www.newser.com Open in urlscan Pro
40.114.51.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.newser.com/
Effective URL:
https://www.newser.com/
Submission: On June 08 via manual (June 8th 2021, 5:40:20 pm UTC) from US

Summary HTTP 319 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 86 IPs in 9 countries across 70 domains to perform 319 HTTP transactions. The main IP is 40.114.51.62, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.newser.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 31st 2020. Valid for: a year.

This is the only time www.newser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	40.114.51.62 40.114.51.62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:46::67 2620:1ec:46::67	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
64	2620:1ec:bdf::67 2620:1ec:bdf::67	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	54.225.165.85 54.225.165.85	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6811:4e22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
3	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
65	2620:1ec:48::67 2620:1ec:48::67	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6810:9f11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1 3	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
2	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
1 3	52.222.174.42 52.222.174.42	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:218d:ec00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:218... 2600:9000:218d:a800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:40f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.208.31.26 18.208.31.26	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1 4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
7	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4 4	52.59.128.17 52.59.128.17	16509 (AMAZON-02) (AMAZON-02)
2	35.164.25.130 35.164.25.130	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	51.89.20.87 51.89.20.87	16276 (OVH) (OVH)
1	44.236.110.255 44.236.110.255	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
2	35.163.108.30 35.163.108.30	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:9eea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
9	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	18.211.29.63 18.211.29.63	14618 (AMAZON-AES) (AMAZON-AES)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	52.222.200.121 52.222.200.121	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.43 213.19.147.43	3356 (LEVEL3) (LEVEL3)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1	213.19.162.21 213.19.162.21	3356 (LEVEL3) (LEVEL3)
1	18.198.115.155 18.198.115.155	16509 (AMAZON-02) (AMAZON-02)
2 4	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.156.10.121 35.156.10.121	16509 (AMAZON-02) (AMAZON-02)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16 23	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1	2600:1f18:612... 2600:1f18:612b:4232:1f73:43cf:8eeb:9521	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	35.176.232.241 35.176.232.241	16509 (AMAZON-02) (AMAZON-02)
1 1	52.59.79.213 52.59.79.213	16509 (AMAZON-02) (AMAZON-02)
2	52.84.174.22 52.84.174.22	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1	34.205.51.230 34.205.51.230	14618 (AMAZON-AES) (AMAZON-AES)
1	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.48.248.240 52.48.248.240	16509 (AMAZON-02) (AMAZON-02)
1 2	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
8 11	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 1	66.180.64.123 66.180.64.123	62961 (BISNET1) (BISNET1)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.117.200.100 104.117.200.100	16625 (AKAMAI-AS) (AKAMAI-AS)
4	208.100.17.181 208.100.17.181	32748 (STEADFAST) (STEADFAST)
1 3	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	54.72.206.11 54.72.206.11	16509 (AMAZON-02) (AMAZON-02)
2 2	18.195.105.17 18.195.105.17	16509 (AMAZON-02) (AMAZON-02)
2 3	52.209.246.140 52.209.246.140	16509 (AMAZON-02) (AMAZON-02)
4 4	185.29.132.144 185.29.132.144	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 4	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
2 4	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	213.155.156.164 213.155.156.164	1299 (TELIANET ...) (TELIANET Telia Carrier)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
1 1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
319	86

5 40.114.51.62 (Washington, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:46::67 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static1-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 2620:1ec:bdf::67 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static2-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img1-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.225.165.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-165-85.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eb.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 2620:1ec:48::67 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

img2-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9f11 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.198.126.47 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.174.42 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-42.cdg50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218d:ec00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:218d:a800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:40f1 (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.208.31.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-31-26.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.59.128.17 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.164.25.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-25-130.us-west-2.compute.amazonaws.com

usync.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.20.87 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p19.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.236.110.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-110-255.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.163.108.30 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-108-30.us-west-2.compute.amazonaws.com

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:9eea (United States)

ASN13335 (CLOUDFLARENET, US)

player.propervideo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

propermedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.211.29.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-29-63.compute-1.amazonaws.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.200.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-200-121.cdg50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (Paris, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.21 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.115.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-115-155.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.53 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.10.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 159.253.128.188 (Amsterdam, Netherlands) 16 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:1f73:43cf:8eeb:9521 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.232.241 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-232-241.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.79.213 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.84.174.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-22.cdg50.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.51.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.248.240 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.226 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4a0da0c88ec7e709c3f92d0f2c3a4bdb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.180.64.123 (United States) 1 redirects

ASN62961 (BISNET1, US)

924-img.c3tag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 208.100.17.181 (United States)

ASN32748 (STEADFAST, US)

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.206.11 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.105.17 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.209.246.140 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.132.144 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.238 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.164 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.80.231 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ns574734.ip-51-222-80.net

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
138	newser.com 1 redirects www.newser.com static1-azrcdn.newser.com static2-azrcdn.newser.com img2-azrcdn.newser.com img1-azrcdn.newser.com	5 MB
25	simpli.fi 16 redirects i.simpli.fi um.simpli.fi	14 KB
24	doubleclick.net 10 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	154 KB
20	googlesyndication.com pagead2.googlesyndication.com 4a0da0c88ec7e709c3f92d0f2c3a4bdb.safeframe.googlesyndication.com tpc.googlesyndication.com	206 KB
13	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image4.pubmatic.com image2.pubmatic.com simage2.pubmatic.com	28 KB
11	rubiconproject.com 4 redirects fastlane.rubiconproject.com pixel.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	17 KB
10	ampproject.org cdn.ampproject.org	201 KB
9	openx.net propermedia-d.openx.net us-u.openx.net eu-u.openx.net	2 KB
7	google.com 3 redirects www.google.com adservice.google.com	1 KB
7	yahoo.com 4 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com ads.yahoo.com	4 KB
7	proper.io global.proper.io usync.proper.io bids.proper.io eb.proper.io	101 KB
6	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	5 KB
5	exelator.com 2 redirects loadus.exelator.com load77.exelator.com loadm.exelator.com loada.exelator.com	3 KB
5	quantserve.com 2 redirects secure.quantserve.com pixel.quantserve.com	10 KB
4	adsrvr.org 2 redirects match.adsrvr.org	1 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	mathtag.com 4 redirects sync.mathtag.com	2 KB
4	tynt.com de.tynt.com	1 KB
4	amazon-adsystem.com c.amazon-adsystem.com	36 KB
4	33across.com ssc.33across.com	3 KB
4	bidswitch.net 4 redirects x.bidswitch.net	1 KB
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	rlcdn.com api.rlcdn.com idsync.rlcdn.com id.rlcdn.com	394 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	twitter.com platform.twitter.com syndication.twitter.com	132 KB
2	onaudience.com 1 redirects pixel.onaudience.com	733 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	629 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	968 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	973 B
2	pro-market.net 2 redirects fei.pro-market.net	878 B
2	intentiq.com sync.intentiq.com
2	agkn.com 2 redirects aa.agkn.com d.agkn.com	963 B
2	tapad.com 1 redirects pixel.tapad.com	908 B
2	criteo.com bidder.criteo.com dis.criteo.com	534 B
2	districtm.io dmx.districtm.io cdn.districtm.io	319 B
2	chartbeat.net ping.chartbeat.net	400 B
2	rddywd.com rddywd.com	1 KB
2	quantcount.com rules.quantcount.com	864 B
2	facebook.net connect.facebook.net	67 KB
2	4dsply.com cdn.engine.4dsply.com engine.4dsply.com	66 KB
2	addthis.com s7.addthis.com	190 KB
2	googleapis.com fonts.googleapis.com www.googleapis.com	1 KB
1	de17a.com d5p.de17a.com	134 B
1	brealtime.com biddr.brealtime.com	1 KB
1	c3tag.com 1 redirects 924-img.c3tag.com	665 B
1	google.fr adservice.google.fr	165 B
1	google.de www.google.de	108 B
1	googleadservices.com 1 redirects www.googleadservices.com	308 B
1	bluekai.com stags.bluekai.com	745 B
1	bfmio.com sync.bfmio.com	421 B
1	tremorhub.com simplifi.partners.tremorhub.com	183 B
1	media.net prebid.media.net	1 KB
1	emxdgt.com hb.emxdgt.com	159 B
1	sharethrough.com btlr.sharethrough.com	114 B
1	omnitagjs.com hb-api.omnitagjs.com	759 B
1	1rx.io tag.1rx.io	170 B
1	sonobi.com apex.go.sonobi.com	764 B
1	casalemedia.com as-sec.casalemedia.com	509 B
1	propervideo.io player.propervideo.io	24 KB
1	sharedid.org id.sharedid.org	214 B
1	id5-sync.com id5-sync.com	532 B
1	addthisedge.com v1.addthisedge.com	556 B
1	moatads.com z.moatads.com	1 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	ipify.org api.ipify.org	253 B
319	70

