001	15169 (GOOGLE) (GOOGLE)
1 3	2607:f8b0:400... 2607:f8b0:4006:81f::2004	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
24	2607:f8b0:400... 2607:f8b0:4006:816::2006	15169 (GOOGLE) (GOOGLE)
3 4	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
2 4	184.29.129.7 184.29.129.7	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	68.67.161.210 68.67.161.210	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
160	35

1 18.233.38.149 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-38-149.compute-1.amazonaws.com

urldefense.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.129.26.116 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-26-116.compute-1.amazonaws.com

signal2domain.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.240.185 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 185.240.186.35.bc.googleusercontent.com

www.newseveryday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a02:6ea0:c400::12 (United States)

ASN60068 (CDN77 ^_^, GB)

1639681107.rsc.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1366492296.rsc.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 96.16.28.127 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-28-127.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a010 (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f212:c4:face:b00c:0:43fe (Secaucus, United States) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f212:1e4:face:b00c:0:4420 (Secaucus, United States) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:808::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.163.40 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.200.255.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-255-42.compute-1.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:292:74bc:93af:7512 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.31.20 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-20.ewr53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:5400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.12 (Portland, United States)

ASN2044 (DF-PTL01, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.162.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-78.ewr53.r.cloudfront.net

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)

0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:807::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2607:f8b0:4006:81d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2607:f8b0:4006:816::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.80.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.29.129.7 (Edison, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-129-7.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.161.210 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 805.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	226 KB
39	cdn77.org 1639681107.rsc.cdn77.org 1366492296.rsc.cdn77.org	740 KB
24	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	2 MB
14	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	211 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	4 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1501 m.addthis.com — Cisco Umbrella Rank: 1468	218 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 138	2 KB
3	anura.io script.anura.io — Cisco Umbrella Rank: 40527 ads.anura.io — Cisco Umbrella Rank: 50969	18 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	101 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 592 syndication.twitter.com — Cisco Umbrella Rank: 844	133 KB
3	instagram.com 2 redirects platform.instagram.com — Cisco Umbrella Rank: 6449 www.instagram.com — Cisco Umbrella Rank: 1105	5 KB
3	getclicky.com static.getclicky.com — Cisco Umbrella Rank: 11658 in.getclicky.com — Cisco Umbrella Rank: 9623	6 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 47	32 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1019 pixel.quantserve.com — Cisco Umbrella Rank: 424	10 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	64 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	84 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 898	438 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1758	683 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 361	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	2 KB
1	newseveryday.com www.newseveryday.com	13 KB
1	signal2domain.online 1 redirects signal2domain.online — Cisco Umbrella Rank: 310393	537 B
1	urldefense.us 1 redirects urldefense.us — Cisco Umbrella Rank: 188902	351 B
160	27

	Domain	Requested by
29	1366492296.rsc.cdn77.org	www.newseveryday.com
25	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com www.newseveryday.com s0.2mdn.net
24	s0.2mdn.net	www.newseveryday.com s0.2mdn.net
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
10	1639681107.rsc.cdn77.org	www.newseveryday.com 1639681107.rsc.cdn77.org
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com www.newseveryday.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.newseveryday.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	1 redirects tpc.googlesyndication.com 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
3	0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.newseveryday.com
3	sb.scorecardresearch.com	1 redirects www.newseveryday.com
3	www.googletagservices.com	www.newseveryday.com 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
3	s7.addthis.com	www.newseveryday.com s7.addthis.com
2	googleads4.g.doubleclick.net	www.newseveryday.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	www.newseveryday.com
2	connect.facebook.net	www.newseveryday.com connect.facebook.net
2	script.anura.io	www.newseveryday.com script.anura.io
2	fonts.googleapis.com	1639681107.rsc.cdn77.org s0.2mdn.net
2	platform.twitter.com	www.newseveryday.com platform.twitter.com
2	www.instagram.com	1 redirects www.newseveryday.com
2	static.getclicky.com	www.newseveryday.com
1	syndication.twitter.com	platform.twitter.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	pixel.quantserve.com	www.newseveryday.com
1	ads.anura.io	script.anura.io
1	in.getclicky.com	static.getclicky.com
1	rules.quantcount.com	secure.quantserve.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	secure.quantserve.com	www.newseveryday.com
1	z.moatads.com	s7.addthis.com
1	platform.instagram.com	1 redirects
1	cdnjs.cloudflare.com	www.newseveryday.com
1	ajax.googleapis.com	www.newseveryday.com
1	www.newseveryday.com
1	signal2domain.online	1 redirects
1	urldefense.us	1 redirects
160	41

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.addthis.com

Subject Issuer	Validity	Valid
*.newseveryday.com R3	`2022-01-11` - `2022-04-11`	3 months	crt.sh
www.cdn77.com R3	`2021-12-09` - `2022-03-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
script.anura.io Amazon	`2021-06-23` - `2022-07-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-05` - `2022-02-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2022-08-03`	2 years	crt.sh
ads.anura.io Amazon	`2021-07-29` - `2022-08-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-24` - `2022-03-23`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.newseveryday.com/
Frame ID: 66B49AD7615F7675C4AA9FEEF6550602
Requests: 78 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: E654FD9E1BE1108AE04EAB70EB90D639
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: D09B8187900F087361D1383357327C4B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.newseveryday.com
Frame ID: B537372EDB3C16E2BA112BC839701540
Requests: 2 HTTP requests in this frame

Frame: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9E9670A7358B9312427E40F1C92461A2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9D9C821E998B8E61D1EC2282026EAA24
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 89EE61D11A518BCC550B35E40712C6BC
Requests: 2 HTTP requests in this frame

Frame: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1504BBA3D2A943B91CE4534753917F23
Requests: 9 HTTP requests in this frame

Frame: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 57FF6AA6E209F977B5F4111FAE40C575
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4YhdHrnAEwAQ&v=APEucNWFRTmtaWd66frwdaJaOF4y0i2JyTCEjq91LmYDpYsmaJYpz8jZcuVQbCU3_Oc5DxBsbwd0thQm7SiJowXsJYg1uK2BKQ
Frame ID: 47F51704A5C1D23273B6180B2D730D96
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html
Frame ID: 39E3165D9396987971C513FFE375D0A1
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F807CB52487F67F1D0207150CCD5FD17
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
Frame ID: BCE5FC1A79B39BC47DFA02EC6B3068AA
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9C81B55C77437D5F23C5766F645CA6A8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Frame ID: BFC3BB23A43236C22141FF5CA4B16522
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

News Every Day

Page URL History Show full URLs

https://urldefense.us/v3/__https://signal2domain.online/click?redirect=https*3A*2F*2Fwww.newsevery... HTTP 302
https://signal2domain.online/click?redirect=https%3A%2F%2Fwww.newseveryday.com%2F&dID=1632208999627&linkN... HTTP 301
https://www.newseveryday.com/ Page URL

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

160
Requests

96 %
HTTPS

59 %
IPv6

27
Domains

41
Subdomains

35
IPs

1
Countries

3872 kB
Transfer

6487 kB
Size

30
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pages/Newseveryday/252124758245092
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/News_Every_Day
Title: tweeter

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://urldefense.us/v3/__https://signal2domain.online/click?redirect=https*3A*2F*2Fwww.newseveryday.com*2F&dID=1632208999627&linkName=https:**Awww.newseveryday.com__;JSUlJS8v!!PvBDto6Hs4WbVuu7!ZxOTbY8VVVFVVL8rD3vkGRCA2kx1TOgAdN6yY7NUh0VzLc1vTTpmthqCCXYSEnxe2_Mw$%22%20target=%22_blank%22%3Ehttps://www.newseveryday.com HTTP 302
https://signal2domain.online/click?redirect=https%3A%2F%2Fwww.newseveryday.com%2F&dID=1632208999627&linkName=https://www.newseveryday.com HTTP 301
https://www.newseveryday.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 68

https://sb.scorecardresearch.com/b?c1=2&c2=14401431&ns__t=1643225117178&ns_c=UTF-8&cv=3.5&c8=News%20Every%20Day&c7=https%3A%2F%2Fwww.newseveryday.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=14401431&ns__t=1643225117178&ns_c=UTF-8&cv=3.5&c8=News%20Every%20Day&c7=https%3A%2F%2Fwww.newseveryday.com%2F&c9=

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJhGqSMzMesozllZAu5f1uA&google_cver=1

Request Chain 111

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfGgHspvIHSiXN4w0uc2dQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJhGqSMzMesozllZAu5f1uA&google_cver=1

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHsELg5mx40mt2WSAukrObM&google_cver=1

Request Chain 113

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEyNjM5NTUyMjY3MzM0OTA0NA%3D%3D

Request Chain 125

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

160 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.newseveryday.com/
Redirect Chain

https://urldefense.us/v3/__https://signal2domain.online/click?redirect=https*3A*2F*2Fwww.newseveryday.com*2F&dID=1632208999627&linkName=https:**Awww.newseveryday.com__;JSUlJS8v!!PvBDto6Hs4W...
https://signal2domain.online/click?redirect=https%3A%2F%2Fwww.newseveryday.com%2F&dID=1632208999627&linkName=https://www.newseveryday.com
https://www.newseveryday.com/

43 KB
13 KB

499ms
189ms

Document
text/html

35.186.240.185
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.240.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 185.240.186.35.bc.googleusercontent.com
Software: nginx / PHP/7.2.34
Resource Hash: 07d2de498772d46cd259d557e232a9c68c76116bfc6b51ff0d3a58b703900a2d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

server: nginx
date: Wed, 26 Jan 2022 19:25:15 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
alt-svc: clear

Redirect headers

Server: nginx
Date: Wed, 26 Jan 2022 19:25:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.15
Location: https://www.newseveryday.com/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With, XMLHttpRequest, x-csrf-token
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

GET
H2 200 jquery.bxslider.css
1639681107.rsc.cdn77.org/common/js/bxslider/ 4 KB
1 KB 59ms
9ms Stylesheet
text/css 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1639681107.rsc.cdn77.org/common/js/bxslider/jquery.bxslider.css
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6300ba1c19b24d427fdec05b16c8b7c85f21155097c82ffdced06192a5f70d31

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ9/D1v/3goAAA==
x-accel-expires: @1644259134
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: W/"61f0b635-efc"
last-modified: Wed, 26 Jan 2022 02:47:17 GMT
server: CDN77-Turbo
x-77-nzt-ray: 3Cawa/ke6gc=
x-77-cache: HIT
content-type: text/css
x-cache: HIT
x-age: 2782
content-encoding: br
x-77-pop: newyorkUSNY

GET
H2 200 style.css
1639681107.rsc.cdn77.org/static/common/_v0.0.0/css/ 21 KB
4 KB 69ms
19ms Stylesheet
text/css 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/css/style.css?v=1
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7e1118232be30930961993bbd54bdc38797314c497b74d1425caf9db5e784dcd

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ+rfcj/cDEGAA==
x-accel-expires: @1643856044
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: W/"61e0e72c-54f3"
last-modified: Fri, 14 Jan 2022 02:59:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: Mc5ebE6CXCs=
x-77-cache: HIT
content-type: text/css
x-cache: HIT
x-age: 405872
content-encoding: br
x-77-pop: newyorkUSNY

GET
H2 200 adunit.css
1639681107.rsc.cdn77.org/static/common/_v0.0.0/css/ 3 KB
862 B 69ms
20ms Stylesheet
text/css 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/css/adunit.css?40fc9e4
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d8647384e6833d9b894a3effdc0f875374b089e596836744f947d10bb268a1f1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ8OeFv/cDEGAA==
x-accel-expires: @1643856044
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: W/"61e0e735-bf0"
last-modified: Fri, 14 Jan 2022 03:00:05 GMT
server: CDN77-Turbo
x-77-nzt-ray: v5y7rwyAFdk=
x-77-cache: HIT
content-type: text/css
x-cache: HIT
x-age: 405872
content-encoding: br
x-77-pop: newyorkUSNY

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 32ms
11ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Jan 2023 00:43:48 GMT

GET
H2 200 jquery.bxslider.min.js Show response
1639681107.rsc.cdn77.org/common/js/bxslider4.2.12/ 23 KB
6 KB 70ms
21ms Script
application/javascript 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1639681107.rsc.cdn77.org/common/js/bxslider4.2.12/jquery.bxslider.min.js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ+5ZUf/1jwGAA==
x-accel-expires: @1643853126
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: W/"61e0e1ae-5bf7"
last-modified: Fri, 14 Jan 2022 02:36:30 GMT
server: CDN77-Turbo
x-77-nzt-ray: 2Vxsrs8Qx2Y=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 408790
content-encoding: br
x-77-pop: newyorkUSNY

GET
H2 200 colorbox.css
1639681107.rsc.cdn77.org/common/js/colorbox1.6.4/ 3 KB
1 KB 69ms
21ms Stylesheet
text/css 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1639681107.rsc.cdn77.org/common/js/colorbox1.6.4/colorbox.css
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6e92ed2d364fb94642de787ddfff11b2a873cfbd00dfc329d0df9daaadbe2bb9

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ/4inz/cDEGAA==
x-accel-expires: @1643856044
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: W/"61e0e76a-bd1"
last-modified: Fri, 14 Jan 2022 03:00:58 GMT
server: CDN77-Turbo
x-77-nzt-ray: f2na2aef+I4=
x-77-cache: HIT
content-type: text/css
x-cache: HIT
x-age: 405872
content-encoding: br
x-77-pop: newyorkUSNY

GET
H2 200 jquery.colorbox-min.js Show response
1639681107.rsc.cdn77.org/common/js/colorbox1.6.4/ 12 KB
5 KB 71ms
22ms Script
application/javascript 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1639681107.rsc.cdn77.org/common/js/colorbox1.6.4/jquery.colorbox-min.js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 41bc4d4fe88139d6ee89abfcb2abac71e1430d85dbffc0be7c8f6bd36f4ced7e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ8oH9X/1jwGAA==
x-accel-expires: @1643853126
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: W/"61e0e1b3-2eb8"
last-modified: Fri, 14 Jan 2022 02:36:35 GMT
server: CDN77-Turbo
x-77-nzt-ray: 5LRuGEhJARU=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 408790
content-encoding: br
x-77-pop: newyorkUSNY

GET
H2 200 jquery.cookie.js Show response
1639681107.rsc.cdn77.org/common/js/common/ 2 KB
1 KB 71ms
23ms Script
application/javascript 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1639681107.rsc.cdn77.org/common/js/common/jquery.cookie.js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 07bd3415a10c1e28f121f83385df47113ed4424508de494c85a95f4909adb8da