	Domain	Requested by
65	img2-azrcdn.newser.com	www.newser.com static1-azrcdn.newser.com
63	img1-azrcdn.newser.com	www.newser.com static1-azrcdn.newser.com
23	um.simpli.fi	16 redirects ads.pubmatic.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.newser.com cdn.ampproject.org
11	cm.g.doubleclick.net	8 redirects eu-u.openx.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
7	securepubads.g.doubleclick.net	global.proper.io securepubads.g.doubleclick.net www.newser.com www.googletagservices.com
6	www.google.com	3 redirects tpc.googlesyndication.com www.newser.com
6	pagead2.googlesyndication.com	www.newser.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	www.newser.com	1 redirects www.newser.com static1-azrcdn.newser.com
4	image2.pubmatic.com	ads.pubmatic.com
4	token.rubiconproject.com	4 redirects
4	match.adsrvr.org	2 redirects eu-u.openx.net
4	c1.adform.net	3 redirects ads.pubmatic.com
4	sync.mathtag.com	4 redirects
4	de.tynt.com	global.proper.io
4	eu-u.openx.net	global.proper.io eu-u.openx.net
4	us-u.openx.net	eu-u.openx.net
4	pixel.rubiconproject.com
4	ib.adnxs.com	2 redirects global.proper.io
4	c.amazon-adsystem.com	global.proper.io c.amazon-adsystem.com
4	ssc.33across.com	global.proper.io
4	x.bidswitch.net	4 redirects
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.newser.com
4	pixel.quantserve.com	2 redirects www.newser.com
4	static1-azrcdn.newser.com	www.newser.com
3	simage2.pubmatic.com	ads.pubmatic.com
3	match.prod.bidr.io	2 redirects eu-u.openx.net
3	pr-bh.ybp.yahoo.com	1 redirects eu-u.openx.net ads.pubmatic.com
3	ups.analytics.yahoo.com	3 redirects
3	sb.scorecardresearch.com	1 redirects www.newser.com
2	pixel.onaudience.com	1 redirects ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	sync-tm.everesttech.net	2 redirects
2	ads.creative-serving.com	2 redirects
2	pm.w55c.net	2 redirects
2	eus.rubiconproject.com	global.proper.io eus.rubiconproject.com
2	ads.pubmatic.com	global.proper.io ads.pubmatic.com
2	ad.doubleclick.net	1 redirects www.newser.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	sync.search.spotxchange.com	1 redirects
2	ce.lijit.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com
2	pixel.tapad.com	1 redirects
2	bids.proper.io	global.proper.io
2	usync.proper.io	www.newser.com
2	ping.chartbeat.net	www.newser.com
2	rddywd.com	www.newser.com
2	rules.quantcount.com	secure.quantserve.com
2	i.simpli.fi	www.newser.com i.simpli.fi
2	connect.facebook.net	www.newser.com connect.facebook.net
2	s7.addthis.com	www.newser.com s7.addthis.com
2	global.proper.io	www.newser.com global.proper.io
2	platform.twitter.com	static1-azrcdn.newser.com platform.twitter.com
1	loada.exelator.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	d5p.de17a.com	ads.pubmatic.com
1	ads.yahoo.com
1	id.rlcdn.com
1	image6.pubmatic.com	ads.pubmatic.com
1	secure.adnxs.com	acdn.adnxs.com
1	biddr.brealtime.com	global.proper.io
1	cdn.districtm.io	global.proper.io
1	acdn.adnxs.com	global.proper.io
1	924-img.c3tag.com	1 redirects
1	4a0da0c88ec7e709c3f92d0f2c3a4bdb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.fr	securepubads.g.doubleclick.net
1	www.google.de
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	stags.bluekai.com
1	sync.bfmio.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb.proper.io	global.proper.io
1	bidder.criteo.com	global.proper.io
1	prebid.media.net	global.proper.io
1	hb.emxdgt.com	global.proper.io
1	btlr.sharethrough.com	global.proper.io
1	fastlane.rubiconproject.com	global.proper.io
1	hb-api.omnitagjs.com	global.proper.io
1	tag.1rx.io	global.proper.io
1	hbopenbid.pubmatic.com	global.proper.io
1	dmx.districtm.io	global.proper.io
1	apex.go.sonobi.com	global.proper.io
1	propermedia-d.openx.net	global.proper.io
1	as-sec.casalemedia.com	global.proper.io
1	player.propervideo.io	global.proper.io
1	api.rlcdn.com	global.proper.io
1	id.sharedid.org	global.proper.io
1	id5-sync.com	global.proper.io
1	syndication.twitter.com	platform.twitter.com
1	v1.addthisedge.com	s7.addthis.com
1	www.googleapis.com	www.newser.com
1	z.moatads.com	s7.addthis.com
1	load77.exelator.com	www.newser.com
1	engine.4dsply.com	cdn.engine.4dsply.com
1	static.chartbeat.com	www.newser.com
1	loadus.exelator.com	www.newser.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.engine.4dsply.com	www.newser.com
1	secure.quantserve.com	www.newser.com
1	api.ipify.org	static1-azrcdn.newser.com
1	static2-azrcdn.newser.com	www.newser.com
1	fonts.googleapis.com	www.newser.com
319	110

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.microsoft.com

Subject Issuer	Validity	Valid
*.newser.com Go Daddy Secure Certificate Authority - G2	`2020-12-31` - `2022-02-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
static1-azrcdn.newser.com DigiCert SHA2 Secure Server CA	`2020-09-27` - `2021-09-27`	a year	crt.sh
static2-azrcdn.newser.com DigiCert SHA2 Secure Server CA	`2020-09-27` - `2021-09-27`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
img2-azrcdn.newser.com DigiCert SHA2 Secure Server CA	`2020-09-27` - `2021-09-27`	a year	crt.sh
img1-azrcdn.newser.com DigiCert SHA2 Secure Server CA	`2020-09-27` - `2021-09-27`	a year	crt.sh
4dsply.com Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
1605158521.rsc.cdn77.org R3	`2021-05-26` - `2021-08-24`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-11` - `2021-08-11`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-30` - `2021-11-29`	a year	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2020-12-20` - `2022-01-20`	a year	crt.sh
*.id5-sync.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
id.sharedid.org Amazon	`2021-01-08` - `2022-02-06`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.emxdgt.com Amazon	`2020-07-31` - `2021-08-30`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.intentiq.com Amazon	`2021-04-04` - `2022-05-03`	a year	crt.sh
*.bfmio.com Amazon	`2021-05-16` - `2022-06-14`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-27` - `2021-07-14`	2 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2021-05-28` - `2022-05-28`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.newser.com/
Frame ID: DA90451E7ADD41846261DDE53D84F538
Requests: 233 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.newser.com
Frame ID: 23E08050C62B156C685A4FD34EBE9177
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210603/r20190131/zrt_lookup.html
Frame ID: 665046DF80A4D733FB44203EEF00303F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 98AF3ED3EEB5EFEDA08735650ECF5D99
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5D7091403925A9B7A0330247F248876B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssL-jROOxMC-V-0gq5oZlSXF3BcoeDkvpLNF7uAbuRvd9sPuqHR1f_NBHI25OA0wYh6UtBSBz_DJvjdS9d22B1LUPEMtkQqdIaG7qTvm5VZlPnkOvtDdmcLtvVxUmMW57TH6LGw6XZeiZJYttelQgxjbrjr05GzbaSf6B7_HnM__Oxng_aLG73AVaSvayHhZFlIrndFsFpagKM00p9--_eaK5kAvKC5GX7VTuLe-hASKsEJca-bwayEBDFPbFFD1VECe_Cw5wt3Ncs_1W40QghBK1KEFzPKfS4BGE3kbEI6gTEHyAV9mGcpFYeaRbGL&sig=Cg0ArKJSzMt1COhCP3GXEAE&urlfix=1&adurl=
Frame ID: D155AAB9E94A2EBD302A7407087DFDA4
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs
Frame ID: 0A742A2C508B78F38FD1F08F98F5F294
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs
Frame ID: F6C95382F336ACF55386D20D21B6119C
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 2919A1B2D07F21B8ED752EB0F4F3CB28
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 9D8053C20D11B624897CC2DB14EB594E
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 500329B0BAE06742A3D615B9D6D0C21B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C6E91100611B754E37CF3F6536ACBAD9
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1F7EE6285C0D44779BFBD531E91BB843
Requests: 10 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Frame ID: 86ED39F66E11600563B55CE3174BCCD2
Requests: 11 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=auLbLMbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 034322E2134B6ACCC0CA96716A5B3111
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aYM3dqbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 662B318575E55095767C4E228EA07024
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aAb9LgbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 09996BD1EAA730DBCB8DF2A27CEA2E8E
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aVbmTmbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 4FCC5409FA97764AA4E5BD383039A049
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=A5F6FE14-C14D-4F37-9D2A-D641A3C05C03
Frame ID: 5FD9820D86586D749FFD111EB0B92CE5
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 63E734DE063AED799A478E61BA936B72
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 9DBB8C0C5D8554847E33A29396824EDF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.newser.com/ HTTP 301
https://www.newser.com/ Page URL

Page Statistics

319
Requests

99 %
HTTPS

29 %
IPv6

70
Domains

110
Subdomains

86
IPs

9
Countries

6115 kB
Transfer

9271 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://itunes.apple.com/us/app/newser/id334678577?mt=8&uo=4

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.newser2

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/store/apps/9NRBJ0VZQX72

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/newser/id334678577?mt=8

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.newser.com/ HTTP 301
https://www.newser.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105

https://sb.scorecardresearch.com/b?c1=2&c2=6035830&ns__t=1623173980671&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1623173980671&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=

Request Chain 121

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D3da64748-2156-4715-8226-a239c5d1d776%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_948d5ab5_219cd1da_1 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D3da64748-2156-4715-8226-a239c5d1d776%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_948d5ab5_219cd1da_1 HTTP 302
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=3da64748-2156-4715-8226-a239c5d1d776&uid=523fda2f-81d9-45a6-bd19-5ff064931c35

Request Chain 122

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_22348198_2d820270_2 HTTP 302
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_22348198_2d820270_2&verify=true HTTP 302
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-ZhCziaNE2uFdrGbss5L7_8K59AfFvg6b~A