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ+i8Mj/1jwGAA==
x-accel-expires: @1643853126
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: W/"61e0e778-8cd"
last-modified: Fri, 14 Jan 2022 03:01:12 GMT
server: CDN77-Turbo
x-77-nzt-ray: +roSFq2YMdk=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 408790
content-encoding: br
x-77-pop: newyorkUSNY

GET
H2 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ 3 KB
2 KB 74ms
26ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3609693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1120
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-d35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prLDD3z6tS4W83jVgvFnq6UY54S61mcfP13iVN6S4YhNkDyq05iJ96bzyQLEkFTGInW7MfRPQhtp9%2F7S314qZiLPudG8YTQ3CagrXDYuJICsD1frH79Szig1hd%2BGZ2rh1y%2FwsEMTcqA6jlpW50FGNaok"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d3c20503fc532ee-EWR
expires: Mon, 16 Jan 2023 19:25:16 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 90ms
10ms Script
application/javascript 96.16.28.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.28.127 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-28-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 26 Jan 2022 19:25:16 GMT
x-host: s7.addthis.com
content-length: 116373

GET
H2 200 logo_newseveryday.png
1639681107.rsc.cdn77.org/static/common/_v0.0.0/images/ 6 KB
6 KB 28ms
25ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/images/logo_newseveryday.png
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 10e3015a6c5f65884b3ee1265907d8c8a8b869a99158cea58e955ed96a7a74f0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ/gpcP/xeQBAA==
x-accel-expires: @1644137815
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: "61e0e16f-17fa"
last-modified: Fri, 14 Jan 2022 02:35:27 GMT
server: CDN77-Turbo
x-77-nzt-ray: P/dcitMMMEA=
x-77-cache: HIT
content-type: image/png
x-cache: HIT
x-age: 124101
accept-ranges: bytes
x-77-pop: newyorkUSNY
content-length: 6138

GET
H2 200 logo-newseveryday-w.png
1639681107.rsc.cdn77.org/static/common/_v0.0.0/images/ 6 KB
6 KB 25ms
21ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/images/logo-newseveryday-w.png
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e7c0991d44d04d906c7ffee0871cf272177a83e4af21102f362679053ba7be02

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ9wwLT/1TwGAA==
x-accel-expires: @1643853127
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: "61e4c43a-17fa"
last-modified: Mon, 17 Jan 2022 01:19:54 GMT
server: CDN77-Turbo
x-77-nzt-ray: BnT3X4d1yaQ=
x-77-cache: HIT
content-type: image/png
x-cache: HIT
x-age: 408789
accept-ranges: bytes
x-77-pop: newyorkUSNY
content-length: 6138

GET
H2 200 should-you-rent-a-car-at-an-airport-a-short-guide.png
1366492296.rsc.cdn77.org/data/thumbs/full/61754/570/285/50/40/ 226 KB
227 KB 72ms
15ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61754/570/285/50/40/should-you-rent-a-car-at-an-airport-a-short-guide.png
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: afda7d79c82e59e6a50de2e7b00efc09049ce34765144fcb20e7ca8dd91480a7

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ+f6bfvAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: f0febcc57602836244ba69c618a5f881
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: bvHFWYVJKHU=
x-77-cache: HIT
content-type: png
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 choosing-a-custom-designed-home-over-renovation.jpeg
1366492296.rsc.cdn77.org/data/thumbs/full/61744/215/107/50/40/ 6 KB
6 KB 79ms
24ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61744/215/107/50/40/choosing-a-custom-designed-home-over-renovation.jpeg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 85da06819cf57856a37e37b6070436931a1a4f16d5255645cf2645ee864140e7

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ9raMnvAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 956ec01e62cb07b7550037dbac36e76f
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: /DmIXg3bRrQ=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 different-types-of-learning-management-systems.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61743/215/107/50/40/ 11 KB
11 KB 80ms
24ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61743/215/107/50/40/different-types-of-learning-management-systems.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 27747a5a1f780e2a9d75576c2eb15cfdc6ed5d71cb6aa4368c3307c9974e1fad

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ8klJrvAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 447aa633756651930e211c1e6a246778
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: y0QPiJexV/Y=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 lax-parking-facts-figures-more.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61648/215/107/50/40/ 12 KB
13 KB 64ms
8ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61648/215/107/50/40/lax-parking-facts-figures-more.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 9b579a8ea96e09208d465a8ed4b8b842bd7cecd5186b3b594bb19def39577817

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ9IqtXvAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 503eebf88908fac28a4227860d8c33c4
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: ni75+nUCKYI=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 how-to-deal-with-post-traumatic-stress-after-a-car-accident.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61647/215/107/50/40/ 8 KB
8 KB 69ms
13ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61647/215/107/50/40/how-to-deal-with-post-traumatic-stress-after-a-car-accident.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: b9958a0e376dd24d15097d2c829fe32c78270828ea8d964c52eead7d105cb333

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ/hO7zvAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 1b3e205e23c59a2a22ed11cb914e23ce
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: C7R/xWKZedk=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 the-dark-web-is-getting-bigger-and-bigger.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61739/196/145/50/40/ 3 KB
3 KB 63ms
8ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61739/196/145/50/40/the-dark-web-is-getting-bigger-and-bigger.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 301c7f8257485801c02235089470beacfe319494ddf042526b79019c3b6c96e8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ8zgCj/QlIAAA==
x-accel-expires: @1643290458
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 168929fe5ac69ea3e28f7e1978c725e6
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: u/EXEWmclZk=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 21058
x-77-pop: newyorkUSNY

GET
H2 200 how-to-set-and-reach-your-financial-goals-a-beginner-s-guide.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61738/196/145/50/40/ 10 KB
10 KB 27ms
7ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61738/196/145/50/40/how-to-set-and-reach-your-financial-goals-a-beginner-s-guide.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 68642d9dce0bf6f2ee3debb3dc04974d1fb383e75fc9b2a16638734f113244d5

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ+8LkP/QlIAAA==
x-accel-expires: @1643290458
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 4c2863c8dee39b68bee40c0f37cb5a70
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: /M4SmbecVN4=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 21058
x-77-pop: newyorkUSNY

GET
H2 200 content-curation-the-process.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61737/196/145/50/40/ 7 KB
8 KB 20ms
9ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61737/196/145/50/40/content-curation-the-process.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 6641525dab0863b8a51b24403a543a38f2f77403e73b6144ce195ade064afa1a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ+Loi7/QlIAAA==
x-accel-expires: @1643290458
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: c1d0cb345e4b12dff167674ce9ac67f7
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: +jRdnG4d2+I=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 21058
x-77-pop: newyorkUSNY

GET
H2 200 how-to-present-yourself-successfully.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61730/196/145/50/40/ 6 KB
6 KB 22ms
11ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61730/196/145/50/40/how-to-present-yourself-successfully.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: fc5871b46b466a3aa4408768fbfda3dc3d6ce65d98a0dbef0ba0000d9e80a9a5

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ9w6mr/QlIAAA==
x-accel-expires: @1643290458
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: ecb6ba0042dc97bb1602d1a8a0fdcedf
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 1Ir3pSIPgbM=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 21058
x-77-pop: newyorkUSNY

GET
H2 200 5-real-estate-tips-for-people-that-are-selling-for-their-first-time.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61729/112/112/50/40/ 5 KB
5 KB 19ms
12ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61729/112/112/50/40/5-real-estate-tips-for-people-that-are-selling-for-their-first-time.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: b51b3249807a62bed6df5563f59e5a25bb83bfab738a66f894df12e13fc30519

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ8PYR3vAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 1fe2c6d4089b14120910981e68ae2180
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 3lOMHpnTSxc=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 glenwood-caverns-adventure-park-slapped-with-a-wrongful-death-lawsuit.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61728/112/112/50/40/ 6 KB
6 KB 20ms
12ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61728/112/112/50/40/glenwood-caverns-adventure-park-slapped-with-a-wrongful-death-lawsuit.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: c74d5e7d6c98ffe40425bd4f4162fe24d570c763c5acc80c3cd94fdc08a2f713

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ9qp8XvAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 6e81450ae1eb3fb6f9d3bee763134b5c
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: Qva5ekr5Etg=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 how-can-an-accident-lawyer-help-me.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61727/112/112/50/40/ 4 KB
4 KB 21ms
15ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61727/112/112/50/40/how-can-an-accident-lawyer-help-me.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 79b8388b7202f0bef63e15cc6f9a0172def5016bc105aacf29f939ca45ff6ef0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ86GNPvAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: f8be72e25e5a1a595e179c3bdc02e3c1
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: KBCnxkIimfw=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 how-to-handle-a-bicycle-accident-when-hit-by-a-car.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61632/112/112/50/40/ 7 KB
7 KB 28ms
23ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61632/112/112/50/40/how-to-handle-a-bicycle-accident-when-hit-by-a-car.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 8ebe8ff2e3ec71888471bb0de83b7cf1bcf011add84080b787ede0285b591c63

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ9/LAnvAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 802a6986e4c57df57d909c3d4ca069d2
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 9BeJ9lQhiwY=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 a-well-organized-business-is-a-successful-one.png
1366492296.rsc.cdn77.org/data/thumbs/full/61725/112/112/50/40/ 10 KB
11 KB 29ms
24ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61725/112/112/50/40/a-well-organized-business-is-a-successful-one.png
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 153bdfe98f0b45231d4ea5ecf699122df1b8f3620ddbf2e3289e61129483db69

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ8D4H7vAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 76dd743c45fe09919be4292054d6e2e4
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: kKBBdm2wyAo=
x-77-cache: HIT
content-type: png
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 why-you-can-still-trust-charities.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61724/112/112/50/40/ 4 KB
4 KB 29ms
25ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61724/112/112/50/40/why-you-can-still-trust-charities.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: aabd0009fc8c170d63f016728977356733bb4f66dfe34b6ff0759316724f4ab1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ97sZLvAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 589c23da64a445c2431228e41d8ccad2
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 2++lcRnwcPc=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 what-research-suggests-about-the-growing-popularity-of-hybrid-work.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61723/112/112/50/40/ 4 KB
4 KB 30ms
26ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61723/112/112/50/40/what-research-suggests-about-the-growing-popularity-of-hybrid-work.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 25f44db80de0535f3816a4aba738b590435efe2a602a52d11bbdcc70fde81d24

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ/DPsPvAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 85fea30249ebdc465943efa42cb58b06
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: OFhaePa83NI=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 gbksoft.png
1366492296.rsc.cdn77.org/data/images/full/61721/ 268 KB
268 KB 18ms
16ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/images/full/61721/gbksoft.png?w=920&h=460&l=50&t=40
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 5f56b50e672249b693fda9894e0dfadf927539ed769391e18675375a4459deed

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ+fywfvAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: d4a5c4e9e41a95a65bde8c20f19eac27
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: QkrxHvUjqpk=
x-77-cache: HIT
content-type: png
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 questions-to-ask-yourself-before-deciding-to-splurge.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61719/211/105/50/40/ 7 KB
7 KB 35ms
33ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61719/211/105/50/40/questions-to-ask-yourself-before-deciding-to-splurge.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 8f166b5ac0ac036787279b63f945b302f90c938ab204aac1c565c34e62a3cac7

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ9mzgLvAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 60263245ad96960b6e3194324ddd3945
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 946skuTkyJM=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 awesome-marketing-ideas-for-your-new-lifestyle-brand.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61718/211/105/50/40/ 9 KB
9 KB 24ms
5ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61718/211/105/50/40/awesome-marketing-ideas-for-your-new-lifestyle-brand.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: e1ece626fe87a04169af2ab5669c3f92718e62755aeb00b17c9f817e0ce82c68

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ8rei7vAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 393915fe97fa747ad17bcb923b197742
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: JPTk0IO11g4=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 social-trends-in-employment.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61716/211/105/50/40/ 7 KB
8 KB 26ms
8ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61716/211/105/50/40/social-trends-in-employment.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 458632142ff634533e62ca19452984b1285456c760d9bb4ddc70610b7624f3f6

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ9uEBD/wZQAAA==
x-accel-expires: @1643273435
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 1f4b3f02615c3f0379df9fdc270e9cc3
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: elA8FVmtNlY=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 38081
x-77-pop: newyorkUSNY

GET
H2 200 5-safety-tips-for-driving-in-the-rain.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61714/211/105/50/40/ 7 KB
7 KB 28ms
10ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61714/211/105/50/40/5-safety-tips-for-driving-in-the-rain.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 3efb295535f851ec14b33ff0b2f5a13aa9761150168e88d1ebc9731748a39d56

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ9nS/fvAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 9d54e58d228af081f66352e862e84f96
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: dvl08tKQbic=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 how-to-lower-your-internet-bill.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61710/211/105/50/40/ 9 KB
9 KB 33ms
15ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61710/211/105/50/40/how-to-lower-your-internet-bill.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: bed098c35d99957d5f5816a2953cb765f339cf68aaac5fcd75e691de709b2fe2

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ93XAHvAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 516d9083ae7f3f0c50244a2320707b59
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: kwIMGZQQASM=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 interested-in-influencer-marketing-5-things-that-you-need-to-know.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61706/211/105/50/40/ 11 KB
12 KB 10ms
4ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61706/211/105/50/40/interested-in-influencer-marketing-5-things-that-you-need-to-know.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 9284bb7e5f19ba81c4a9cfb24dfd5fc613e252ffd4a2950478036162497e05fd

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ8JGc3vAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: d1afdf569e4c0fcc9c65cceb55150dd7
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 31a+IML4hjM=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 3-fun-ideas-for-your-new-social-media-channel.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61705/211/105/50/40/ 10 KB
11 KB 11ms
5ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61705/211/105/50/40/3-fun-ideas-for-your-new-social-media-channel.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: ef080dc21a1f970a0306d263f7844300221504f2619ac5dfcf97b3fb1a2fba62

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ+6vBTvAB4AAA==
x-accel-expires: @1643303836
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: f88967663a76f1372a991737f84bb706
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: JlG52XqQOEc=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7680
x-77-pop: newyorkUSNY

GET
H2 200 bodies-of-two-un-workers-found-in-congo.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61026/180/90/50/40/ 8 KB
9 KB 13ms
7ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61026/180/90/50/40/bodies-of-two-un-workers-found-in-congo.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 0383220765cc0f4bdaf58a65cd5837e1ac2779298f757c933aa8fc055d80976a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ/EaAn/QlIAAA==
x-accel-expires: @1643290458
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 123c82847bfd1955d9b1ebf9bf1f8654
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: vizfip1FTmI=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 21058
x-77-pop: newyorkUSNY

GET
H2 200 how-to-create-an-engaging-healthcare-infographic.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61758/180/90/50/40/ 5 KB
6 KB 44ms
41ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61758/180/90/50/40/how-to-create-an-engaging-healthcare-infographic.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: ed12722ade5d5da483cad57ccd581fd7c6cce038b1bc230aa6df621a7ea6bc34

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ8jufWh
x-accel-expires: @1643311516
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: f8e6b2dae04d70b62b0ef4e1e9e5aac3
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: kdGPVIHN7EI=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: newyorkUSNY

GET
H2 200 john-lasseters-skydance-animation-premieres-first-animated-short-as-part-of-apple-deal.jpeg
1366492296.rsc.cdn77.org/data/thumbs/full/61692/180/90/50/40/ 6 KB
6 KB 10ms
8ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61692/180/90/50/40/john-lasseters-skydance-animation-premieres-first-animated-short-as-part-of-apple-deal.jpeg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 7518ebcb4b7c3c8b57541eee2f6ce91654af175bf76b9f280ad0c1ca3c908818

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ/pvgP/QVIAAA==
x-accel-expires: @1643290459
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: b26a749961f932c40b3f0a5f180695b4
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: sCULyP1K9IQ=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 21057
x-77-pop: newyorkUSNY

GET
H2 200 2021-wild-card-weekend-storylines-and-picks.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61594/180/90/50/40/ 6 KB
7 KB 12ms
7ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61594/180/90/50/40/2021-wild-card-weekend-storylines-and-picks.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 4fcee3e563cd0f4963fac555cb567d7d72dc11cef1d9c2d4ac931c78607b6090

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ+H2GL/QVIAAA==
x-accel-expires: @1643290459
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: cab4b054a76a7596eabf5d253d700c8a
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: M36nGr+xThU=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 21057
x-77-pop: newyorkUSNY

GET
H2 200 biden-must-be-tough-on-automakers-to-fight-climate-change.jpeg
1366492296.rsc.cdn77.org/data/thumbs/full/61681/180/90/50/40/ 7 KB
8 KB 22ms
17ms Image
image/jpeg 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61681/180/90/50/40/biden-must-be-tough-on-automakers-to-fight-climate-change.jpeg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: de9aa1d1bb7a34ab0583eec465fc320ff0371792f5ef5b29b0a1b4ac2e04153d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ/qL8r/QVIAAA==
x-accel-expires: @1643290459
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: 14c970f08da12609c48a84acd5ff8fea
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: yOFOX2T4Cxs=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 21057
x-77-pop: newyorkUSNY

GET
H2 200 badge.gif
static.getclicky.com/media/links/ 241 B
357 B 48ms
8ms Image
image/gif 2606:4700::6810:a010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.getclicky.com/media/links/badge.gif
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:16 GMT
cf-cache-status: HIT
age: 4149
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 241
last-modified: Wed, 13 Apr 2016 00:13:35 GMT
server: cloudflare
etag: "570d8f2f-f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6d3c205348e98c33-EWR
x-proxy-cache: HIT
expires: Wed, 02 Feb 2022 19:25:16 GMT

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 236ms
18ms Script
text/javascript 2606:4700::6810:a010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 18:15:50 GMT
server: cloudflare
age: 4166
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 19:25:16 GMT
cache-control: public, max-age=604800
cf-ray: 6d3c2051fdcc8c33-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-proxy-cache: HIT

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

24ms
7ms

Script
text/javascript

2a03:2880:f212:1e4:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H3
Server: 2a03:2880:f212:1e4:face:b00c:0:4420 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:20:04 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Wed, 26 Jan 2022 19:25:16 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: ldc
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 74ms
5ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D1B) /
Resource Hash: aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 19:25:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 850
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29180
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:22:23 GMT
Server: ECS (nyb/1D1B)
Etag: "e92bd51c447ba1dbd509a1e23d3a8521+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 css
fonts.googleapis.com/ 3 KB
933 B 273ms
22ms Stylesheet
text/css 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: 1639681107.rsc.cdn77.org
URL: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/css/style.css?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1639681107.rsc.cdn77.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:24:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Jan 2022 19:25:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jan 2022 19:25:16 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 75ms
0ms Script
application/x-javascript 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:16 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 3BDAE1FAB05E52F4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=58892
accept-ranges: bytes
content-length: 948
x-amz-id-2: JQEtOEyiFCqCP1YLI1OIPGBGUg/WHgpDv22+z5rvn/G8szLTqEelRVwbxuu0H6mk2GphOf1hSec=

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 94ms
21ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85257a305dedc3556f68526ab4367b42418fd98ca4510293daff0e511e4a8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27054
x-xss-protection: 0
server: sffe
etag: "1113 / 901 of 1000 / last-modified: 1643198720"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Jan 2022 19:25:16 GMT

GET
H2 200 request.js Show response
script.anura.io/ 48 KB
17 KB 105ms
42ms Script
application/javascript 52.200.255.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2238638024&source=newseveryday&campaign=homepage&595807988870

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.255.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-255-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

61332961d88f90e0127d937759df4c86432476be4942e094340fc984e9efec44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 50ms
7ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9c488975b6011ce1725d566a09a40b3ac7f7e759c6c99c0c270c7a7d3cd89dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IidKihzvzNO2cjWjgV1klw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: GArOTyjVEtDjh0RiFqNEiAWWa1O/+xGizGJzMt/9xjpM8h4g+Z/oKzbWYlgYseMvKHjep07bN6VfEOE8qTn0mw==
x-fb-trip-id: 1512268381
x-fb-content-md5: 455680967715c055ba00ec564bfcb3fc
x-frame-options: DENY
date: Wed, 26 Jan 2022 19:25:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "5590f263d77f91678437ae98bc0c0a6d"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 26 Jan 2022 19:31:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 73 KB
29 KB 82ms
38ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCR5XV

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b4b7d29d791f38ec867cf5ac9b63eef83c14566aff51c194bbecfd26cbce147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29424
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jan 2022 19:25:16 GMT

GET
H2 200 icons.png
1639681107.rsc.cdn77.org/static/common/_v0.0.0/images/ 8 KB
8 KB 39ms
7ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/images/icons.png
Requested by: Host: 1639681107.rsc.cdn77.org
URL: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/css/style.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 33df6cb47ce763d108a186d3667974e25a6da5106b271fe2f5414a04d35b82ab

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/css/style.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AVm7sQ822yf/jcgEAA==
x-accel-expires: @1643948431
date: Wed, 26 Jan 2022 19:25:16 GMT
via: 1.1 google
etag: "61e0e16b-1f1c"
last-modified: Fri, 14 Jan 2022 02:35:23 GMT
server: CDN77-Turbo
x-77-nzt-ray: Xu3+XvXDZuY=
x-77-cache: HIT
content-type: image/png
x-cache: HIT
x-age: 313485
accept-ranges: bytes
x-77-pop: newyorkUSNY
content-length: 7964

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
24 KB 70ms
1ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newseveryday.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 04:58:07 GMT
x-content-type-options: nosniff
age: 52029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 04:58:07 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 61ms
5ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newseveryday.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 00:38:10 GMT
x-content-type-options: nosniff
age: 326826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 23 Jan 2023 00:38:10 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 72ms
15ms Script
application/javascript 2620:116:800b:21:292:74bc:93af:7512
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:292:74bc:93af:7512 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:16 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 02 Feb 2022 19:25:16 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 61ms
10ms Script
application/javascript 13.226.31.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.31.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-31-20.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:00:56 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 64185
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8e7c396366d89944c10dfabcfcb15b3c.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-amz-cf-id: CRcahhgKpJ8uFcfzE24ZWqh2D6H411_eqjo4eyZbsLUhIWK5bAw5OA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 38ms
35ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-52977351-1

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27e2920be1d56ee6ef7a8c818f34fec5fddbf924dc252dadd8b24ec6f5f13dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35990
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jan 2022 19:25:16 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5849963f0125e7c6/ 1 KB
683 B 110ms
106ms Script
application/javascript 96.16.28.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5849963f0125e7c6/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.28.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-28-127.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7296714d4927c19e32c0c4b6bda27dd76440e4bb19e2a7fa2351660020a9e452

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:16 GMT
content-encoding: gzip
etag: -897875747--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=56, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 507

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 127 B
2 KB 441ms
419ms Script
application/javascript 96.16.28.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61f1a01ca36aef74&bkl=0&bl=1&pdt=805&sid=61f1a01ca36aef74&pub=ra-5849963f0125e7c6&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.newseveryday.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Newseveryday%2CPolitics%2CWorld%2CEntertainment%2CSports%2CBusiness%2CTechnology%2CScience%2CHealth%20and%20Off%20Beat&colc=1643225116750&jsl=4097&uvs=61f1a01ce70737b9000&skipb=1&callback=addthis.cbs.jsonp__60487775737557680
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.28.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-28-127.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 88681da7578ec187c05ab378e0378be910544ae4b425d8157cbab57cff68db84

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:25:17 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
p3p: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
content-length: 127
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame E654 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame D09B 71 KB
26 KB 20ms
19ms Document
text/html 96.16.28.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.28.127 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-28-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

55d783462e6671fa985a6b0829db15474f4e57f0555c93e15cc2db6a1d1e6cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 26 Jan 2022 19:25:16 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html Show response
platform.twitter.com/widgets/ Frame B537 319 KB
104 KB 5ms
4ms Document
text/html 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.newseveryday.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D10) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 506214
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Jan 2022 19:25:16 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 19 Jan 2022 19:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D10)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 28ms
8ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1ba1175ca14f4676e97befac36528928

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4637e1e9c180ae7038c88bb7677cab621d74213e1af34b5bdf7a1805fffa2ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.newseveryday.com/
Origin: https://www.newseveryday.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fWdBMwhPOTc5Xa6uBpuZVA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83490
x-fb-rlafr: 0
x-fb-debug: ahsNB4nbf7XfZBnYTvKax87qVyeh1tbSTwWop6//pJyGIe9aac36e8XHQ6v1zIbp0PjVVrVSkyMT6/SD8SL35A==
x-fb-content-md5: e36a7541a8b04c61cfbed0431c939ef0
x-frame-options: DENY
date: Wed, 26 Jan 2022 19:25:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "1b13c619da67c1eb33ccfedddfa60d7a"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 Jan 2023 18:51:00 GMT

GET
H2 200 pubads_impl_2022012506.js Show response
securepubads.g.doubleclick.net/gpt/ 354 KB
120 KB 33ms
4ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

8023286f9ad1440333463e3c1c449c356c6e690d42a0ac7d6f6f231845481a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 23:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122264
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 15:13:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 23:14:15 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 122 B
733 B 47ms
23ms XHR
application/json 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.newseveryday.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

3028ad692501830c5f13d7638c4445c1037c97ac8892c358a2eaa83b4eefe504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 19:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97
x-xss-protection: 0
expires: Wed, 26 Jan 2022 19:25:16 GMT

GET
H2 200 rules-p-Gx1AK6KSU74K8.js Show response
rules.quantcount.com/ 3 B
438 B 45ms
17ms Script
application/javascript 2600:9000:21dd:5400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Gx1AK6KSU74K8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:5400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 14:31:20 GMT
via: 1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)
age: 17637
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:25:40 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: EWR53-C2
accept-ranges: bytes
x-amz-cf-id: PP5IGe_w_6v3jzHwNY2PAz7d81Ho9GslgXs2KoVpKzLVbSymnCuu4Q==

GET
H2 200 in.php Show response
in.getclicky.com/ 139 B
435 B 263ms
85ms Script
text/javascript 198.145.13.12
DF-PTL01

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=100756016&type=pageview&href=%2F&title=non-article&res=1600x1200&lang=en&jsuid=1633110175&mime=js&x=0.47464802864714395
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.12 Portland, United States, ASN2044 (DF-PTL01, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: 6ef5a20898aa83bcf61860a7d6aa73fbaca0778545d1d28e1e7951a3c2fa382f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:17 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 showads.js Show response
ads.anura.io/ 0
349 B 25ms
5ms XHR
application/javascript 54.230.162.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.anura.io/showads.js?395063430063
Requested by: Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2238638024&source=newseveryday&campaign=homepage&595807988870
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.162.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-162-78.ewr53.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:59:27 GMT
content-encoding: gzip
server: nginx
age: 8750
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-cf-pop: EWR53-C3
x-amz-cf-id: _f_TQg_P88cCwDiuwYViLWXn3_jhc0SSJS-uVlGGvWUfk15A0w5hKA==
via: 1.1 0a41fb8a1e6869f7cc14f05241a462fa.cloudfront.net (CloudFront)

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=14401431&ns__t=1643225117178&ns_c=UTF-8&cv=3.5&c8=News%20Every%20Day&c7=https%3A%2F%2Fwww.newseveryday.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=14401431&ns__t=1643225117178&ns_c=UTF-8&cv=3.5&c8=News%20Every%20Day&c7=https%3A%2F%2Fwww.newseveryday.com%2F&c9=

0
223 B

17ms
13ms

Image
text/plain

13.226.31.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=14401431&ns__t=1643225117178&ns_c=UTF-8&cv=3.5&c8=News%20Every%20Day&c7=https%3A%2F%2Fwww.newseveryday.com%2F&c9=
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Server: 13.226.31.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-31-20.ewr53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:17 GMT
via: 1.1 8e7c396366d89944c10dfabcfcb15b3c.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 50y-busfCYrjqzpRbFegNuJ6nYnBjWc19hFaQnpeyu_PWCNmHtw79A==
x-cache: Miss from cloudfront

Redirect headers

date: Wed, 26 Jan 2022 19:25:17 GMT
via: 1.1 8e7c396366d89944c10dfabcfcb15b3c.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=14401431&ns__t=1643225117178&ns_c=UTF-8&cv=3.5&c8=News%20Every%20Day&c7=https%3A%2F%2Fwww.newseveryday.com%2F&c9=
content-length: 179
x-amz-cf-id: CjBUTDL7CNthcDzzoVuCLWXjxg65ZIz99fyPMoQTYjaq8SMNpjsHHg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 22ms
4ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52977351-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3806
date: Wed, 26 Jan 2022 18:21:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 26 Jan 2022 20:21:51 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 10ms
9ms Script
application/javascript 96.16.28.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.28.127 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-28-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 26 Jan 2022 19:25:17 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 pixel;r=1395866909;rf=0;a=p-Gx1AK6KSU74K8;url=https%3A%2F%2Fwww.newseveryday.com%2F;uh=8ff3890c8d1f9f784eb0a648cdef7688a42f71075c7883632c76b053dc9b7609;uht=0;fpan=1;fpa=P0-223529027-1643225117265;p...
pixel.quantserve.com/ 35 B
371 B 22ms
19ms Image
image/gif 2620:116:800b:21:292:74bc:93af:7512
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1395866909;rf=0;a=p-Gx1AK6KSU74K8;url=https%3A%2F%2Fwww.newseveryday.com%2F;uh=8ff3890c8d1f9f784eb0a648cdef7688a42f71075c7883632c76b053dc9b7609;uht=0;fpan=1;fpa=P0-223529027-1643225117265;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=newseveryday.com;je=0;sr=1600x1200x24;dst=0;et=1643225117265;tzo=0;ogl=