Request Chain 201

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=5A5AB8CE9B9B4C538B94290CC70E9F07

Request Chain 202

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=5A5AB8CE9B9B4C538B94290CC70E9F07 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=5A5AB8CE9B9B4C538B94290CC70E9F07

Request Chain 203

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=5A5AB8CE9B9B4C538B94290CC70E9F07 HTTP 302
https://d.agkn.com/pixel/10751/?che=1623173981&ip=82.102.18.114&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164880503811000552190 HTTP 302
https://um.simpli.fi/aa_px?sk=164880503811000552190

Request Chain 205

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=5A5AB8CE9B9B4C538B94290CC70E9F07

Request Chain 208

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=5A5AB8CE9B9B4C538B94290CC70E9F07;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=5A5AB8CE9B9B4C538B94290CC70E9F07;mimetype=img;sr HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=3508560098466219288

Request Chain 209

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=5A5AB8CE9B9B4C538B94290CC70E9F07&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=5A5AB8CE9B9B4C538B94290CC70E9F07&j=0&xl8blockcheck=1

Request Chain 211

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=5A5AB8CE9B9B4C538B94290CC70E9F07

Request Chain 212

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=5A5AB8CE9B9B4C538B94290CC70E9F07

Request Chain 213

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=5A5AB8CE9B9B4C538B94290CC70E9F07 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=5A5AB8CE9B9B4C538B94290CC70E9F07

Request Chain 214

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=5A5AB8CE9B9B4C538B94290CC70E9F07 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=5A5AB8CE9B9B4C538B94290CC70E9F07&dnr=1

Request Chain 215

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=5A5AB8CE9B9B4C538B94290CC70E9F07

Request Chain 216

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1623173981563&cv=7&fst=1623173981563&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=973273668&cv=7&fst=1623173981563&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Xau_YO2DJebD7_UP1N2F2A8&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=973273668&cv=7&fst=1623173981563&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Xau_YO2DJebD7_UP1N2F2A8&random=4013333665 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=973273668&cv=7&fst=1623173981563&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Xau_YO2DJebD7_UP1N2F2A8&random=4013333665&ipr=y

Request Chain 217

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=5A5AB8CE9B9B4C538B94290CC70E9F07 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=5A5AB8CE9B9B4C538B94290CC70E9F07&__user_check__=1&sync_id=821a4962-c880-11eb-a542-16821cb20206

Request Chain 218

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=5A5AB8CE9B9B4C538B94290CC70E9F07 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D5A5AB8CE9B9B4C538B94290CC70E9F07

Request Chain 219

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=5A5AB8CE9B9B4C538B94290CC70E9F07&expires=365

Request Chain 220

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=5A5AB8CE9B9B4C538B94290CC70E9F07

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEMxeHm2OUhIJxgW_oU530tg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5A5AB8CE9B9B4C538B94290CC70E9F07 HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 259

https://924-img.c3tag.com/v.gif?cid=924&c3ce=700&C3NO=1&adid=2198166531&c3=N349404.134426GOOGLEDISPLAYNETWO-305254819&creative=152176233&redirect=~{https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B20065566.305254819;dc_trk_aid=497668517;dc_trk_cid=152176233;ord=2198166531;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?}~ HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B20065566.305254819;dc_trk_aid=497668517;dc_trk_cid=152176233;ord=2198166531;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B20065566.305254819;dc_pre=CN7R2aXKiPECFROD3godcw4C8A;dc_trk_aid=497668517;dc_trk_cid=152176233;ord=2198166531;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 263

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 267

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 284

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=dWV2CdvQ1LQFHB5

Request Chain 285

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=523fda2f-81d9-45a6-bd19-5ff064931c35 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=523fda2f-81d9-45a6-bd19-5ff064931c35 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=487d49e8-f999-4a79-8324-4de2b9c7e6f4&ssp=openx&expires=30&user_group=5&bsw_param=523fda2f-81d9-45a6-bd19-5ff064931c35 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=523fda2f-81d9-45a6-bd19-5ff064931c35

Request Chain 286

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbTNFN0JmMWNBQURNaE5YVmpLUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 287

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=21da60bf-ab63-4900-8e13-cf99d1cc7e06

Request Chain 288

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=GmEax00zTcIBM0rHGmdVkUgwQZQBYEDCFGDoUJAn

Request Chain 289

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1953520803289218904

Request Chain 292

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEfouM9FMPrfdHRyDVQAjkQ&google_cver=1

Request Chain 296

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWNiY2I3NmZjNzM0NTU5MGM5ZWE0NzQxMGQ3ODQ1M2Y1MzM3ZjBhOA

Request Chain 297

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/myRlZc7qBKkR2c0ZV4A4CA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1219350307136908981

Request Chain 300

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BPQlZOR1AtTy05QjVS

Request Chain 301

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPOBVNGP-O-9B5R&sigv=1&esig=2~245d1476542f31145879f05a9c6a737944a13231

Request Chain 302

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=21da60bf-ab63-4900-8e13-cf99d1cc7e06

Request Chain 303

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YL_rZAABoSY4rwA4 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YL_rZAABoSY4rwA4&_test=YL_rZAABoSY4rwA4

Request Chain 307

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pfb-FMFNTzedKtZBo8BcAw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 308

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=21da60bf-ab63-4900-8e13-cf99d1cc7e06

Request Chain 309

https://pixel.onaudience.com/?partner=214&mapped=A5F6FE14-C14D-4F37-9D2A-D641A3C05C03 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b555c81594a760d76380b70f52af826b

Request Chain 310

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTVGNkZFMTQtQzE0RC00RjM3LTlEMkEtRDY0MUEzQzA1QzAz&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 311

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJRQJOeTrLRmG-k13UFyC7U&google_cver=1

Request Chain 313

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1953520803289218904

Request Chain 314

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:21da60bf-ab63-4900-8e13-cf99d1cc7e06&gdpr=0&gdpr_consent=

Request Chain 315

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=574ce940-cfae-42f9-a38d-d2b1ac0fee02

Request Chain 316

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8884958538427554348&gdpr=0&gdpr_consent=

Request Chain 318

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A5F6FE14-C14D-4F37-9D2A-D641A3C05C03&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5.M8AstE2uXbHcaoNiih_rjJPRYklMU-~A&gdpr=0&gdpr_consent=

Request Chain 319

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Mx2uemRP-X8oT_56MxvhLGFM9SkoHPR_PRzmWVOl

319 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.newser.com/
Redirect Chain

http://www.newser.com/
https://www.newser.com/

245 KB
66 KB

632ms
319ms

Document
text/html

40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 524b71a92404a1b6eadc5046f736849a1f1437b66ef3ea45b147849e12bc48c8

Request headers

Host: www.newser.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private, no-store
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Tue, 08 Jun 2021 17:38:40 GMT
Vary: Accept-Encoding
Scheme: https
RawURL: /
Set-Cookie: ASP.NET_SessionId=stni2f2v4taq21lylzkaycei; path=/; HttpOnly; SameSite=Lax USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1468861877; expires=Fri, 06-Jun-2031 17:39:40 GMT; path=/; secure; SameSite=Lax USERSETTINGS=; expires=Mon, 07-Jun-2021 17:39:40 GMT; path=/; secure; SameSite=Lax
Date: Tue, 08 Jun 2021 17:39:39 GMT

Redirect headers

Location: https://www.newser.com/
Scheme: http
RawURL: /
Date: Tue, 08 Jun 2021 17:39:39 GMT
Content-Length: 0

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

871a8f1084b6a27c4a67c854ba86e745d89be827f9bbc9057cbf3e535722cee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 17:39:40 GMT
server: ESF
date: Tue, 08 Jun 2021 17:39:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Jun 2021 17:39:40 GMT

GET
H2 200 stylesheet.ashx
static1-azrcdn.newser.com/stylesheets/20210603_0800/ 130 KB
19 KB 65ms
8ms Stylesheet
text/css 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/stylesheets/20210603_0800/stylesheet.ashx?file=responsive.css
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8094fe54e20198e93bf1eed4a50058fd0088c1a711f8a66f9fbd1a95879e1f1f

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: br
x-azure-ref-originshield: 0YT2/YAAAAACNCF6Z2W1BTrl4Dc5iB8UVTE9OMjFFREdFMDIyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /stylesheets/20210603_0800/stylesheet.ashx?file=responsive.css
x-azure-ref: 0XKu/YAAAAAALkt2iSH0BQpCJYKpFHOpHRlJBRURHRTEwMDcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/css; charset=utf-8
cache-control: public, max-age=2592000
scheme: https

GET
H2 200 jquery-1.12.4.min.js Show response
static1-azrcdn.newser.com/javascript/20210603_0800/ 114 KB
34 KB 70ms
13ms Script
text/javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/javascript/20210603_0800/jquery-1.12.4.min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: br
last-modified: Fri, 04 Dec 2020 19:36:38 GMT
x-azure-ref-originshield: 0C1K/YAAAAABucr0i/vycT4Oo4qm/evsoTE9OMjFFREdFMTUwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAACCeNSNfMXhRY9ZI+fAJs/fRlJBRURHRTEwMDcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 javascript.ashx Show response
static1-azrcdn.newser.com/javascript/20210603_0800/ 207 KB
40 KB 71ms
15ms Script
text/javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/javascript/20210603_0800/javascript.ashx?file=newser.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f32d23e2698ffb31c43c96733607bee16d5ef94cd42d90306326e7f6cb7df10a