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:292:74bc:93af:7512 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:25:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 44ms
21ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newseveryday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 19:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 203 KB
57 KB 531ms
517ms XHR
text/plain 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3616873173106572&correlator=3057887080342548&output=ldjh&impl=fifs&eid=31064560%2C31063910&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220126&iu_parts=21697271410%2Cnewseveryday%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=300x250%2C300x250%2C300x250&prev_scp=pos%3Dright1%7Cpos%3Dright2%7Cpos%3Dright3&cookie_enabled=1&bc=31&abxe=1&dt=1643225117343&lmt=1643225117&dlt=1643225116101&idt=1204&frm=20&biw=1600&bih=1200&oid=2&adxs=1029%2C1029%2C-9&adys=130%2C580%2C-9&adks=3981841859%2C3981841856%2C3981841857&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.newseveryday.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x10%7C300x10%7C0x-1&msz=300x0%7C300x0%7C0x-1&ga_vid=1261848234.1643225117&ga_sid=1643225117&ga_hid=608611122&ga_fc=false&fws=4%2C4%2C2&ohw=300%2C300%2C0&btvi=0%7C0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

bdd0389c7e867665086f7f0ae498e275aecccc845979f484e0962b5a8a5142c3

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKmoo8uS0PUCFRTQhgodQ8kNeA&gqi=&layout=/sadbundle/%24csp%253Der3%24/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKmoo8uS0PUCFRTQhgodQ8kNeA&gqi=&layout=/sadbundle/%24csp%253Der3%24/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58571
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
date: Wed, 26 Jan 2022 19:25:17 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newseveryday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9E96 6 KB
4 KB 76ms
20ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 26 Jan 2022 19:25:17 GMT
expires: Thu, 26 Jan 2023 19:25:17 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 30ms
17ms XHR
text/plain 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=608611122&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newseveryday.com%2F&ul=en-us&de=UTF-8&dt=News%20Every%20Day&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4ChAAUABAAAAAC~&jid=2135092958&gjid=252865351&cid=1261848234.1643225117&tid=UA-52977351-1&_gid=1500885619.1643225117&_r=1&gtm=2ou1o0&z=665601654

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseveryday.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:25:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newseveryday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
4ms Image
image/gif 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=608611122&t=event&_s=2&dl=https%3A%2F%2Fwww.newseveryday.com%2F&ul=en-us&de=UTF-8&dt=News%20Every%20Day&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=article&ea=article3&_u=4ChAAUABAAAAAC~&jid=&gjid=&cid=1261848234.1643225117&tid=UA-52977351-1&_gid=1500885619.1643225117&gtm=2ou1o0&cd1=&cd2=&cd3=&cd4=main&cd5=&cd6=&z=55537472

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 21:07:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80271
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame B537 233 B
447 B 111ms
38ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e90a8895fa61b76c479a67c34ec0ccb5f9e18a8b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.newseveryday.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

2816082c025f64540b613fde3096d814ae21ac75279461ec1d6bcb5c07099fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 7
date: Wed, 26 Jan 2022 19:25:16 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 19:25:17 GMT
server: tsa_b
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 19f203c16954582cd54cf210df617d9920fb17252a3f7de3cdd26e3a20efcc55
content-length: 167

POST
H2 200 response.json Show response
script.anura.io/ 92 B
435 B 94ms
69ms XHR
application/json 52.200.255.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2238638024&source=newseveryday&campaign=homepage&595807988870

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.255.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-255-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

61c9cad2054c875917944c307f66f57109a8eecd15ef29d83cd59c4870a4aa6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseveryday.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 48ms
30ms XHR
application/json 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012506&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d82f91117053eb5d3d6fd1ff06cff792d9a6a8d55852535bde6bf3718df38113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 19:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9161
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 56ms
39ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jan 2022 19:25:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9D9C 13 KB
5 KB 20ms
5ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 16:54:22 GMT
expires: Thu, 26 Jan 2023 16:54:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 9055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 89EE 783 B
1 KB 44ms
27ms Document
text/html 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18c03369a81723d8600f243ae98f25804605d3239abae1cdca42b8c3934b96a1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UscZy90zUcHN7Z3ktAY+zQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 26 Jan 2022 19:25:17 GMT
date: Wed, 26 Jan 2022 19:25:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-UscZy90zUcHN7Z3ktAY+zQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D9C 35 KB
13 KB 28ms
5ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 15:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 15:44:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 89EE 0
0 83ms
82ms Image
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012506&jk=3616873173106572&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 container.html Show response
0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1504 6 KB
3 KB 22ms
8ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 19:25:17 GMT
expires: Thu, 26 Jan 2023 19:25:17 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 57FF 6 KB
3 KB 11ms
6ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 19:25:17 GMT
expires: Thu, 26 Jan 2023 19:25:17 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9D9C 0
9 B 8ms
5ms Image
text/plain 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4pAJ2g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 47F5 624 B
975 B 65ms
28ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4YhdHrnAEwAQ&v=APEucNWFRTmtaWd66frwdaJaOF4y0i2JyTCEjq91LmYDpYsmaJYpz8jZcuVQbCU3_Oc5DxBsbwd0thQm7SiJowXsJYg1uK2BKQ

Requested by

Host: 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
URL: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 26 Jan 2022 19:25:18 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Jan 2022 19:25:18 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 57FF 73 KB
30 KB 107ms
71ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DY3NnquLuTJJQvwzqK6FE1DhX-2VG7DshxH8ebqI_Kpv7J4yF6mbxH34j6rNloOlkGrzUqB8hLlOnISWVrfAAoHmWieZEul6jI4IN21eRyU_2Q8OBuKjpLd55hZtlCTfUNX8wr3iutIe5jOyFemceRAnTSYw&dbm_d=AKAmf-DlTUlDQSn3V53F_frxHuzZ6WFl6DtSjl2iErRVUcJPRTfuyZ0B4nevypwgrv3ZqgGUD3arKRiRBDXT4GFbhNUZJivgcaC6h3QtCdA7M97SAofwL8OaW8I79dX_gG9kqHfa7zF7C3SYPejBPRZYT7O6b6Xqz2Hcv0I6CZmcaMTsBKbtG91HlPXSohkSpgiBk54u80E6QXi134Fjt12R2f8fM5m5FaBYgoi4aAF-VEsuPfUq7JmcOlQ01xtTHRgovq23xM8IikzhDFyIZDvmS7Q0jzNCscu4HLHWsZ2ANbXbX-flucJqlLYQlc51Qy6SYMzWUT8V9xCbtgZ-lAV1s8SdjNHHtjP7oIoJvaW8pKZ26wfIQOhZLHQqlwd-wyhK_UIXJ743A3oLeWEnNzxdADc2xGpj5d2nPsQKfXHexhgEfmvwZgbUOb6KKNYMnZBUhvWyWiFVc9GjXweXdx2yfSdDkjQzyhZWj5LIOMDGUopLeJSy7xDamiXHDO1nAMDrEobIN7dvMfVMcMKLqY4iAgVOpw04RqOpOCqK7A-0EiaVRmuo3COi0dJXvn2SXfl622Dzrxr7mLQyR3x0jfFbdfrqGNenb5mYNg6XOn4YlBL3U23yRtZL5kMFLUhMNF-nz_dMqsQROu8PBbpSBqVELg1z2xx8XEzAjlUVrs3AgwH4qz4ErtQ1HFU1g6tebMEQT2_EOIULCU3QKYQFWM1rMS6St1fmzQadQe2nOKKcThpx_yQk2_fdi1rtWrJtdjbKIk7AZyqDdC4ShG0Whh7cGihmY0B4F0stRL1lkHlXiaFZEYEBtmjH-8Ngw1xVbZPruFH1OLgWnhnIhtEFqOHgoyW1dthhB7mbDyg_uXyOsnU5XB9TNqaOrjqbgMRJ9b-iNd6lPMShOPYlnwkrV7N7NJ11TdlIG_SL-_UN9957wCZEPMWcfbLFoQcEH4zLLWKmVCfhSuULQM_QaMyiSaA9viwtATiuwA-RAFoiP0IlIShK9Tgz1WUauC7eTrVH2pcBrH3Pk2KHjouMGJN0-1NZT-M8XkTYIZwXKi26HZYY9hZTYib0LxqJYS6nn7DF90hajFjP482STAh5sC9omerd7wyEOKPKO1rmgsQmZZ0zZA-h3QuANeMZXWZu9zBbAXiXpCgv8MV3S4A5q8C1uR-Lkn4YLKTA_jnXpRQ8SIONFWe7vXRlIKUbs1ZO7udop5WYdYeErp69-jje7GboVjgtGhUHC9ysdfkG5Ij15LXAyMq6w4GO1YDkZ_-071ZkjXDTZdKf7ylITbO_ar2gWU6LJ37sHtrI1_k2ab5WrRpVXqMCXoJJedzsEI7uV5cvhAW3KKNqqn7trC8qKrOIbbKRPmVtw4xnrfBdpoJBFij4PtR9DEC6ChuHmL95S-OVY7sQDhSYZy5pdg-gPVDQNt1trRWL2vAY96xhEYn6rlxJRowk5h5b5XbgUYIt3W07Ie66zRFNwi7wQ6dwnz9XSmY-7jEkdo--0VctDwKnn8uL9eFvXkwc1AoZRYXTd-thkuSCXCylQkTv1wz92njfKhf7_CTRtk9kq4vi_lkAJQhJRwAIBI8wDphL0pWlA8LEtPrbU-rVYpfaH2tTB6LtZJDm0cMCNn-ETt9DSyXmOPHRVTBnZZQj33i1jgvzHuzvbgXBVsD3A9cMdk2QYiUgz1J09rp7UokeI_0JtRuJOeq7arH0QidbTnuhoEX0fZFAh9RWyAU9v12T6F5RyUa3jrXzYzxTCSE68LksHBkMGwg_jjHWjNJlhgxk4vgAc1Z0eUhuOsvBznNUcUROMIsgvHqtsiuxcYTEohBoexkvOzT3h-S8RZIkVLmZ8K3DTfto7ocJbVCPbL7wl9k9DEu8HctdmAVvcFCYpCBSjxZ-EAPQ1tktNmkdzzHZNgVl7eb9Kj4c-KI-fACDbzm_3MQwBtgU3xzwmae6zktevcK5CH2SmDMtdWnYGssBTQbqLJ4O8GF72RNrJuaaJPi_Zticxn7cM-ryGayq0pVL0SK0UnvvuCxhZTSvAPE8UiNWinEbxbLCBwTKUyxp8e6h07BB969lE6XTz_h0M4NM0fuqMGPwYkcGUtxQHc9A8luuvIIQAks-gSyVxKVPv42q3ICnSuxlcuhPyfhRJi87dSMUniMS6zDVOjSZnjx01Vlr8FFegccXzMLpGWVVrAEvP1cfYfy9V8RIaAeFhEVyJWw4lKIuE-2jvAuHKzzJ08up0xwsp4mpMhGV2ko1LUKgdZuXs6oJw_leIfXEXCO6z00X8ojh9GPrTyi13XRvhf6h22lwgqzupXxyOEFQHQTqazj7GY-Y9wAx4ZLe-JuLsNrDbhzbmH2yiMO_csTIvejEfWi3KAV-3YYNVCn2QIGR-v4KkP4eUOv3Pod1J__MvQORy9gzE3XhD0oLV5QznOA1z-EbqPlRmGEvLD2CFB3HLtrhyO0s579R8tpiE3WWBICjd2vxufJWy00AiG4GJAx2q2BO47cqCS8KSGHEzDX0YwBZjic7YVIG5Qg4eS1ww1O-FKZ-x3zSX9vafql2yzwJ4TpdrnW9oSLDeFbv9iMB-WhbeYs9BxeWhrBhtStUXHRfqg45TDZYvzDyWBri66yAhH_f4ojEmtXcf-HYNoSJ0lS-QpZL-ub9kbAnwK0Y6fgGX7HpvwCzK9uQzD1mMUvNSraeT2uuKHUoV5pwlqKGZNyRcNsxPkSD8WfoRMMfgBr7s9OSik3OSqnLpna4utn-nVwr3no67yxBN6_CEsxE2qOnuxcFMiKcS8AG8WQfmH7TRb9c4vOsLB000NYBVP4H9kxHEN6eX6KDAxuWe5YsjZiA9TNoPxuRLFFKJquq_X-OpQaH9PQ2ife6MHyfLGmUMFUDNR8EuN7Gpht1rwsgwHYLko7Dr10ykAJfe8RgDHl5P1SWEEKGYjbSRsRM7LxODoTOJ43meBpEfBM4TWsYwTsDTzlBvlTOculy1H-pcooC1j_vHeYBJAXIBAsTDptGK4txdb3xQ3Tn0jAgb2BvXqwY9CNlVGxzUH5s0tN6j8at6ZxBE5DpoFGuKc4bnAjs-h9ZJuoWCpphcZFu_demDnTmcA4o02DR34fpDH1TQJbJXbaBwdylpICoaCH3yeM--3C3OX9Z4-p37pL8&cid=CAASFeRo5qVKr8AzPV3btdBvx5VHttwL6Q&rfl=1%2Chttps%253A%252F%252Fwww.newseveryday.com%252F%240

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cf1e1e9954830e9653e01049a009319571d9f1921f2a4a6a7c9e416389e341d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:25:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30740
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 57FF 42 B
63 B 64ms
63ms Image
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BY0eSG_z2cgr7Ckj2KoBw-u20-437GH0u05KXfuXFckkZ8MPpA1yTGirX568R4-9xXWD95Rj09vGG79GK7HwmmEIRhqPU6f12bI9tgr_bcEaoekbc

Requested by

Host: 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
URL: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:25:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 57FF 2 KB
1 KB 5ms
5ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
URL: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 19:23:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 57FF 122 KB
37 KB 47ms
34ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
URL: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jan 2022 19:25:18 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 57FF 15 KB
6 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
URL: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 19:24:15 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/ Frame 39E3 25 KB
4 KB 6ms
6ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