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: br
x-azure-ref-originshield: 0QRi/YAAAAADv8TXTOo+zQ5SpebYPo/GHTE9OMjFFREdFMTUxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /javascript/20210603_0800/javascript.ashx?file=newser.js
x-azure-ref: 0XKu/YAAAAACnAqZ6JNolRp5GKoIeemi/RlJBRURHRTEwMDcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
scheme: https

GET
H2 200 modernizr-custom.js Show response
static2-azrcdn.newser.com/javascript/20210603_0800/ 2 KB
1 KB 26ms
9ms Script
text/javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static2-azrcdn.newser.com/javascript/20210603_0800/modernizr-custom.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 18:04:17 GMT
x-azure-ref-originshield: 0tS6/YAAAAADZ6IkEHaOFRoWHHuWc2tz6TE9OMjFFREdFMDExNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAAD2ZwStB8tZSrGBvtUDLZc+RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 jcarousel_min.js Show response
static1-azrcdn.newser.com/javascript/20210603_0800/ 18 KB
5 KB 9ms
9ms Script
text/javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/javascript/20210603_0800/jcarousel_min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 18:04:17 GMT
x-azure-ref-originshield: 0pDG/YAAAAAAe8+SPzhHvRbZBFdyJoFZNTE9OMjFFREdFMDEyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAACgN54EQ1NUSraHEDfA2ReCRlJBRURHRTEwMDcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 38ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20210603_0800/javascript.ashx?file=newser.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 17:39:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/675D)
Age: 1065
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
253 B 418ms
106ms XHR
application/json 54.225.165.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20210603_0800/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.165.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-165-85.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 92a2fc6cc9cd39249eebb8dab7e6c26275727e0779deefb14cc6a07bf44b0555

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 17:39:40 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newser.com
Connection: keep-alive
Content-Length: 22

GET
H2 200 newser.min.js Show response
global.proper.io/ 27 KB
7 KB 63ms
33ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/newser.min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad668da6debc1b1754a49e828c7cd16c672adc9faf67dba9f27eb88a9daba43b

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 18:34:21 GMT
server: cloudflare
age: 342236
etag: W/"60ba722d-6d41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 65c3e6a22eb1c303-FRA
cf-request-id: 0a8e4e795e0000c30344a3f000000001
expires: Tue, 08 Jun 2021 17:44:40 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 39ms
7ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 15 Jun 2021 17:39:40 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 122ms
41ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Tue, 08 Jun 2021 17:39:40 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 Back-Arrow-Button2.png
img2-azrcdn.newser.com/images/header/ 271 B
396 B 197ms
143ms Image
image/png 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/Back-Arrow-Button2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c0e2de1910c51b9146fec0cc847f64b28a62b86f030e1ea05a7d8b05c130dc9f

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref: 0XKu/YAAAAAC4JrdrAlzrT6hIiEOBdByJTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 271

GET
H2 200 logo_white_text4.png
img1-azrcdn.newser.com/images/ 5 KB
5 KB 40ms
8ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/logo_white_text4.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c00e4b444e4089660152f10bb0cf87d45be907756bf33150841afc2f8a69d791

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Sat, 08 Aug 2020 15:47:42 GMT
x-azure-ref-originshield: 0y4e/YAAAAABShNWKsLBZTZKebWT29aOZTE9OMjFFREdFMDExOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAADglzLR+DvCTJ0kt037+nllRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5004

GET
H2 200 menu2.png
img1-azrcdn.newser.com/images/header/ 265 B
499 B 40ms
9ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/menu2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0ywy/YAAAAAC8pXge0fL/Q4M0QOwp+cuSTE9OMjFFREdFMDIwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAAB0sXQKJPh4SIPUr+IK+EdTRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 265

GET
H2 200 next-active.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 40ms
9ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/next-active.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0YC+/YAAAAAC4BS8jvFMmSK5THhpOXiHaTE9OMjFFREdFMTUwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAACBVviBWnpKSpPxnYnk4p8yRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1304

GET
H2 200 next-inactive.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 43ms
12ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/next-inactive.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0+lS/YAAAAACIxPkijenhT7PeBEjEpdGVTE9OMjFFREdFMTUwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAAD3X75G8pTUTpo+WnfZhcatRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1096

GET
H2 200 prev-active.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 37ms
9ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/prev-active.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0qXS/YAAAAACAeLC55EniRpN2tRs138OSTE9OMjFFREdFMDEwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAAA6TzAHGtiWS4r9PMssONt6RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1295

GET
H2 200 prev-inactive.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 39ms
30ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/prev-inactive.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0ywy/YAAAAAAraOcJ6MBTRLD1+wzU7xJnTE9OMjFFREdFMTUxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAADVfHstGCe5Trf2WzOzYhcKRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1071

GET
H2 200 spacer.gif
img1-azrcdn.newser.com/images/ 43 B
282 B 39ms
30ms Image
image/gif 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/spacer.gif
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield: 06eC+YAAAAABbpd1/CCbPQ497dfZbh87jTE9OMjFFREdFMTUxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAADS2ra9GlNqSZpTrwldbco4RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 43

GET
H2 200 Suggest_Icon.png
img1-azrcdn.newser.com/images/ 723 B
956 B 40ms
31ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/Suggest_Icon.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref-originshield: 0+lS/YAAAAADa3UFov5jVQ4fseHZ1H4bjTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAAAgE/xYF33ARKWg3H1oY+d4RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 723

GET
H2 200 Apple.png
img1-azrcdn.newser.com/images/footer/ 511 B
775 B 49ms
41ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/footer/Apple.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0+1S/YAAAAAA2UFRcdJM6SbLf6vXIepD0TE9OMjFFREdFMDExOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAACW8twNnYOQQpJvg5Bs234VRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 511

GET
H2 200 Android.png
img1-azrcdn.newser.com/images/footer/ 647 B
856 B 49ms
41ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/footer/Android.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0ywy/YAAAAABKYn7ysh68RrJujkoOpxyPTE9OMjFFREdFMDEyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAAAWmDy9sN6zQZtKFjTl7eGzRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 647

GET
H2 200 Windows.png
img1-azrcdn.newser.com/images/footer/ 573 B
782 B 50ms
41ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/footer/Windows.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0oSS/YAAAAACqFCHeWISXS52Hu0SabXcNTE9OMjFFREdFMTUxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAAAiiHmuyyJbRr5cQVL1TthlRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 573

GET
H2 200 icon-72r2.png
img2-azrcdn.newser.com/images/pwa/ 2 KB
2 KB 133ms
110ms Image
image/png 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/pwa/icon-72r2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 06 Jul 2020 18:04:15 GMT
x-azure-ref: 0XKu/YAAAAACS4GD1nA9wRrQUPAd2H54iTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2120

GET
H2 200 logo-newser-top.jpg
img2-azrcdn.newser.com/images/ 28 KB
28 KB 35ms
32ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/logo-newser-top.jpg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d8f64ca73c0faaf5d9d1e56252a2d89a23262ea516e7d731adaf5f255d4081a3

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref: 0XKu/YAAAAAB5QG3SqXX9Sr9XICru6S/STE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 28636

GET
H2 200 Grid_Icon.png
img2-azrcdn.newser.com/images/ 202 B
351 B 133ms
110ms Image
image/png 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/Grid_Icon.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3b556e6cee32c4b0c80ef893fd00eaea90330b3a127a8dffecabbedaf6aba7c5

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref: 0XKu/YAAAAAAR2TPMyjIgRZTHanbFTnPyTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 202

GET
H2 200 Popular_Icon.png
img1-azrcdn.newser.com/images/ 1005 B
1 KB 40ms
32ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/Popular_Icon.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 316f775333e0567a2ea23141b96349652855962025964f0ba097c64c06fb639a

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield: 0ZCO/YAAAAABfNeM0SlqSSq1BxvwLdw+XTE9OMjFFREdFMDIxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAABngY4a7/kYSJNIwiPkCJ6DRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1005

GET
H2 200 evangelist-rick-warren-to-retire-as-saddleback-pastor.jpeg
img1-azrcdn.newser.com/square-image/307116-20210608123000-M/ 50 KB
50 KB 16ms
8ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307116-20210608123000-M/evangelist-rick-warren-to-retire-as-saddleback-pastor.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7bd3930cad338245d904700ea5a4dd7263a72d0518af7c5e78c7a20fb62e8f27

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 17:31:14 GMT
x-azure-ref-originshield: 0gqm/YAAAAAAl2MsffRtOSrrctxqDjQyWTE9OMjFFREdFMDExNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307116-20210608123000-M/evangelist-rick-warren-to-retire-as-saddleback-pastor.jpeg
x-azure-ref: 0XKu/YAAAAAAx2y9B9hapSKnCWkEm/H9QRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 51135
scheme: https

GET
H2 200 1-in-4-of-us-need-a-new-jeans-size.jpeg
img2-azrcdn.newser.com/square-image/307111-20210608123622-M/ 47 KB
47 KB 128ms
125ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307111-20210608123622-M/1-in-4-of-us-need-a-new-jeans-size.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bace79d4918a28acf1fe4a41fdd448c7c59d95c8f713c45770e26e6627563952

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 17:37:33 GMT
rawurl: /square-image/307111-20210608123622-M/1-in-4-of-us-need-a-new-jeans-size.jpeg
x-azure-ref: 0XKu/YAAAAADQiXhLbdg5RZ1flJTq3bTNTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 48188
scheme: https

GET
H2 200 2-dueling-views-on-jeff-bezos-space-trip.jpeg
img1-azrcdn.newser.com/square-image/307126-20210608120514-M/ 39 KB
39 KB 28ms
21ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307126-20210608120514-M/2-dueling-views-on-jeff-bezos-space-trip.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f05dff5a881c3c76b8158abe39eb92a74c6770ca1f2ba2504fdd32ac429616d4

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 17:06:37 GMT
x-azure-ref-originshield: 09aO/YAAAAADe1ZNIN4r4RbT/rQjwjufxTE9OMjFFREdFMDIwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307126-20210608120514-M/2-dueling-views-on-jeff-bezos-space-trip.jpeg
x-azure-ref: 0XKu/YAAAAAB7dYsjFCD2R6oqymtBRy+lRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 39720
scheme: https

GET
H2 200 infinity.js.aspx Show response
cdn.engine.4dsply.com/Scripts/ 179 KB
63 KB 61ms
16ms Script
application/x-javascript 2606:4700::6810:9f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 66f5ce1449dd4f1f6cf64df36e5cf119a4af9d2f1da9699154a66376686825c7

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: gzip
cf-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
age: 10
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: public, no-transform, max-age=900
cf-ray: 65c3e6a29b4b4eb6-FRA
content-type: application/x-javascript; charset=utf-8
cf-request-id: 0a8e4e799b00004eb623be4000000001

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 41ms
4ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca431cca290d2b921319076610824b45bb2f2941dacf556278230b0d15de567c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jFVzu4Mv1d79+Vol70y7sw==
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Jun 2021 17:46:11 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: ZG7eTMbMkRrNqMNxi1e9ZRtcrRiVc8hgCbXu9Ty352uLtItolwFOp1vLctNH8uCkzkhdpNOz1U4HXDlmQtK6jA==
x-fb-trip-id: 686109401
x-fb-content-md5: a4da4d209c0780bcf04b83f39aa90eab
date: Tue, 08 Jun 2021 17:39:40 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "24c63300a739515742742d3592a9a816"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 newsern2.png
img2-azrcdn.newser.com/images/header/ 782 B
1003 B 72ms
32ms Image
image/png 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/newsern2.png
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210603_0800/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3f9ebf128c9383c5fc8f3a73439f0e2dfb997f34318383e554b124e37c319c2e

Request headers

Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref: 0XKu/YAAAAADYx6tJ/g9/QKaKOs6SOPRhTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 782

GET
H2 200 triangle_white_down.svg
img1-azrcdn.newser.com/images/header/ 618 B
840 B 29ms
11ms Image
image/svg+xml 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/triangle_white_down.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210603_0800/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8

Request headers

Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0WUG/YAAAAACspMmsBNhoRpLrkfYpWJd1TE9OMjFFREdFMDEyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAAA9JeObj3cAR4iW+i0T+xcVRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 618

GET
H2 200 user_white.svg
img2-azrcdn.newser.com/images/header/ 1 KB
760 B 113ms
73ms Image
image/svg+xml 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/user_white.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210603_0800/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14

Request headers

Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref: 0XKu/YAAAAACjBKHWqUHTS7aLnen1L2K6TE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 search_white.svg
img2-azrcdn.newser.com/images/header/ 916 B
1 KB 182ms
142ms Image
image/svg+xml 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/search_white.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210603_0800/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb

Request headers

Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref: 0XKu/YAAAAADdB4nQ+H6jSZy6ZYa1A3vrTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 916

GET
H2 200 info-white.png
img2-azrcdn.newser.com/images/header/ 433 B
567 B 182ms
142ms Image
image/png 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/info-white.png
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210603_0800/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b

Request headers

Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref: 0XKu/YAAAAAB0dhcq4oeISLZx4KT5J48YTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 433

GET
H2 200 settings2-white.jpg
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 28ms
11ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/settings2-white.jpg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210603_0800/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703

Request headers

Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0y4e/YAAAAABbbY2OtmTwS7T2Yf14MdGVTE9OMjFFREdFMTUyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAAB1YirrLITdQKMGKomaepe1RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1244

GET
H2 200 newsletter_white.svg
img2-azrcdn.newser.com/images/header/ 912 B
1 KB 182ms
142ms Image
image/svg+xml 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/newsletter_white.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210603_0800/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec

Request headers

Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref: 0XKu/YAAAAABvY0+EdP62So9gCeh4MPzITE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 912

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newser.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 07:31:16 GMT
x-content-type-options: nosniff
age: 36504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 07:31:16 GMT

GET
H2 200 hate-over-bakerys-pride-cookies-met-with-so-much-good.jpeg
img2-azrcdn.newser.com/square-image/307123-20210608113614-M/ 39 KB
39 KB 97ms
94ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307123-20210608113614-M/hate-over-bakerys-pride-cookies-met-with-so-much-good.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1b33e7ec1ece87c3c94825eb3f254b7437ccaf644cc20240e58b929bb73475b1

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 16:39:55 GMT
rawurl: /square-image/307123-20210608113614-M/hate-over-bakerys-pride-cookies-met-with-so-much-good.jpeg
x-azure-ref: 0XKu/YAAAAACtvO8qqgjiT7dPEWO9OYFvTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 40066
scheme: https

GET
H2 200 frances-emmanuel-macron-gets-slapped-in-the-face.jpeg
img1-azrcdn.newser.com/square-image/307128-20210608111544-M/ 48 KB
49 KB 17ms
9ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307128-20210608111544-M/frances-emmanuel-macron-gets-slapped-in-the-face.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: aa79efd706b6a76332dc5dd13b59caad8b5c28c6f5e9a7b828fa6bbf0d4babdf

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 16:18:14 GMT
x-azure-ref-originshield: 0jJq/YAAAAAArgNdwhNldT5cVzo8n62SSTE9OMjFFREdFMTUxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307128-20210608111544-M/frances-emmanuel-macron-gets-slapped-in-the-face.jpeg
x-azure-ref: 0XKu/YAAAAABIeROxgBJ6R6nXBiSRaEjmRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 49409
scheme: https

GET
H2 200 weeks-before-trial-r-kellys-lawyers-want-out.jpeg
img2-azrcdn.newser.com/square-image/307125-20210608111409-M/ 41 KB
41 KB 94ms
91ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307125-20210608111409-M/weeks-before-trial-r-kellys-lawyers-want-out.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89024f4bea3b56e902aa3b4c36cb77e0d94ea62820904908143bb7152d64087d

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 16:15:29 GMT
rawurl: /square-image/307125-20210608111409-M/weeks-before-trial-r-kellys-lawyers-want-out.jpeg
x-azure-ref: 0XKu/YAAAAADZwXHG8T8cT6QxbU5wm9stTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 42162
scheme: https

GET
H2 200 6-late-night-jokes-about-trumps-pants.jpeg
img2-azrcdn.newser.com/square-image/307127-20210608102644-M/ 38 KB
38 KB 75ms
72ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307127-20210608102644-M/6-late-night-jokes-about-trumps-pants.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0c400382f8aca5b09fdf62e79d281ced69b14646f87b863dc9ff15beeaeb3609

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 15:31:46 GMT
rawurl: /square-image/307127-20210608102644-M/6-late-night-jokes-about-trumps-pants.jpeg
x-azure-ref: 0XKu/YAAAAADfAXtSE5s9SJ1CjlnpwrSMTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 38830
scheme: https

GET
H2 200 police-blame-car-crash-on-cicada.jpeg
img2-azrcdn.newser.com/square-image/307117-20210608111402-M/ 54 KB
54 KB 124ms
121ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307117-20210608111402-M/police-blame-car-crash-on-cicada.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: acef605a09d5b9b4ef3757aad919e6d14179144b812a1a04ad6c1da9d46646a7

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 16:15:29 GMT
rawurl: /square-image/307117-20210608111402-M/police-blame-car-crash-on-cicada.jpeg
x-azure-ref: 0XKu/YAAAAACVdwBA0wB8SZLwBcrPMz0JTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 55280
scheme: https

GET
H2 200 its-a-criminal-takedown-like-we-have-never-seen.jpeg
img2-azrcdn.newser.com/square-image/307119-20210608111030-M/ 60 KB
61 KB 144ms
141ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307119-20210608111030-M/its-a-criminal-takedown-like-we-have-never-seen.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 52d55efd325feebafd3047a26441624e27dc6f71e874b50e707a59aa2c84b777

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 16:13:34 GMT
rawurl: /square-image/307119-20210608111030-M/its-a-criminal-takedown-like-we-have-never-seen.jpeg
x-azure-ref: 0XKu/YAAAAABn8RxMTGIyQ5DLHS5+o13cTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 61729
scheme: https

GET
H2 200 49-democrats-50-republicans-and-1-joe-manchin.jpeg
img2-azrcdn.newser.com/square-image/307093-20210608090644-M/ 46 KB
46 KB 95ms
92ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307093-20210608090644-M/49-democrats-50-republicans-and-1-joe-manchin.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e12e6bd02faeec87b92bbdf4749500fad768dd1fd44b50324ac94143088a15b2

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 14:09:11 GMT
rawurl: /square-image/307093-20210608090644-M/49-democrats-50-republicans-and-1-joe-manchin.jpeg
x-azure-ref: 0XKu/YAAAAACpnxzAY0QxR66rKu9txRfOTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 47229
scheme: https

GET
H2 200 ukraines-soccer-uniform-ticks-off-russia.jpeg
img1-azrcdn.newser.com/square-image/307112-20210608084344-M/ 41 KB
41 KB 30ms
23ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307112-20210608084344-M/ukraines-soccer-uniform-ticks-off-russia.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9df7c72d32d76dc410949b91fc933432ee2f861921435df78ccc3f1f9aff300b