650769bdf8697755dd0d53eb4b8b02e84be55a3958d10252dd0ec2d028de13dc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 3749
date: Mon, 24 Jan 2022 20:18:29 GMT
expires: Tue, 24 Jan 2023 20:18:29 GMT
cache-control: public, max-age=31536000
age: 169609
last-modified: Fri, 19 Mar 2021 22:20:52 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1504 0
0 75ms
74ms Fetch
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXFpfHaDxYemlGZSgmwTDkrfAB7_sjoFok4D_3twN5KSR85AeEAEg3vWGhAFgycapi8Ck2A-gAYyEmfsByAEJ4AIAqAMByAMIqgT2AU_QWsRK3bwr0sURbKbn9yr4pKhkGoFHgSt0fDS9RpqTaB8OGbpuvCjLeqxo3ApFWslqPFfY-hPr3HJ3sTSTFWa1TfbhGLgeZGu8-ENGM_FWNfd00ZzeOlbuKKlEdrQJaRzvRT7a60FHEYohBHCJ4-mxBoAzvj7HCMBfDHBIayXftlhz9UedhwhjJGMuhYg2wKBBqDCQm1jQ0obdJxfOoteXxdMcvDlWON3zFA6qWpdqsspq7ycXBRakokbeYCvGv5eqlN9Y8Ta1VqyWHvfJR7je2nnKwxtELyObpzra0QSqz2HYmWiDcexF-1HXGyJFDmErDs0_qsAEqcHG2LsD4AQBkgUECAQYAZIFBAgFGASgBi6AB5aA20OoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBC4vEfSCAcIiGEQARgdgAoDyAsB2BMMiBQE0BUBgBcBshceChwIABIUcHViLTQ5NzE5NDk0MDM2MDI1MDkYvpVs&sigh=SCDgjTqpA-I&uach_m=[UACH]&template_id=419
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s72-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/ Frame 1504 19 KB
8 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/abg_lite_fy2019.js

Requested by

Host: 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
URL: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 19:22:07 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 1504 2 KB
1 KB 5ms
5ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
URL: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 19:23:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1504 122 KB
37 KB 61ms
60ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
URL: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jan 2022 19:25:18 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 1504 15 KB
6 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
URL: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 19:24:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1504 0
0 44ms
23ms Image
text/html 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTovG1rIdZq6PaQQ3Q-pSKz0sMtqgRh_uMfpvPhHqG4YB3e5vJv-4kqwWpezf5Lxs5zzZNx8vYHxZRXM_XUcwuhDMvgww
Requested by: Host: 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
URL: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
66ms Image
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012506&jk=3616873173106572&bg=!wsGlwYXNAAY6OBv_Ojg7ACkAdvg8WihesH0nLsLtadtVebiBerCkboHOomIzUvSPuTxJVxoezdl6owIAAAC8UgAAAAVoAQcKAJ_6m5omLYlV8K8bU0_xZILdV0-tJI_BefiHxPKN6KiMDAt3O0ECA3ZCeGR9s2EwAgZUV4avq7fltFEY9fLRITU-R_CbTYjqVzUNd707lWSyuGmfhp-dD8BooHDhfEf9zqPsQSS3JgauWzR-6_cPHxmnNcnD9xmaL2lFttzApkCvn6aXWgp4A0S4qkCSPcY5FommCnoxfIAdtqw8vGJ3HyyZAqKd8P48LTYFbQ92E6So6f4mwJbT9kiad4neZtavz6LQOsxzpdcZfixtuOQ920wQnWk0NsdkJGJJa3OO9X904XddzlB2xrwua6AECWqR8VsDrCoZ_7k8E5BGa2HMMKWm5JTPwjqH6PN3OKXSU2-yVRKVQJnp53zTZnpigxMM8MfcvJvbZjGkKEZCvGPPHvktcctgGkRfYIETfuq02vZ29zT38VnKIbtqcLoPZ-uHgQFfqahBZHDVQzcr-oiQHPdEjOiQop2-HE9hitx2cKZA9bhW-g82ZkNZp-9nU2zXcVRv8x_kT7L4E7uhBc9SiBlXx7s42uyKFQUXKoXDV2WbbH-nqTXmsaVCiXGDbgwMJ0V6t_QamPgl7wmI7UGd9bhHrob9c-FIHmgw8VmTTSqGe9FujKLLjV_N7jv7E-cUW0fKF9-SCjK2lTdaT18urh13YLLLtIV2_0LJX73ckOfY-9k8ecdS5UEkTpTqNdfMbEB49TF8om8hkKb57uwr-g_9cXGq8HJyTTHrvijXYyDiGwHa7T7EA8XIcDBRyZv7YuXhMO7vzpPJ9masrBNbz6aGVW9zmgvjLPvptWfzoA9YbYYmDdk1G6YE708LD5p64aqMMdf267ewlUS7mAog0X3vq5NQK4LjsmQCBhmAEml1KqHbje-k_tR3nesl3ekUz0qsTEiWfepd062RAMqwrE7jIVQQq3jeSiTO79pEQgu6Ha70eOkSokNphoV5PTmyuRWkzLOTd37bSc26AmuboKYwmrWkSaHhFEVWVEPOP0-b87AcXJ37Ofh2GKFR22AY176b50XC3qULvii05_YOxezKoXQwsK5-QvWcBDtc6tsEQAII58LBva3dgCh1jnqM5LwGFLKLrMv7XYoN0taUFdN6G8k_UQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:25:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F807 143 B
163 B 19ms
4ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
URL: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Wed, 26 Jan 2022 18:47:00 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 57FF 169 KB
59 KB 33ms
5ms Script
text/javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
Origin: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 04:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 04:41:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/elements/html/ Frame 57FF 8 KB
3 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DY3NnquLuTJJQvwzqK6FE1DhX-2VG7DshxH8ebqI_Kpv7J4yF6mbxH34j6rNloOlkGrzUqB8hLlOnISWVrfAAoHmWieZEul6jI4IN21eRyU_2Q8OBuKjpLd55hZtlCTfUNX8wr3iutIe5jOyFemceRAnTSYw&dbm_d=AKAmf-DlTUlDQSn3V53F_frxHuzZ6WFl6DtSjl2iErRVUcJPRTfuyZ0B4nevypwgrv3ZqgGUD3arKRiRBDXT4GFbhNUZJivgcaC6h3QtCdA7M97SAofwL8OaW8I79dX_gG9kqHfa7zF7C3SYPejBPRZYT7O6b6Xqz2Hcv0I6CZmcaMTsBKbtG91HlPXSohkSpgiBk54u80E6QXi134Fjt12R2f8fM5m5FaBYgoi4aAF-VEsuPfUq7JmcOlQ01xtTHRgovq23xM8IikzhDFyIZDvmS7Q0jzNCscu4HLHWsZ2ANbXbX-flucJqlLYQlc51Qy6SYMzWUT8V9xCbtgZ-lAV1s8SdjNHHtjP7oIoJvaW8pKZ26wfIQOhZLHQqlwd-wyhK_UIXJ743A3oLeWEnNzxdADc2xGpj5d2nPsQKfXHexhgEfmvwZgbUOb6KKNYMnZBUhvWyWiFVc9GjXweXdx2yfSdDkjQzyhZWj5LIOMDGUopLeJSy7xDamiXHDO1nAMDrEobIN7dvMfVMcMKLqY4iAgVOpw04RqOpOCqK7A-0EiaVRmuo3COi0dJXvn2SXfl622Dzrxr7mLQyR3x0jfFbdfrqGNenb5mYNg6XOn4YlBL3U23yRtZL5kMFLUhMNF-nz_dMqsQROu8PBbpSBqVELg1z2xx8XEzAjlUVrs3AgwH4qz4ErtQ1HFU1g6tebMEQT2_EOIULCU3QKYQFWM1rMS6St1fmzQadQe2nOKKcThpx_yQk2_fdi1rtWrJtdjbKIk7AZyqDdC4ShG0Whh7cGihmY0B4F0stRL1lkHlXiaFZEYEBtmjH-8Ngw1xVbZPruFH1OLgWnhnIhtEFqOHgoyW1dthhB7mbDyg_uXyOsnU5XB9TNqaOrjqbgMRJ9b-iNd6lPMShOPYlnwkrV7N7NJ11TdlIG_SL-_UN9957wCZEPMWcfbLFoQcEH4zLLWKmVCfhSuULQM_QaMyiSaA9viwtATiuwA-RAFoiP0IlIShK9Tgz1WUauC7eTrVH2pcBrH3Pk2KHjouMGJN0-1NZT-M8XkTYIZwXKi26HZYY9hZTYib0LxqJYS6nn7DF90hajFjP482STAh5sC9omerd7wyEOKPKO1rmgsQmZZ0zZA-h3QuANeMZXWZu9zBbAXiXpCgv8MV3S4A5q8C1uR-Lkn4YLKTA_jnXpRQ8SIONFWe7vXRlIKUbs1ZO7udop5WYdYeErp69-jje7GboVjgtGhUHC9ysdfkG5Ij15LXAyMq6w4GO1YDkZ_-071ZkjXDTZdKf7ylITbO_ar2gWU6LJ37sHtrI1_k2ab5WrRpVXqMCXoJJedzsEI7uV5cvhAW3KKNqqn7trC8qKrOIbbKRPmVtw4xnrfBdpoJBFij4PtR9DEC6ChuHmL95S-OVY7sQDhSYZy5pdg-gPVDQNt1trRWL2vAY96xhEYn6rlxJRowk5h5b5XbgUYIt3W07Ie66zRFNwi7wQ6dwnz9XSmY-7jEkdo--0VctDwKnn8uL9eFvXkwc1AoZRYXTd-thkuSCXCylQkTv1wz92njfKhf7_CTRtk9kq4vi_lkAJQhJRwAIBI8wDphL0pWlA8LEtPrbU-rVYpfaH2tTB6LtZJDm0cMCNn-ETt9DSyXmOPHRVTBnZZQj33i1jgvzHuzvbgXBVsD3A9cMdk2QYiUgz1J09rp7UokeI_0JtRuJOeq7arH0QidbTnuhoEX0fZFAh9RWyAU9v12T6F5RyUa3jrXzYzxTCSE68LksHBkMGwg_jjHWjNJlhgxk4vgAc1Z0eUhuOsvBznNUcUROMIsgvHqtsiuxcYTEohBoexkvOzT3h-S8RZIkVLmZ8K3DTfto7ocJbVCPbL7wl9k9DEu8HctdmAVvcFCYpCBSjxZ-EAPQ1tktNmkdzzHZNgVl7eb9Kj4c-KI-fACDbzm_3MQwBtgU3xzwmae6zktevcK5CH2SmDMtdWnYGssBTQbqLJ4O8GF72RNrJuaaJPi_Zticxn7cM-ryGayq0pVL0SK0UnvvuCxhZTSvAPE8UiNWinEbxbLCBwTKUyxp8e6h07BB969lE6XTz_h0M4NM0fuqMGPwYkcGUtxQHc9A8luuvIIQAks-gSyVxKVPv42q3ICnSuxlcuhPyfhRJi87dSMUniMS6zDVOjSZnjx01Vlr8FFegccXzMLpGWVVrAEvP1cfYfy9V8RIaAeFhEVyJWw4lKIuE-2jvAuHKzzJ08up0xwsp4mpMhGV2ko1LUKgdZuXs6oJw_leIfXEXCO6z00X8ojh9GPrTyi13XRvhf6h22lwgqzupXxyOEFQHQTqazj7GY-Y9wAx4ZLe-JuLsNrDbhzbmH2yiMO_csTIvejEfWi3KAV-3YYNVCn2QIGR-v4KkP4eUOv3Pod1J__MvQORy9gzE3XhD0oLV5QznOA1z-EbqPlRmGEvLD2CFB3HLtrhyO0s579R8tpiE3WWBICjd2vxufJWy00AiG4GJAx2q2BO47cqCS8KSGHEzDX0YwBZjic7YVIG5Qg4eS1ww1O-FKZ-x3zSX9vafql2yzwJ4TpdrnW9oSLDeFbv9iMB-WhbeYs9BxeWhrBhtStUXHRfqg45TDZYvzDyWBri66yAhH_f4ojEmtXcf-HYNoSJ0lS-QpZL-ub9kbAnwK0Y6fgGX7HpvwCzK9uQzD1mMUvNSraeT2uuKHUoV5pwlqKGZNyRcNsxPkSD8WfoRMMfgBr7s9OSik3OSqnLpna4utn-nVwr3no67yxBN6_CEsxE2qOnuxcFMiKcS8AG8WQfmH7TRb9c4vOsLB000NYBVP4H9kxHEN6eX6KDAxuWe5YsjZiA9TNoPxuRLFFKJquq_X-OpQaH9PQ2ife6MHyfLGmUMFUDNR8EuN7Gpht1rwsgwHYLko7Dr10ykAJfe8RgDHl5P1SWEEKGYjbSRsRM7LxODoTOJ43meBpEfBM4TWsYwTsDTzlBvlTOculy1H-pcooC1j_vHeYBJAXIBAsTDptGK4txdb3xQ3Tn0jAgb2BvXqwY9CNlVGxzUH5s0tN6j8at6ZxBE5DpoFGuKc4bnAjs-h9ZJuoWCpphcZFu_demDnTmcA4o02DR34fpDH1TQJbJXbaBwdylpICoaCH3yeM--3C3OX9Z4-p37pL8&cid=CAASFeRo5qVKr8AzPV3btdBvx5VHttwL6Q&rfl=1%2Chttps%253A%252F%252Fwww.newseveryday.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:22:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 19:22:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/ Frame 57FF 24 KB
9 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9544
x-xss-protection: 0
server: cafe
etag: 6261108306223674270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 19:21:06 GMT

GET
DATA 200
OK truncated
/ Frame 1504 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3df8424f0b695e8282f35325dcdff7182710e8002dfe2e5c6ff7372f75a7288

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 39E3 9 KB
3 KB 5ms
5ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 09:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 27 Jan 2022 09:20:01 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 39E3 26 KB
10 KB 7ms
7ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 13:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 27 Jan 2022 13:05:56 GMT

GET
H3 200 12530cd0452c242940ce0b6e2fa0eba4.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/ Frame 39E3 69 KB
18 KB 8ms
7ms Script
application/x-javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/12530cd0452c242940ce0b6e2fa0eba4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9f2f61f55914c4f481d608c286ddcdbd4410fd7331b9f63cf7ea67b15a306ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 167504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18350
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 22:20:52 GMT
server: sffe
date: Mon, 24 Jan 2022 20:53:34 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Jan 2023 20:53:34 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 47F5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJhGqSMzMesozllZAu5f1uA&google_cver=1