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 13:44:30 GMT
x-azure-ref-originshield: 0qXS/YAAAAABagyTjKThYRabovAxmFiBJTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307112-20210608084344-M/ukraines-soccer-uniform-ticks-off-russia.jpeg
x-azure-ref: 0XKu/YAAAAABMfDVjClCpTZM+UMda8SQ3RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 42133
scheme: https

GET
H2 200 its-alive-and-its-24k-years-old.jpeg
img1-azrcdn.newser.com/square-image/307098-20210608082000-M/ 44 KB
44 KB 31ms
24ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307098-20210608082000-M/its-alive-and-its-24k-years-old.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4378d967cda23be4c97dca5684694ba8e2a8ea25a06a4e46b3b0ff67cce47994

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 13:22:40 GMT
x-azure-ref-originshield: 0enC/YAAAAAAU9n+xg+OVSLt0Nw0zJUH8TE9OMjFFREdFMDIwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307098-20210608082000-M/its-alive-and-its-24k-years-old.jpeg
x-azure-ref: 0XKu/YAAAAADZlGutkpySRJfu9dHKeFurRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 45001
scheme: https

GET
H2 200 house_grid_morning.png
img1-azrcdn.newser.com/images/ 33 KB
34 KB 28ms
20ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/house_grid_morning.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 185b7539076b9f8d807c5740180aac4e2a4b3bc2912b4e9485950ccddb4cb39e

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0PHq/YAAAAADEQQ1Ao+BKRowLm3XsgdmQTE9OMjFFREdFMTUxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAADtz2hbM9HaRofq1KHbKCDERlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 34113

GET
H2 200 coast-guard-rescues-3-people-2-dogs-and-a-flamingo-floaty.jpeg
img2-azrcdn.newser.com/square-image/307109-20210608123608-M/ 59 KB
60 KB 96ms
92ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307109-20210608123608-M/coast-guard-rescues-3-people-2-dogs-and-a-flamingo-floaty.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dde8fca46a16df5fba8d4ef8e18512c06c58e5524355da4c4b770a7206a4227f

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 17:37:32 GMT
rawurl: /square-image/307109-20210608123608-M/coast-guard-rescues-3-people-2-dogs-and-a-flamingo-floaty.jpeg
x-azure-ref: 0XKu/YAAAAADGFJ1shhzBRYnGw2601KsWTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 60710
scheme: https

GET
H2 200 source-gaetzs-grand-plan-to-work-for-newsmax-foiled-by-newsmax.jpeg
img1-azrcdn.newser.com/square-image/307110-20210608072714-M/ 41 KB
42 KB 45ms
38ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307110-20210608072714-M/source-gaetzs-grand-plan-to-work-for-newsmax-foiled-by-newsmax.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d8ea30662b14d542bf54eda54a28081242310b3be6db3a48ca63a442e7ddc84e

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 12:28:38 GMT
x-azure-ref-originshield: 0qXS/YAAAAABdF+szr3lxSaHCyJUiHc8eTE9OMjFFREdFMTUyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307110-20210608072714-M/source-gaetzs-grand-plan-to-work-for-newsmax-foiled-by-newsmax.jpeg
x-azure-ref: 0XKu/YAAAAAB9BlErR5OQTpJP7xRhO4jwRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 42211
scheme: https

GET
H2 200 capitol-police-cop-horrified-at-lack-of-help-from-bosses.jpeg
img2-azrcdn.newser.com/square-image/307113-20210608111222-M/ 58 KB
58 KB 56ms
52ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307113-20210608111222-M/capitol-police-cop-horrified-at-lack-of-help-from-bosses.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: eddab757ee06928b40fde4d70e5968615046e77461b34d48504aadc66dd097e3

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 16:13:34 GMT
rawurl: /square-image/307113-20210608111222-M/capitol-police-cop-horrified-at-lack-of-help-from-bosses.jpeg
x-azure-ref: 0XKu/YAAAAAAwjK4tcusDQaD7jBmwCTpZTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 59279
scheme: https

GET
H2 200 the-internet-broke-this-morning-but-now-its-mostly-back.jpeg
img1-azrcdn.newser.com/square-image/307114-20210608111337-M/ 54 KB
55 KB 36ms
28ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307114-20210608111337-M/the-internet-broke-this-morning-but-now-its-mostly-back.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f277ee8b54ee26d395d6464a6204090216c768eb57f708bbfe2d2b89ffbc42b9

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 16:14:06 GMT
x-azure-ref-originshield: 0jJq/YAAAAAB4FfIDKJgXQ4RtxsRrXH6jTE9OMjFFREdFMDEwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307114-20210608111337-M/the-internet-broke-this-morning-but-now-its-mostly-back.jpeg
x-azure-ref: 0XKu/YAAAAADLodlLI1NDRpnMHUdsL54NRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 55793
scheme: https

GET
H2 200 entire-family-drowned-trying-to-cross-channel-for-a-new-life.jpeg
img1-azrcdn.newser.com/square-image/307102-20210608065336-M/ 52 KB
52 KB 46ms
38ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307102-20210608065336-M/entire-family-drowned-trying-to-cross-channel-for-a-new-life.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 533b0dc19d50a0dde4b1b559923aa524b838a93204d9ec6d118c21d81ac5f65f

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 11:54:07 GMT
x-azure-ref-originshield: 0ZVu/YAAAAAC0u1RIgGNJR46GCq6bCt4jTE9OMjFFREdFMDIwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307102-20210608065336-M/entire-family-drowned-trying-to-cross-channel-for-a-new-life.jpeg
x-azure-ref: 0XKu/YAAAAABtS+rI1/V4QYpGwzonMjFXRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 52987
scheme: https

GET
H2 200 sergeant-befriends-teen-who-crashed-into-patrol-car.jpeg
img1-azrcdn.newser.com/square-image/307084-20210608062406-M/ 49 KB
49 KB 45ms
38ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307084-20210608062406-M/sergeant-befriends-teen-who-crashed-into-patrol-car.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ba185f22be3980058ec224e05365077d02ae5152bbbb634071126026fca365ce

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 11:24:49 GMT
x-azure-ref-originshield: 0gVO/YAAAAACMNw/feEb6QKpGo3+8UNcpTE9OMjFFREdFMTUxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307084-20210608062406-M/sergeant-befriends-teen-who-crashed-into-patrol-car.jpeg
x-azure-ref: 0XKu/YAAAAAA2QAAGw91oTI78uj2HYkVIRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 49868
scheme: https

GET
H2 200 police-seeking-mother-of-boy-found-dead-near-trailhead.jpeg
img1-azrcdn.newser.com/square-image/307104-20210608055201-M/ 44 KB
44 KB 40ms
33ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307104-20210608055201-M/police-seeking-mother-of-boy-found-dead-near-trailhead.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a2fdc0616f8f2463f5894e2ce6d1606d1e03ee4eb8bbfc95904ba619c0650eac

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 10:52:34 GMT
x-azure-ref-originshield: 0BUy/YAAAAACqhWwYu6rlTrq8uUK83WKSTE9OMjFFREdFMDIwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307104-20210608055201-M/police-seeking-mother-of-boy-found-dead-near-trailhead.jpeg
x-azure-ref: 0XKu/YAAAAACEy0LZOjzrQLMGCYhquE7RRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 44645
scheme: https

GET
H2 200 doj-wants-to-sub-for-trump-in-e-jean-carroll-lawsuit.jpeg
img1-azrcdn.newser.com/square-image/307106-20210608053912-M/ 46 KB
46 KB 44ms
37ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307106-20210608053912-M/doj-wants-to-sub-for-trump-in-e-jean-carroll-lawsuit.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c4e09813ba7b0617e00e915dd9083bc2df319576c6609ecd0ff87098085f984d

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 10:40:05 GMT
x-azure-ref-originshield: 0BUy/YAAAAADGupDyDLe6T6r8skW25AWTTE9OMjFFREdFMDIxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307106-20210608053912-M/doj-wants-to-sub-for-trump-in-e-jean-carroll-lawsuit.jpeg
x-azure-ref: 0XKu/YAAAAAA2EZq3/DGLQagNgKi0rCOCRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 47165
scheme: https

GET
H2 200 fisher-price-didnt-heed-rock-n-play-warnings-and-more-than-50-babies-died.jpeg
img2-azrcdn.newser.com/square-image/307103-20210608111258-M/ 37 KB
37 KB 128ms
125ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307103-20210608111258-M/fisher-price-didnt-heed-rock-n-play-warnings-and-more-than-50-babies-died.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4b11b4bd9c4af018fddff7bf9f385c6392bc1f9b426ab6af90a0ed90158c702c

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 16:13:33 GMT
rawurl: /square-image/307103-20210608111258-M/fisher-price-didnt-heed-rock-n-play-warnings-and-more-than-50-babies-died.jpeg
x-azure-ref: 0XKu/YAAAAAB1gDtKPjpZSbpkBzOOo/G/TE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 37561
scheme: https

GET
H2 200 las-vegas-valley-banning-non-functional-grass.jpeg
img1-azrcdn.newser.com/square-image/307096-20210608065222-M/ 59 KB
59 KB 42ms
35ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307096-20210608065222-M/las-vegas-valley-banning-non-functional-grass.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f210ba8b4f58fc7a6cd87ae3fc9ad2e9ca61a18b4e0fa6a0152616b7536e1774

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 11:52:43 GMT
x-azure-ref-originshield: 0qXS/YAAAAAAP6d7NMRnSTrdKv3FmAbA1TE9OMjFFREdFMDEyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307096-20210608065222-M/las-vegas-valley-banning-non-functional-grass.jpeg
x-azure-ref: 0XKu/YAAAAABYJy/i3G8SRJfltQWIvgwTRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 60138
scheme: https