43 B
893 B

28ms
13ms

Image
image/gif

184.29.129.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJhGqSMzMesozllZAu5f1uA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4YhdHrnAEwAQ&v=APEucNWFRTmtaWd66frwdaJaOF4y0i2JyTCEjq91LmYDpYsmaJYpz8jZcuVQbCU3_Oc5DxBsbwd0thQm7SiJowXsJYg1uK2BKQ
Protocol: HTTP/1.1
Server: 184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-129-7.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 19:25:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 26 Jan 2022 19:25:18 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:25:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJhGqSMzMesozllZAu5f1uA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 47F5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfGgHspvIHSiXN4w0uc2dQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJhGqSMzMesozllZAu5f1uA&google_cver=1

43 B
893 B

28ms
14ms

Image
image/gif

184.29.129.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJhGqSMzMesozllZAu5f1uA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4YhdHrnAEwAQ&v=APEucNWFRTmtaWd66frwdaJaOF4y0i2JyTCEjq91LmYDpYsmaJYpz8jZcuVQbCU3_Oc5DxBsbwd0thQm7SiJowXsJYg1uK2BKQ
Protocol: HTTP/1.1
Server: 184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-129-7.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 19:25:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 26 Jan 2022 19:25:18 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:25:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJhGqSMzMesozllZAu5f1uA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 47F5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHsELg5mx40mt2WSAukrObM&google_cver=1

43 B
1004 B

20ms
6ms

Image
image/gif

68.67.161.210
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHsELg5mx40mt2WSAukrObM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4YhdHrnAEwAQ&v=APEucNWFRTmtaWd66frwdaJaOF4y0i2JyTCEjq91LmYDpYsmaJYpz8jZcuVQbCU3_Oc5DxBsbwd0thQm7SiJowXsJYg1uK2BKQ

Protocol

HTTP/1.1

Server

68.67.161.210 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

805.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 19:25:18 GMT
X-Proxy-Origin: 5.181.234.132; 5.181.234.132; 805.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 615816a8-9422-45cc-a81f-44af0ff872b5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:25:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHsELg5mx40mt2WSAukrObM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 47F5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEyNjM5NTUyMjY3MzM0OTA0NA%3D%3D

170 B
188 B

22ms
20ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEyNjM5NTUyMjY3MzM0OTA0NA%3D%3D

Requested by

Protocol

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:25:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Jan 2022 19:25:18 GMT
X-Proxy-Origin: 5.181.234.132; 5.181.234.132; 805.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 12909c27-6684-4414-a823-af37ca74f4bc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEyNjM5NTUyMjY3MzM0OTA0NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 98 KB
8 KB 37ms
24ms Document
text/html 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e35743d759a46682638f005aefb5d74d762388384393ab0218ae1c6bf8c876b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Wed, 26 Jan 2022 19:25:18 GMT
expires: Thu, 26 Jan 2023 19:25:18 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 06 May 2021 05:38:39 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 57FF 0
571 B 102ms
77ms Ping
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmnTgnCg-zk1zAUg36wfmK8cF2cTC7ExbzHOHPGZErY_Uv9-rP2tP_8oYwemJPUXeq0rkB7gr_xoBTtxzLHdarvmjEgtY5V3w2XLxlJj6RS3z68jfNtjaH_gWEor8JLQTuRPpjyQQVqO-A1v7nq_rtC86z_3CPrf5J7GHJV0bGh7HU1jo09W19aJ1pm8XSO94Lyto7O8HjHF1HMQD_MrZ7IR0P1qhHs82HSBp8pK2lISPOyC7oA5g7QV0AOImP1KvsUg70WfnHGmAHfW4aAmR49z7anbRfpu8zCrKuKTEQ9ui-x9WHxwmgQw787c971fkGuK3i3GAg7wkad01wvBHTLKnULLU8a1Gsk5rCEWcjKlW0wLR8r_X-BghpKTsYehQt7jZmEimbH4tggzKljRNtHNqakxqRoP97SVUGTUDQ-5wWkrAkAoEWYAz0V1bzdlaTkOqaiaYEWeAYxThOlsY4Eh_DEZsOolvfLpbF4B_0RDZV_3tzgGEMZe7C126mPwkMNbTjP5WFDshro4rW6gKwcQUnsv0H6uKo8PTEbTEOYDKTZJQcf6qh46s1d-_m6Kn-J3Rg57aV0JrRNL3Oc7qFWl_qvCrniOHXNgcgxbFzCpzwpDba1Ls445tBwMP4efv1HZGjGXfkA6o1m8TvOP4SY4hod9E4SU_Stf-OJeSEwsXX_EACh0YysflD98GFKcLySemHWkOAGOTJpQZHaDAs6xxVrdroDBjaHynptlszwHRS1RqwtB1NNmqZ0egtEulOUCUyK6SQu4luzxnvsZ1BKFmmS4T2uYIdPx3ostRF846mw1g4X-y12BE8hpOC2ozMV_3W5hxYmZIMuKaClJsTmo1rb6lVCFnfpMqxB1afvO9jX_a6C_PtrlpIgq_5Rx924j9JMK96hpEAfe1Pq1WN4dPQUFazwBC8rDbkboPox5GkIGn4gnn7vKUc5p5t8fQ4DwuOGFOg6OBD6L80elurMmRAcId68AzznatM81yYQ3riQ2fVEvnZ-iVGEYlMVZHZeOStVl4KNmIw2kKG5b8FJ6byoEmnWA6L7VhoeIqU-2qOrH2wPlWCdPm9H6yqMsEXMin_pcnZkC5je5OQhv0oTBgifEVM4eYSITTzb4ihy96751Ti_sCyfnuCvQZaFWYvBfQBtf35RI-P16c&sai=AMfl-YShm-9cc51btUG-5VsVjL6BIAQM9KZkFwf4qp9SEB48X0cMW7Vu6j3byRn1J3TUNr1ss0oO3vIR49YLnFNN8SDyiClacg27D9a8sus6k23jkU09i9gRUDVGm-UHVJ5FW0dCBCwoSOQsvawx-1Lq-FfWxfDXjSGW3m9xmyc&sig=Cg0ArKJSzFLSAYnGO_gwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=118&cbvp=1&cstd=107&cisv=r20220120.59703&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 26 Jan 2022 19:25:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 56a7cd13c3b06117031d3733ed6468d2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/ Frame 39E3 22 KB
22 KB 8ms
8ms Image
image/jpeg 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/56a7cd13c3b06117031d3733ed6468d2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19c119eb7e36e85984b9e17116fdec42a8f28820fad8d0a36e392831f90e2448

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 339957
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22619
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 22:20:52 GMT
server: sffe
date: Sat, 22 Jan 2022 20:59:21 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Jan 2023 20:59:21 GMT

GET
H3 200 970122391ab275c2be5eaa11a256f085.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/ Frame 39E3 23 KB
4 KB 13ms
12ms Image
image/svg+xml 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/970122391ab275c2be5eaa11a256f085.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a4da52850b15343f8b36c9c25962ed029b86874bd92ae4c44793ad0358b1c0c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 167504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4389
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 22:20:52 GMT
server: sffe
date: Mon, 24 Jan 2022 20:53:34 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Jan 2023 20:53:34 GMT

GET
H3 200 a5fbad59aa2db07f8927cb1fc3ddfebd.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/ Frame 39E3 4 KB
2 KB 15ms
11ms Image
image/svg+xml 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/a5fbad59aa2db07f8927cb1fc3ddfebd.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed3303e621e332844b519248392599006f0c559632aeb8c79ffd0b1c8324ae4c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 167504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1506
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 22:20:52 GMT
server: sffe
date: Mon, 24 Jan 2022 20:53:34 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Jan 2023 20:53:34 GMT

GET
H3 200 398ecaec87f23e74b0f54c335302d460.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/ Frame 39E3 1 KB
1 KB 15ms
11ms Image
image/png 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/398ecaec87f23e74b0f54c335302d460.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a153f3048c507407e66e53cdf4c5d9ac639dbf4b67957704636778c75c3840

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 339957
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 22:20:52 GMT
server: sffe
date: Sat, 22 Jan 2022 20:59:21 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Jan 2023 20:59:21 GMT

GET
H3 200 1c8e372c53beae3d50f38c78f25b8273.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/ Frame 39E3 2 KB
2 KB 15ms
11ms Image
image/png 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/1c8e372c53beae3d50f38c78f25b8273.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae38d637b069f64d6f696445a5f7e50e977a8d321c580eb0c5001c76d59a3ea9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 339957
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2429
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 22:20:52 GMT
server: sffe
date: Sat, 22 Jan 2022 20:59:21 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Jan 2023 20:59:21 GMT

GET
H3 200 8229d4a279e9db68822d8d09ef8c14e1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/ Frame 39E3 3 KB
3 KB 17ms
12ms Image
image/png 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/8229d4a279e9db68822d8d09ef8c14e1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b1fe5fae04637fda831271b27abb29854960dafcb7fa936a7c8b20ed15f9765

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 339957
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3030
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 22:20:52 GMT
server: sffe
date: Sat, 22 Jan 2022 20:59:21 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Jan 2023 20:59:21 GMT

GET
H3 200 c75223ef8425d06a302c0d8042d8e4cd.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/ Frame 39E3 11 KB
3 KB 15ms
10ms Image
image/svg+xml 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/c75223ef8425d06a302c0d8042d8e4cd.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

501db064f73643f19ce508986fdfd7b11d889f8aba3c5e7d545dc575667bf673

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 167504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3385
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 22:20:52 GMT
server: sffe
date: Mon, 24 Jan 2022 20:53:34 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Jan 2023 20:53:34 GMT

GET
H3 200 290ce6b2ee704fc6c062c7bb7ae6c54a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/ Frame 39E3 8 KB
8 KB 14ms
10ms Image
image/png 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/290ce6b2ee704fc6c062c7bb7ae6c54a.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6056db82ad325b93dd57038ac9d7c1251624257583944c8d6d0aedd0d214c2e8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 339957
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8414
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 22:20:52 GMT
server: sffe
date: Sat, 22 Jan 2022 20:59:21 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Jan 2023 20:59:21 GMT

GET
H3 200 bea9b4c25212c2f63c8c958e8988a502.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/ Frame 39E3 4 KB
4 KB 19ms
10ms Image
image/png 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/bea9b4c25212c2f63c8c958e8988a502.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2b6af03788d2f7b0e4a334a17cca35522f5face6511fc7f42edd784bf5f63a4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 339957
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4440
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 22:20:52 GMT
server: sffe
date: Sat, 22 Jan 2022 20:59:21 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 22 Jan 2023 20:59:21 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F807
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

34ms
28ms

Document
text/html

2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
URL: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 26 Jan 2022 19:25:18 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Jan 2022 19:25:18 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 26 Jan 2022 19:25:18 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 57FF 41 KB
15 KB 22ms
9ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
URL: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 04:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Jan 2023 04:21:31 GMT

GET
DATA 200
OK truncated
/ Frame 57FF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79534bf7df315aa3aa7ef01bad0e5546f2ad26cfea891b039300b9bc64d1a317

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bdebd0b9f9d1bb132eca47123732f50e.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/ Frame 39E3 2 KB
807 B 7ms
6ms Image
image/svg+xml 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/media/bdebd0b9f9d1bb132eca47123732f50e.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544143871827822005/2021_q3_SMBIMC_BigThreat_ad1-300x250-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f1ba771c926cbe37535bd9099dfdf6c42d3a1f8d83fffeaba62108d0675005

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 167504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 772
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 22:20:52 GMT
server: sffe
date: Mon, 24 Jan 2022 20:53:34 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Jan 2023 20:53:34 GMT

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 55 B
103 B 6ms
6ms Stylesheet
text/css 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 07:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 560098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Jan 2023 07:50:20 GMT

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 731 B
263 B 6ms
6ms Stylesheet
text/css 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207280
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 09:50:38 GMT

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 24 B
72 B 13ms
11ms Stylesheet
text/css 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:33:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111085
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 12:33:53 GMT

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 281 B
187 B 12ms
9ms Stylesheet
text/css 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 14:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 362880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 Jan 2023 14:37:18 GMT

GET
H3 200 gwdtaparea_style.css
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 157 B
144 B 11ms
8ms Stylesheet
text/css 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 06:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566215
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Jan 2023 06:08:23 GMT

GET
H3 200 gwdattached_style.css
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 26 B
74 B 13ms
10ms Stylesheet
text/css 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583981
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Jan 2023 01:12:17 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BCE5 664 B
355 B 45ms
20ms Stylesheet
text/css 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:29:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Jan 2022 19:25:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jan 2022 19:25:18 GMT

GET
H3 200 googbase_min.js Show response
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 400 B
304 B 17ms
11ms Script
application/x-javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3168403eabe87c4fa8bf097e63d6409e3e6d15a14825215c27e9e4f1f943c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583981
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Jan 2023 01:12:17 GMT

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 21 KB
6 KB 15ms
11ms Script
application/x-javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6286
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 23 Jan 2023 17:57:39 GMT

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 3 KB
1 KB 16ms
12ms Script
application/x-javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 08:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557256
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Jan 2023 08:37:42 GMT

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 8 KB
3 KB 15ms
11ms Script
application/x-javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74a8b34ddd37ba93b4c8198cebbc858c098de1effdddd63eebf9009d55cc53c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207280
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3125
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 09:50:38 GMT

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame BCE5 110 KB
38 KB 17ms
13ms Script
text/javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 14:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 14:36:33 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 13 KB
4 KB 16ms
12ms Script
application/x-javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a22c497288d6b312171de3df8ed00831f34a76a52384c1ba9d504e11c98a5f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4408
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 09:38:20 GMT

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 5 KB
2 KB 22ms
18ms Script
application/x-javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 08:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557256
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2001
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Jan 2023 08:37:42 GMT

GET
H3 200 gwdtaparea_min.js Show response
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 4 KB
2 KB 21ms
16ms Script
application/x-javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

740d0e2ab785d5697336ecd812e6c6fb5547e741ab78204d93023d08bd274ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:33:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111085
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1814
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 12:33:53 GMT

GET
H3 200 gwdattached_min.js Show response
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 1 KB
616 B 23ms
12ms Script
application/x-javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1b78dc0bec6c4c5e65036a6d67c15a91ae2fc807f61ddab5ddccc3483cb9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:33:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111085
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 12:33:53 GMT

GET
H3 200 gwdtexthelper_min.js Show response
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 7 KB
3 KB 22ms
11ms Script
application/x-javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce8bd0ee36a0c73ad575c2b1a3d8117bb51a83021a64510197960c8fe5a1e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 06:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566215
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2867
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Jan 2023 06:08:23 GMT

GET
H3 200 gwd-events-support.1.0.js Show response
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 2 KB
716 B 24ms
13ms Script
application/x-javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/gwd-events-support.1.0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:33:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111085
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 687
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 12:33:53 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9C81 22 KB
8 KB 5ms
4ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Jan 2022 04:21:32 GMT
expires: Sun, 22 Jan 2023 04:21:32 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 399826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 image.jpg
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 773 KB
773 KB 7ms
7ms Image
image/jpeg 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/image.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d42d1a2ad819365892637e0ba1333a73e8c0eb0f90ad53b402aab0d5af81463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:33:41 GMT
x-content-type-options: nosniff
age: 111097
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 791172
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 12:33:41 GMT

GET
H3 200 FreigSanLFProMed.woff
s0.2mdn.net/creatives/assets/4003215/ Frame BCE5 63 KB
63 KB 8ms
7ms Font
font/woff 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4003215/FreigSanLFProMed.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6354c4ec800f1d1d7affba1c099e916ab2c55ecadd4fcbd1493d3a28ab776e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:16:00 GMT
x-content-type-options: nosniff
age: 558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64700
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 16:10:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jan 2022 19:31:00 GMT

GET
H3 200 R1B9DkRZwcDIRZ3R9sqVqoa_rY5Qa04vEjSiPeGSXMQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C81 35 KB
13 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/R1B9DkRZwcDIRZ3R9sqVqoa_rY5Qa04vEjSiPeGSXMQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47507d0e4459c1c0c8459dd1f6ca95aa86bfad8e506b4e2f1234a23de1925cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 04:41:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 225808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13406
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 04:41:50 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BCE5 6 KB
5 KB 37ms
25ms XHR
application/json 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0aa8bc94a34ffefb544e82650888b4736b689d81bf84beb8ee8a4ef8e755887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 19:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4719
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BCE5 17 KB
6 KB 33ms
33ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jan 2022 19:25:18 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 57FF 0
23 B 84ms
70ms Ping
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmnTgnCg-zk1zAUg36wfmK8cF2cTC7ExbzHOHPGZErY_Uv9-rP2tP_8oYwemJPUXeq0rkB7gr_xoBTtxzLHdarvmjEgtY5V3w2XLxlJj6RS3z68jfNtjaH_gWEor8JLQTuRPpjyQQVqO-A1v7nq_rtC86z_3CPrf5J7GHJV0bGh7HU1jo09W19aJ1pm8XSO94Lyto7O8HjHF1HMQD_MrZ7IR0P1qhHs82HSBp8pK2lISPOyC7oA5g7QV0AOImP1KvsUg70WfnHGmAHfW4aAmR49z7anbRfpu8zCrKuKTEQ9ui-x9WHxwmgQw787c971fkGuK3i3GAg7wkad01wvBHTLKnULLU8a1Gsk5rCEWcjKlW0wLR8r_X-BghpKTsYehQt7jZmEimbH4tggzKljRNtHNqakxqRoP97SVUGTUDQ-5wWkrAkAoEWYAz0V1bzdlaTkOqaiaYEWeAYxThOlsY4Eh_DEZsOolvfLpbF4B_0RDZV_3tzgGEMZe7C126mPwkMNbTjP5WFDshro4rW6gKwcQUnsv0H6uKo8PTEbTEOYDKTZJQcf6qh46s1d-_m6Kn-J3Rg57aV0JrRNL3Oc7qFWl_qvCrniOHXNgcgxbFzCpzwpDba1Ls445tBwMP4efv1HZGjGXfkA6o1m8TvOP4SY4hod9E4SU_Stf-OJeSEwsXX_EACh0YysflD98GFKcLySemHWkOAGOTJpQZHaDAs6xxVrdroDBjaHynptlszwHRS1RqwtB1NNmqZ0egtEulOUCUyK6SQu4luzxnvsZ1BKFmmS4T2uYIdPx3ostRF846mw1g4X-y12BE8hpOC2ozMV_3W5hxYmZIMuKaClJsTmo1rb6lVCFnfpMqxB1afvO9jX_a6C_PtrlpIgq_5Rx924j9JMK96hpEAfe1Pq1WN4dPQUFazwBC8rDbkboPox5GkIGn4gnn7vKUc5p5t8fQ4DwuOGFOg6OBD6L80elurMmRAcId68AzznatM81yYQ3riQ2fVEvnZ-iVGEYlMVZHZeOStVl4KNmIw2kKG5b8FJ6byoEmnWA6L7VhoeIqU-2qOrH2wPlWCdPm9H6yqMsEXMin_pcnZkC5je5OQhv0oTBgifEVM4eYSITTzb4ihy96751Ti_sCyfnuCvQZaFWYvBfQBtf35RI-P16c&sai=AMfl-YShm-9cc51btUG-5VsVjL6BIAQM9KZkFwf4qp9SEB48X0cMW7Vu6j3byRn1J3TUNr1ss0oO3vIR49YLnFNN8SDyiClacg27D9a8sus6k23jkU09i9gRUDVGm-UHVJ5FW0dCBCwoSOQsvawx-1Lq-FfWxfDXjSGW3m9xmyc&sig=Cg0ArKJSzFLSAYnGO_gwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=675&vt=11&dtpt=557&dett=3&cstd=107&cisv=r20220120.59703&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 19:25:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 vrbo_logo_2.svg
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 132 KB
99 KB 11ms
10ms Image
image/svg+xml 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/vrbo_logo_2.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a6640c6c41e5e76da4169320f746e1bb5e108664263c69cfacab0aa99fcde66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 12:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456045
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101085
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Jan 2023 12:44:33 GMT

GET
H3 200 vrbo_logo_1.svg
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 132 KB
99 KB 9ms
8ms Image
image/svg+xml 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/vrbo_logo_1.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21605de773ccbb48062d05679f58a42848461f98d47367ff76cf9fb2961db287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 14:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365099
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101002
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 Jan 2023 14:00:19 GMT

GET
H3 200 image.jpg
s0.2mdn.net/sadbundle/7792666701245598281/ Frame BCE5 773 KB
773 KB 7ms
7ms Image
image/jpeg 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7792666701245598281/image.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d42d1a2ad819365892637e0ba1333a73e8c0eb0f90ad53b402aab0d5af81463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7792666701245598281/index.html?e=69&leftOffset=0&topOffset=0&c=xUxFU1Dfr4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:33:41 GMT
x-content-type-options: nosniff
age: 111097
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 791172
x-xss-protection: 0
last-modified: Thu, 06 May 2021 05:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 12:33:41 GMT

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame BFC3 35 KB
13 KB 7ms
5ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 15:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 15:44:20 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C81 0
20 B 67ms
66ms Image
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbPXMHqDxYei_A4HMzgW0-5DwBgAAAAA4AeAEAg&bg=!n5ylnNjNAAZ_DxPPfw87ACkAdvg8Wv0RpoDjnQJi3cDXHNPe-m2Zv3OEouBd0rgwYpB5PVwTqUyErQIAAADbUgAAAAJoAQcKAG-AtU-AM-enBmWp15s5aTiZu1KF9H59EclD-4d4606JdMOMDrt_KlvJ_aCOIJZF8ORGO1EhNSflZfVFiTPjYac4jnk8nsZl22jao1deH7oKge1_FR7mrH2DN_EJnNcahnZ-al4CGctRCC1MxyWtVX6ZAvHeePX5M8xv8uk7MRAVFc4sV6yWxZIYppjiAm4M8gPJ_OWpqqvYjIZNTBujNbONaj_zrK5G57dF2hnMz1agkfZsD8zUS1_SvJZqKCYpzSDbIQCKMwsSgotUgBLc0aDSR1TEB3iZGbyfrZceE7TSaFIRHtfmbRKQhTliSZ-4L5-tDJNBCvSNDNyD3d-UhjQKscDZH5o-GOQTq2zE_k1YIW_MhPqh5DJGDRKzyLJioHwP0btrMwDCp81GvC84iIheyZ0cIRZvVAmqDZ7oMj0l_Y6_cBgRA1r9n_71X6L5PVzSp3BbfxtgPuThnjh8YGfO3LoCPZQKzXwpddP9jiXfjz5vDo9dZpjXMg-NMvQICDAhbB6bvh8atsltV9V_Y9Jsbj98ogcMuwDzexNJuTLH-PlXI1V-h3TJcPPY_esPjuDy5I1hCm9KrQyiG78fI-_YqJ9nrEM1pAZZ_ymwNJer9ATInaGSBl5P_CL3xs3K7GVbvKmBG9ItdiLsaqIlYz3ZNDkUkt5GGjhrKm9KkLRMcOuc59a_Pzz-6tMAPzCshioxHKXkT-c8XTgMUxuUR-0UpcASh43JRQjkc1PcY4TUiDx_mlJ50SlCYIsjYbsyVhhuwzHfd7H94S_IJ4GAh8RvXT6i9PK4PmEJLQ9MjBn-cQtOsx9QcIi55m7MAwKpkrZqBf7Uwa0ErNmdmrNmWIG2r_PM8KssMeaLGUyEAoTqCRDi-wRDk7f9Q7Vt-v9pYKxv4saikyVFshahNTxtS2S05kSOuibRldslXyInVdG6IUZv6iNATCPFFOKimm3Kyjq9DFwLQaFlvNGuP3oeOUmAcQ7mXdFHQZ4IB_WRcy5FT1zabpWBP06PoRxHw-X5vvqUKEyWJaKo0cf6NRJjMuaplpa4mtbxZnfk1jsdxPmp4ZKljVVHCPeybUMpWL52I-v6LWRc0kbYT-aKkp7hQTdUk0O-1NksrzYqW79qEuZTTl6ALb3SwzArpHgJTQnSX1CCvhw