GET
H2 200 kamala-harris-message-to-guatemalans-do-not-come.jpeg
img2-azrcdn.newser.com/square-image/307099-20210608052321-M/ 40 KB
40 KB 130ms
127ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307099-20210608052321-M/kamala-harris-message-to-guatemalans-do-not-come.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f07071bf9000cd46e1be920a4c077531abe266c952222ad6dedf29e3e12a0ba2

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 10:54:27 GMT
rawurl: /square-image/307099-20210608052321-M/kamala-harris-message-to-guatemalans-do-not-come.jpeg
x-azure-ref: 0XKu/YAAAAAAc8KLVOfnCRLkTAGs5BshWTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 40612
scheme: https

GET
H2 200 hoover-dam-water-shortage-is-effect-of-long-drought.jpeg
img1-azrcdn.newser.com/square-image/307054-20210607194500-M/ 48 KB
49 KB 47ms
40ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307054-20210607194500-M/hoover-dam-water-shortage-is-effect-of-long-drought.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f04a70b08b6496a53926eff3cf30c3ab6aa2dcd3c2442f42cc50eb447c38e8b4

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 00:46:32 GMT
x-azure-ref-originshield: 0MSW/YAAAAAD4o+NnTk83Tp+aAnf4WONwTE9OMjFFREdFMTUyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307054-20210607194500-M/hoover-dam-water-shortage-is-effect-of-long-drought.jpeg
x-azure-ref: 0XKu/YAAAAADHJbx6BBAARoE6kn9dg/XcRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 49462
scheme: https

GET
H2 200 house_grid_iphone.png
img2-azrcdn.newser.com/images/ 16 KB
16 KB 133ms
110ms Image
image/png 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/house_grid_iphone.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44da54fd69c8966482bc49d3744fff0a7fd944dc2dd5732d9f710da7df4329bf

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref: 0XKu/YAAAAAA0g70PPzPBS6nhSIt/tlaXTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 16207

GET
H2 200 fire-drew-phoenixs-biggest-response-ever.jpeg
img1-azrcdn.newser.com/square-image/307082-20210607193000-M/ 44 KB
45 KB 49ms
42ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307082-20210607193000-M/fire-drew-phoenixs-biggest-response-ever.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 33441582855b8d5f33a549088fbd6896a7a319ec46e207f54a5403c811f62e4d

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 00:33:43 GMT
x-azure-ref-originshield: 0EAq/YAAAAADV4Fg8n0VyQK0QD+OLFnOcTE9OMjFFREdFMDIxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307082-20210607193000-M/fire-drew-phoenixs-biggest-response-ever.jpeg
x-azure-ref: 0XKu/YAAAAABnvCfy//e8RqYBTMSNRZ1LRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 45419
scheme: https

GET
H2 200 pot-shops-win-ok-for-vaccine-incentive.jpeg
img1-azrcdn.newser.com/square-image/307092-20210607193245-M/ 61 KB
62 KB 51ms
44ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307092-20210607193245-M/pot-shops-win-ok-for-vaccine-incentive.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a190f38ed1ef836f8443c9cc5a5adde984aeb598025b299805dcbd58db78e694

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 09:37:53 GMT
x-azure-ref-originshield: 0qXS/YAAAAABE7pgDXB0KTqeFZKArdqzCTE9OMjFFREdFMDIxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307092-20210607193245-M/pot-shops-win-ok-for-vaccine-incentive.jpeg
x-azure-ref: 0XKu/YAAAAAD6f7r8GrF9SrCMkoku6w8zRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 62754
scheme: https

GET
H2 200 63-year-old-chimpanzee-dies.jpeg
img2-azrcdn.newser.com/square-image/307085-20210607185715-M/ 41 KB
41 KB 134ms
112ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307085-20210607185715-M/63-year-old-chimpanzee-dies.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7a0a40ff3cfe0b48d30d3916371287ddd78d13109b8c85da90bc25aaed3d2aa8

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 08:24:58 GMT
rawurl: /square-image/307085-20210607185715-M/63-year-old-chimpanzee-dies.jpeg
x-azure-ref: 0XKu/YAAAAABwjRSpSAzcTr0jurMG5mQvTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 41934
scheme: https

GET
H2 200 cops-pickup-driver-killed-4-muslims-in-targeted-attack.jpeg
img1-azrcdn.newser.com/square-image/307088-20210607182845-M/ 48 KB
49 KB 52ms
45ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307088-20210607182845-M/cops-pickup-driver-killed-4-muslims-in-targeted-attack.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0007662b9dc39b55b43a2c4a698a11e0dd2c122fd8c4bf602e95be0cd83805f7

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 11:17:23 GMT
x-azure-ref-originshield: 0H1W/YAAAAACtMcfcKVHHR7f7s40bHGKrTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307088-20210607182845-M/cops-pickup-driver-killed-4-muslims-in-targeted-attack.jpeg
x-azure-ref: 0XKu/YAAAAABN24GvdDFDSpp5vwVFlaY2RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 49476
scheme: https

GET
H2 200 new-apple-features-include-universal-control.jpeg
img2-azrcdn.newser.com/square-image/307081-20210608074724-M/ 37 KB
37 KB 136ms
113ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307081-20210608074724-M/new-apple-features-include-universal-control.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 436ee9f55ae856f23877c27e8e3864baa1e4491ce5047b13bee7b1f8ca5d8e6c

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 12:48:10 GMT
rawurl: /square-image/307081-20210608074724-M/new-apple-features-include-universal-control.jpeg
x-azure-ref: 0XKu/YAAAAAABDJitHhHHRa+VThWTQeA/TE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 37662
scheme: https

GET
H2 200 arctic-sea-ice-is-melting-twice-as-fast-now.jpeg
img1-azrcdn.newser.com/square-image/307052-20210607174730-M/ 42 KB
43 KB 52ms
45ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307052-20210607174730-M/arctic-sea-ice-is-melting-twice-as-fast-now.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9a964181810a135a899f108fb77498a20cf0ce9c128bd38968e9f9d8d8180ed6

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 07:57:14 GMT
x-azure-ref-originshield: 0MSW/YAAAAAAH66hWufksRYzSvRwbU98lTE9OMjFFREdFMTUwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307052-20210607174730-M/arctic-sea-ice-is-melting-twice-as-fast-now.jpeg
x-azure-ref: 0XKu/YAAAAAAh22LI8k5rT5Rc8ljhVUeARlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 43428
scheme: https

GET
H2 200 bostons-top-cop-fired-over-domestic-abuse-claims.jpeg
img2-azrcdn.newser.com/square-image/307087-20210607170600-M/ 41 KB
41 KB 136ms
114ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307087-20210607170600-M/bostons-top-cop-fired-over-domestic-abuse-claims.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d1a444f882274ae345d0c6d8c38e71cfd078a90b8411084dfaabf313b6afcb6c

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 08:42:18 GMT
rawurl: /square-image/307087-20210607170600-M/bostons-top-cop-fired-over-domestic-abuse-claims.jpeg
x-azure-ref: 0XKu/YAAAAAB9iS4UX+x5SZaNKPR+QrGYTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 41792
scheme: https

GET
H2 200 feds-seize-payment-made-to-pipeline-hackers.jpeg
img1-azrcdn.newser.com/square-image/307086-20210607163014-M/ 56 KB
56 KB 53ms
46ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307086-20210607163014-M/feds-seize-payment-made-to-pipeline-hackers.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9425c5a5a1902cad844048fb84891cb8fc3360775c40d0723e48f148be6756c6

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 06:55:33 GMT
x-azure-ref-originshield: 0MSW/YAAAAAAc9KaHmFO8S4emzvWccgPwTE9OMjFFREdFMDExOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307086-20210607163014-M/feds-seize-payment-made-to-pipeline-hackers.jpeg
x-azure-ref: 0XKu/YAAAAAAUNbsRMjhvTrFgjCS66/J9RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 57364
scheme: https

GET
H2 200 cheney-trump-rhetoric-is-dangerous.jpeg
img2-azrcdn.newser.com/square-image/307083-20210607163130-M/ 38 KB
38 KB 141ms
118ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307083-20210607163130-M/cheney-trump-rhetoric-is-dangerous.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 96fd351965e58d24cc996096987bb6d24675055446751ee3ff9fdd78431e0e22

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 11:00:57 GMT
rawurl: /square-image/307083-20210607163130-M/cheney-trump-rhetoric-is-dangerous.jpeg
x-azure-ref: 0XKu/YAAAAACHaPHi7DKWTLjz8cmjmWKYTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 39026
scheme: https

GET
H2 200 toppled-statue-of-universitys-namesake-wont-be-replaced.jpeg
img1-azrcdn.newser.com/square-image/307072-20210607160830-M/ 47 KB
47 KB 53ms
46ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307072-20210607160830-M/toppled-statue-of-universitys-namesake-wont-be-replaced.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a93a6e98976761442115f82982ee41ad4f1460b239d51792608b4d96f7bc50eb

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 08:07:14 GMT
x-azure-ref-originshield: 0MSW/YAAAAABOWnrOOqe0SKOQ1Q7yPsPNTE9OMjFFREdFMDIxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307072-20210607160830-M/toppled-statue-of-universitys-namesake-wont-be-replaced.jpeg
x-azure-ref: 0XKu/YAAAAAALZ2pb74wMT6V9fYNzGWwARlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 47695
scheme: https