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:25:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1504 42 B
64 B 74ms
73ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIN_aORQtezh5wJ_IoJ7BUTO8i6Tt6Hesk0L4mQaaRiObIQXiVFg9EQobUJm8e4Rqr1Wh_3E4aSkSudIqiQXe2OVoS2fnHMu6ICUt-lVPm7P4RRSo01kOJDp7MzjI2c1T2YLk8WdEJcA&sai=AMfl-YTD9Wus4DdX9zJdz7Wc2gluY94FnUwBx6sRtWkmSo-iswOmmwnk6FmTFVfbXyvY3Sxb76iSrfxZyf46sOfaQJO7D4r_p5DW_4KS6luUXjQ8CBuSp7YNba8g-R9Hu0s&sig=Cg0ArKJSzK9FikKya6OOEAE&id=lidar2&mcvt=1002&p=130,1029,380,1329&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220124&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3981841859&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643225117929&rpt=264&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:25:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 57FF 42 B
64 B 72ms
72ms Fetch
image/gif 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnQmvX1b3nTD86KWV3z0RPxcJi0HgV6x6tYpwn3NDL6n4iNykEbGRhf7MQM-U-WMCBnylm1De1S6qQ41Hfe7-FEW_d86Met7fzu8id1oJY9wjkP-c&sai=AMfl-YTBbc7jxYfu9ElQ8scBfxa_KVOekkFCg-zJ4L6MG8xrBWuyRuY6qcX25Tomyn_STK9IP8bG1VL4ClCwi7_s_P_aBSGd6vwJi-MYZO3WzONI3KY81xHz-3EJNeXXQVY&sig=Cg0ArKJSzAf-xJTyDqsXEAE&cid=CAASFeRo5qVKr8AzPV3btdBvx5VHttwL6Q&id=lidar2&mcvt=1000&p=830,1029,1080,1329&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220124&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3981841856&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643225117939&rpt=383&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:25:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.newseveryday.com/	1970-01-20 09:57:19	Name: __atuvc Value: 1%7C4
www.newseveryday.com/	1970-01-20 00:27:06	Name: __atuvs Value: 61f1a01ce70737b9000
.newseveryday.com/	1970-01-20 00:27:05	Name: _first_pageview Value: 1
.newseveryday.com/	1970-01-20 09:12:41	Name: _jsuid Value: 1633110175
.scorecardresearch.com/	1970-01-20 17:43:53	Name: UID Value: 1A68bf22bb8aed1cbc7249d1643225117
.addthis.com/	1970-01-20 09:57:19	Name: uvc Value: 1%7C4
.addthis.com/	1970-01-20 09:48:41	Name: ouid Value: 61f1a01d0001f44c5d811ca4fadc553d7413984aa3b9b9c8cfcf
.addthis.com/	1970-01-20 09:48:41	Name: di2 Value: aVQdc#&0x#&g#%Os#%Or#%Km#%Kf#%IX#%IQ#%HV#%F\|#%FS#%FR#%FQ#%E~#%/p#%/o#%/n#%$~#$Mr#$M`#$Ll#$L^#$LZ#$Gr#$CT#$7r#$1~#$0\|#$+U#$)\|#$){#$(w#$(T#$(S#$(R#$(Q#$$c#$$b#$!}##NW##Mz##Md##LU##Iz##Ix##Gr##Ed##Eb##EZ##Bq##Bp##@q##>W##>U##'V###l#!0}#!/p#!$s#!!xPNePNdPNcPNbPDtPC]PC[P<nP8UP7sP7rP7qP7mP7lP7kP2SO1iO1hO1gO(rO(qO(pO(cO(bO'vO'uN+gN+QN'yN#xMLcM?gM?fM>VM>UM>TM>SM>RM>QM7oM7nM7mM7lM7]M7XM-{M-rM-qM+}M+zMfM'fM'bM&oM&nM&mM&^M&]M&[LFTLEsLErLEqLEpLDkL.wJEXJ&ZJ&YJ&XJ&WJ&VJ&UJ#\|J#{J#sJ#rIIYIIXIHcIHbIH[IFcIFbICiI?VI?UI6rI5fI5TI5SI3\|I3{I3yI3rI2bI1oI/}I/\|I/jI+l$+S83}7>Z7:m77h77g7.k7.b7-~7-}7o7k7)\|7)m7'h7'g7#t6L]6L[6Kh6Kg6Hu6Hq6Hp6Ho6Hn6Hm6FW6FV6C{6@t6@s5)z5)y5)`5)_5)^5(n5(b5'~4JX4?Z4=a4=^1Pg0%w0%v0%q)1i)1b#=>j#:%^#4HR#4Gi#4G`#4Do#4DV#4Cm#4Cj#4CX#4@o#4@_#4@^#4?c#4?a#08^#08W#/}#/{#/R#.~#&]#&Z#)N}#)N{#)Gc#)Ga#)-i#)-g#)-e#)V#)T#))~#))\|#(8k#(5i#(5Q#(4~#(/]#'FX#'E{#'8f#'&U#'&T#&He#&GQ#&@r#&@q#&@p#&<]
.addthis.com/	1970-01-20 06:35:43	Name: bt2 Value: 61f1a01d001Gs0002
.addthis.com/	1970-01-20 09:48:41	Name: um Value: j.'2022012619251706400711036315'
.addthis.com/	1970-01-20 09:48:41	Name: uid Value: 61f1a01de2ef96b0
.addthis.com/	1970-01-20 09:48:41	Name: na_id Value: 2022012619251706400711036315
.addthis.com/	1970-01-20 09:48:41	Name: vc Value: 2
in.getclicky.com/	1970-01-20 09:12:41	Name: cluid Value: 1633110175
.quantserve.com/	1970-01-20 09:57:19	Name: mc Value: 61f1a01d-45d9a-98661-6ad2e
.newseveryday.com/	1970-01-20 17:58:17	Name: _ga Value: GA1.2.1261848234.1643225117
.newseveryday.com/	1970-01-20 00:28:31	Name: _gid Value: GA1.2.1500885619.1643225117
.newseveryday.com/	1970-01-20 00:27:05	Name: _gat_gtag_UA_52977351_1 Value: 1
.newseveryday.com/	1970-01-20 09:51:33	Name: __qca Value: P0-223529027-1643225117265
.addthis.com/	1970-01-20 09:57:19	Name: loc Value: NDgzMjlOQVVTTUkyMjI3MDk2NjUwNTAwMDBDSA==
.newseveryday.com/	1970-01-20 09:48:41	Name: __gads Value: ID=49dcea577d4ad354-2270a021b27b0016:T=1643225117:S=ALNI_MZwnya_tgzyHw0nlpBhF9PwPutVLA
.doubleclick.net/	1970-01-20 17:58:17	Name: IDE Value: AHWqTUkvTnqUTGALipGBEnwucGv_ObSkAfwqrdQXp_F3pxLqe2FMF4vtAUjqKwhrX4s
.casalemedia.com/	1970-01-20 09:12:41	Name: CMID Value: YfGgHspvIHSiXN4w0uc2dQAA
.casalemedia.com/	1970-01-20 02:36:41	Name: CMPS Value: 3793
.adnxs.com/	1970-01-20 02:36:41	Name: uuid2 Value: 3126395522673349044
.casalemedia.com/	1970-01-20 02:36:41	Name: CMPRO Value: 999
.casalemedia.com/	1970-01-20 00:28:31	Name: CMST Value: YfGgHmHxoB4A
.adnxs.com/	1970-01-20 02:36:41	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUdXr(ab!1yIE`fS1ueD1W-044)d+]Ueir0=iTVXo63SF_31-ui!yC3']A1puK0_%sW?P(hw9P-HC_#u#`f)i-NZ
.casalemedia.com/	1970-01-20 09:12:41	Name: CMRUM3 Value: 2d61f1a01e2760CAESEJhGqSMzMesozllZAu5f1uA
.doubleclick.net/	1970-01-20 00:27:08	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0ac929ed3376c146b2710609427d4d08.safeframe.googlesyndication.com
1366492296.rsc.cdn77.org
1639681107.rsc.cdn77.org
ads.anura.io
adservice.google.com
ajax.googleapis.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
in.getclicky.com
m.addthis.com
pagead2.googlesyndication.com
pixel.quantserve.com
platform.instagram.com
platform.twitter.com
rules.quantcount.com
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
script.anura.io
secure.quantserve.com
securepubads.g.doubleclick.net
signal2domain.online
static.getclicky.com
syndication.twitter.com
tpc.googlesyndication.com
urldefense.us
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.newseveryday.com
z.moatads.com
s7.addthis.com
104.244.42.72
13.226.31.20
142.250.65.194
142.250.80.98
142.251.40.162
174.129.26.116
18.233.38.149
184.29.129.7
198.145.13.12
23.52.163.40
2600:9000:21dd:5400:6:44e3:f8c0:93a1
2606:2800:220:de:468:2285:c1:4a3
2606:4700::6810:135e
2606:4700::6810:a010
2607:f8b0:4006:807::2002
2607:f8b0:4006:808::200a
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80e::2002
2607:f8b0:4006:816::2006
2607:f8b0:4006:817::2001
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81f::2004
2607:f8b0:4006:81f::2008
2607:f8b0:4006:821::200a
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::200e
2620:116:800b:21:292:74bc:93af:7512
2a02:6ea0:c400::12
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f212:1e4:face:b00c:0:4420
2a03:2880:f212:c4:face:b00c:0:43fe
35.186.240.185
52.200.255.42
54.230.162.78
68.67.161.210
96.16.28.127
0383220765cc0f4bdaf58a65cd5837e1ac2779298f757c933aa8fc055d80976a
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
07bd3415a10c1e28f121f83385df47113ed4424508de494c85a95f4909adb8da
07d2de498772d46cd259d557e232a9c68c76116bfc6b51ff0d3a58b703900a2d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf1e1e9954830e9653e01049a009319571d9f1921f2a4a6a7c9e416389e341d
10e3015a6c5f65884b3ee1265907d8c8a8b869a99158cea58e955ed96a7a74f0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
153bdfe98f0b45231d4ea5ecf699122df1b8f3620ddbf2e3289e61129483db69
15f1ba771c926cbe37535bd9099dfdf6c42d3a1f8d83fffeaba62108d0675005
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c03369a81723d8600f243ae98f25804605d3239abae1cdca42b8c3934b96a1
19c119eb7e36e85984b9e17116fdec42a8f28820fad8d0a36e392831f90e2448
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
21605de773ccbb48062d05679f58a42848461f98d47367ff76cf9fb2961db287
257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee
25f44db80de0535f3816a4aba738b590435efe2a602a52d11bbdcc70fde81d24
27747a5a1f780e2a9d75576c2eb15cfdc6ed5d71cb6aa4368c3307c9974e1fad
27e2920be1d56ee6ef7a8c818f34fec5fddbf924dc252dadd8b24ec6f5f13dfc
2816082c025f64540b613fde3096d814ae21ac75279461ec1d6bcb5c07099fdd
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2a6640c6c41e5e76da4169320f746e1bb5e108664263c69cfacab0aa99fcde66
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee
301c7f8257485801c02235089470beacfe319494ddf042526b79019c3b6c96e8
3028ad692501830c5f13d7638c4445c1037c97ac8892c358a2eaa83b4eefe504
30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f
33df6cb47ce763d108a186d3667974e25a6da5106b271fe2f5414a04d35b82ab
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3b1b78dc0bec6c4c5e65036a6d67c15a91ae2fc807f61ddab5ddccc3483cb9c5
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3d42d1a2ad819365892637e0ba1333a73e8c0eb0f90ad53b402aab0d5af81463
3efb295535f851ec14b33ff0b2f5a13aa9761150168e88d1ebc9731748a39d56
41bc4d4fe88139d6ee89abfcb2abac71e1430d85dbffc0be7c8f6bd36f4ced7e
458632142ff634533e62ca19452984b1285456c760d9bb4ddc70610b7624f3f6
45a153f3048c507407e66e53cdf4c5d9ac639dbf4b67957704636778c75c3840
4637e1e9c180ae7038c88bb7677cab621d74213e1af34b5bdf7a1805fffa2ae5
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
47507d0e4459c1c0c8459dd1f6ca95aa86bfad8e506b4e2f1234a23de1925cc4
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4fcee3e563cd0f4963fac555cb567d7d72dc11cef1d9c2d4ac931c78607b6090
501db064f73643f19ce508986fdfd7b11d889f8aba3c5e7d545dc575667bf673
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d783462e6671fa985a6b0829db15474f4e57f0555c93e15cc2db6a1d1e6cab
5b1fe5fae04637fda831271b27abb29854960dafcb7fa936a7c8b20ed15f9765
5f56b50e672249b693fda9894e0dfadf927539ed769391e18675375a4459deed
6056db82ad325b93dd57038ac9d7c1251624257583944c8d6d0aedd0d214c2e8
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61332961d88f90e0127d937759df4c86432476be4942e094340fc984e9efec44
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c9cad2054c875917944c307f66f57109a8eecd15ef29d83cd59c4870a4aa6d
6300ba1c19b24d427fdec05b16c8b7c85f21155097c82ffdced06192a5f70d31
6354c4ec800f1d1d7affba1c099e916ab2c55ecadd4fcbd1493d3a28ab776e41
650769bdf8697755dd0d53eb4b8b02e84be55a3958d10252dd0ec2d028de13dc
6641525dab0863b8a51b24403a543a38f2f77403e73b6144ce195ade064afa1a
68642d9dce0bf6f2ee3debb3dc04974d1fb383e75fc9b2a16638734f113244d5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2
6e92ed2d364fb94642de787ddfff11b2a873cfbd00dfc329d0df9daaadbe2bb9
6ef5a20898aa83bcf61860a7d6aa73fbaca0778545d1d28e1e7951a3c2fa382f
7296714d4927c19e32c0c4b6bda27dd76440e4bb19e2a7fa2351660020a9e452
72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804
740d0e2ab785d5697336ecd812e6c6fb5547e741ab78204d93023d08bd274ecd
74a8b34ddd37ba93b4c8198cebbc858c098de1effdddd63eebf9009d55cc53c0
7518ebcb4b7c3c8b57541eee2f6ce91654af175bf76b9f280ad0c1ca3c908818
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
79534bf7df315aa3aa7ef01bad0e5546f2ad26cfea891b039300b9bc64d1a317
79b8388b7202f0bef63e15cc6f9a0172def5016bc105aacf29f939ca45ff6ef0
7b4b7d29d791f38ec867cf5ac9b63eef83c14566aff51c194bbecfd26cbce147
7e1118232be30930961993bbd54bdc38797314c497b74d1425caf9db5e784dcd
8023286f9ad1440333463e3c1c449c356c6e690d42a0ac7d6f6f231845481a9e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85257a305dedc3556f68526ab4367b42418fd98ca4510293daff0e511e4a8853
85da06819cf57856a37e37b6070436931a1a4f16d5255645cf2645ee864140e7
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88681da7578ec187c05ab378e0378be910544ae4b425d8157cbab57cff68db84
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8ebe8ff2e3ec71888471bb0de83b7cf1bcf011add84080b787ede0285b591c63
8f166b5ac0ac036787279b63f945b302f90c938ab204aac1c565c34e62a3cac7
9284bb7e5f19ba81c4a9cfb24dfd5fc613e252ffd4a2950478036162497e05fd
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
9a4da52850b15343f8b36c9c25962ed029b86874bd92ae4c44793ad0358b1c0c
9b579a8ea96e09208d465a8ed4b8b842bd7cecd5186b3b594bb19def39577817
9ce8bd0ee36a0c73ad575c2b1a3d8117bb51a83021a64510197960c8fe5a1e72
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a22c497288d6b312171de3df8ed00831f34a76a52384c1ba9d504e11c98a5f21
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3df8424f0b695e8282f35325dcdff7182710e8002dfe2e5c6ff7372f75a7288
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aabd0009fc8c170d63f016728977356733bb4f66dfe34b6ff0759316724f4ab1
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
ae38d637b069f64d6f696445a5f7e50e977a8d321c580eb0c5001c76d59a3ea9
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc
afda7d79c82e59e6a50de2e7b00efc09049ce34765144fcb20e7ca8dd91480a7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b51b3249807a62bed6df5563f59e5a25bb83bfab738a66f894df12e13fc30519
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
b9958a0e376dd24d15097d2c829fe32c78270828ea8d964c52eead7d105cb333
b9c488975b6011ce1725d566a09a40b3ac7f7e759c6c99c0c270c7a7d3cd89dc
b9f2f61f55914c4f481d608c286ddcdbd4410fd7331b9f63cf7ea67b15a306ac
bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2
bdd0389c7e867665086f7f0ae498e275aecccc845979f484e0962b5a8a5142c3
bed098c35d99957d5f5816a2953cb765f339cf68aaac5fcd75e691de709b2fe2
c0aa8bc94a34ffefb544e82650888b4736b689d81bf84beb8ee8a4ef8e755887
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c74d5e7d6c98ffe40425bd4f4162fe24d570c763c5acc80c3cd94fdc08a2f713
c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d2b6af03788d2f7b0e4a334a17cca35522f5face6511fc7f42edd784bf5f63a4
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d82f91117053eb5d3d6fd1ff06cff792d9a6a8d55852535bde6bf3718df38113
d8647384e6833d9b894a3effdc0f875374b089e596836744f947d10bb268a1f1
de9aa1d1bb7a34ab0583eec465fc320ff0371792f5ef5b29b0a1b4ac2e04153d
e1ece626fe87a04169af2ab5669c3f92718e62755aeb00b17c9f817e0ce82c68
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e35743d759a46682638f005aefb5d74d762388384393ab0218ae1c6bf8c876b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e7c0991d44d04d906c7ffee0871cf272177a83e4af21102f362679053ba7be02
ed12722ade5d5da483cad57ccd581fd7c6cce038b1bc230aa6df621a7ea6bc34
ed3303e621e332844b519248392599006f0c559632aeb8c79ffd0b1c8324ae4c
ef080dc21a1f970a0306d263f7844300221504f2619ac5dfcf97b3fb1a2fba62
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3168403eabe87c4fa8bf097e63d6409e3e6d15a14825215c27e9e4f1f943c95
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32
fc5871b46b466a3aa4408768fbfda3dc3d6ce65d98a0dbef0ba0000d9e80a9a5
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

www.newseveryday.com Open in urlscan Pro 35.186.240.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

160 Requests

96 %HTTPS

59 %IPv6

27 Domains

41 Subdomains

35 IPs

1 Countries

3872 kBTransfer

6487 kBSize

30 Cookies

3 Outgoing links

Page URL History

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newseveryday.com Open in urlscan Pro
35.186.240.185 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

96 %
HTTPS

59 %
IPv6

27
Domains

41
Subdomains

35
IPs

1
Countries

3872 kB
Transfer

6487 kB
Size

30
Cookies

160 HTTP transactions
2 data transactions