GET
H2 200 biogen-soars-40-after-fda-approves-new-drug.jpeg
img2-azrcdn.newser.com/square-image/307089-20210607161145-M/ 41 KB
41 KB 151ms
128ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307089-20210607161145-M/biogen-soars-40-after-fda-approves-new-drug.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4edb3410fd8084caab9a119138dda714031928efbab26ff4e8fc0b786ced85d1

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 10:04:56 GMT
rawurl: /square-image/307089-20210607161145-M/biogen-soars-40-after-fda-approves-new-drug.jpeg
x-azure-ref: 0XKu/YAAAAAAEZBx/O1wcSqxeIbHB7SY/TE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 41929
scheme: https

GET
H2 200 brooke-shields-daughter-resurrects-iconic-dress.jpeg
img1-azrcdn.newser.com/square-image/307076-20210607152115-M/ 55 KB
56 KB 53ms
47ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307076-20210607152115-M/brooke-shields-daughter-resurrects-iconic-dress.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fd373f68624bd574851d363318788519b835d93dfbd5d9cbf1f870bb6c9402be

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 06:07:20 GMT
x-azure-ref-originshield: 0EAq/YAAAAAAJc4xb9z0hT4T6Z14GJk1jTE9OMjFFREdFMDIxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307076-20210607152115-M/brooke-shields-daughter-resurrects-iconic-dress.jpeg
x-azure-ref: 0XKu/YAAAAABqM4qP0+D3RYZQZf73vyrvRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 56522
scheme: https

GET
H2 200 house_grid_rundown.png
img1-azrcdn.newser.com/images/ 5 KB
5 KB 54ms
47ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/house_grid_rundown.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 21349b60e999f29bb11fd1384e57ea43faf7bb39d7822e81c1e30de505663228

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0MRO/YAAAAAB6zLQ2K3dkQ4xu1y1oZ+iETE9OMjFFREdFMTUxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAACCTnPQzIkrR5lqAL5FFuQ6RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5120

GET
H2 200 ellie-kemper-denounces-old-pageant-victory.jpeg
img2-azrcdn.newser.com/square-image/307077-20210607144316-M/ 39 KB
39 KB 152ms
130ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307077-20210607144316-M/ellie-kemper-denounces-old-pageant-victory.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cf07864a99b032b37e568fb5614aabf6bfa60e1456bcf5d3c72acd78783c28e4

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 08:53:59 GMT
rawurl: /square-image/307077-20210607144316-M/ellie-kemper-denounces-old-pageant-victory.jpeg
x-azure-ref: 0XKu/YAAAAADrRGfPN7OISYsfIKIEOE54TE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 39982
scheme: https

GET
H2 200 woman-accused-of-killing-friend-with-eye-drops.jpeg
img2-azrcdn.newser.com/square-image/307079-20210607144253-M/ 32 KB
32 KB 153ms
131ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307079-20210607144253-M/woman-accused-of-killing-friend-with-eye-drops.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ed2deaeb09a041cfb3d360682c3ef2aafb797efec093fb8b7641c2f681bcf6eb

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 10:04:56 GMT
rawurl: /square-image/307079-20210607144253-M/woman-accused-of-killing-friend-with-eye-drops.jpeg
x-azure-ref: 0XKu/YAAAAACucrM7K9S8SKeEremv0mNuTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 33039
scheme: https

GET
H2 200 mod-squad-star-dies.jpeg
img1-azrcdn.newser.com/square-image/307074-20210607135130-M/ 54 KB
54 KB 54ms
47ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307074-20210607135130-M/mod-squad-star-dies.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 84447bc455ec9b32d8809c3e627a39d28e249b9a4ad5470b12ef5d3c8af2f5db

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 07 Jun 2021 18:53:54 GMT
x-azure-ref-originshield: 0i96+YAAAAABwX9iKL/0dRLK8mzE5vSO0TE9OMjFFREdFMDIxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307074-20210607135130-M/mod-squad-star-dies.jpeg
x-azure-ref: 0XKu/YAAAAAAP8n5s21QLS5Ba3xQBdBxzRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 54938
scheme: https

GET
H2 200 kim-jong-un-outlaws-tight-jeans-slang.jpeg
img1-azrcdn.newser.com/square-image/307036-20210607132515-M/ 46 KB
47 KB 54ms
48ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307036-20210607132515-M/kim-jong-un-outlaws-tight-jeans-slang.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 35020cceeafbd3103ee7dda3e26d96d7fb84d34af931e5c9bc627c80aadacd81

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 10:26:18 GMT
x-azure-ref-originshield: 0ZIy/YAAAAAA3BT9UEoOFSrU9cN1YBdfrTE9OMjFFREdFMDIxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307036-20210607132515-M/kim-jong-un-outlaws-tight-jeans-slang.jpeg
x-azure-ref: 0XKu/YAAAAACL7GUrtywUTKr+cPE1CZD4RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 47569
scheme: https

GET
H2 200 calendar_close.png
img1-azrcdn.newser.com/images/ 303 B
535 B 14ms
11ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/calendar_close.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref-originshield: 0YC+/YAAAAADGDiABpXi5SosuYx6LsXPsTE9OMjFFREdFMDExMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAAC7uhev+zgHSIZ/3pKsbab1RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 303

GET
H2 200 left_month.png
img1-azrcdn.newser.com/images/ 274 B
505 B 11ms
9ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/left_month.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield: 0FA2/YAAAAABUG2AcKbcOR5/Sohzy/TnXTE9OMjFFREdFMDEyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAADebztWUAB0Ro7KyijbfNvhRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 274

GET
H2 200 right_month.png
img2-azrcdn.newser.com/images/ 259 B
441 B 154ms
132ms Image
image/png 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/right_month.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref: 0XKu/YAAAAADJP//olKN5RL4kqwa9/DRuTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 259

GET
H2 200 woman-falls-to-her-death-in-zion-national-park.jpeg
img2-azrcdn.newser.com/square-image/307075-20210607125300-M/ 47 KB
47 KB 154ms
132ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307075-20210607125300-M/woman-falls-to-her-death-in-zion-national-park.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: eeb8347bb842400d155509a0fc1c92fb1e6b5b076f1311aea3bfb6aa764bb76b

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 11:11:44 GMT
rawurl: /square-image/307075-20210607125300-M/woman-falls-to-her-death-in-zion-national-park.jpeg
x-azure-ref: 0XKu/YAAAAAB/oKKWsjdzSJUnanG9nvvqTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 48140
scheme: https

GET
H2 200 stormy-daniels-would-love-to-talk-to-grand-jury-about-trump.jpeg
img1-azrcdn.newser.com/square-image/307070-20210607123215-M/ 46 KB
47 KB 19ms
17ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307070-20210607123215-M/stormy-daniels-would-love-to-talk-to-grand-jury-about-trump.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0181d4351f7aa2b2fd35eb1e554d9e2c1294479e6921e7901e4fa1f42e56a9af

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Tue, 08 Jun 2021 07:59:32 GMT
x-azure-ref-originshield: 0H1W/YAAAAADFhhNk+aZ1Q79xPA+r4VqZTE9OMjFFREdFMTUxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307070-20210607123215-M/stormy-daniels-would-love-to-talk-to-grand-jury-about-trump.jpeg
x-azure-ref: 0XKu/YAAAAABF1zEJXtgVQrfYrgyMuqDTRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 47507
scheme: https

GET
H2 200 anthony-weiner-may-try-to-cash-in-with-nfts.jpeg
img2-azrcdn.newser.com/square-image/307071-20210607144354-M/ 40 KB
41 KB 155ms
133ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307071-20210607144354-M/anthony-weiner-may-try-to-cash-in-with-nfts.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f0a676643bcd2a9b5db09aef8597e17f63383fe14b4c2cbb6e19422aa56dea5e

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 09:30:31 GMT
rawurl: /square-image/307071-20210607144354-M/anthony-weiner-may-try-to-cash-in-with-nfts.jpeg
x-azure-ref: 0XKu/YAAAAAA1bEUcsUCIR7IFN7+6LjLTTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 41321
scheme: https

GET
H2 200 cops-2-bodies-under-bridge-were-hit-and-run-victims.jpeg
img2-azrcdn.newser.com/square-image/307067-20210607114115-M/ 38 KB
38 KB 156ms
134ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307067-20210607114115-M/cops-2-bodies-under-bridge-were-hit-and-run-victims.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cec5b3c1001b1619366235c0292aa59ce02bf72e777e0596c2f194e72d885fcd

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 10:24:51 GMT
rawurl: /square-image/307067-20210607114115-M/cops-2-bodies-under-bridge-were-hit-and-run-victims.jpeg
x-azure-ref: 0XKu/YAAAAAAJE0+6yqSIQocWWCQC3DqLTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 39070
scheme: https

GET
H2 200 militant-foes-boko-harams-leader-is-dead.jpeg
img1-azrcdn.newser.com/square-image/307064-20210607110915-M/ 31 KB
31 KB 14ms
13ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307064-20210607110915-M/militant-foes-boko-harams-leader-is-dead.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 73066c33e8ea7ac3605b0c9022722bec94a418228e219777a58ba7596d85a8f8

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 07 Jun 2021 16:14:10 GMT
x-azure-ref-originshield: 0ZCO/YAAAAAAoJBrLXaKvTpRNXWjD+X9ITE9OMjFFREdFMDExMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307064-20210607110915-M/militant-foes-boko-harams-leader-is-dead.jpeg
x-azure-ref: 0XKu/YAAAAAAcz1Gx77BsSodCtKknPLSBRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 31279
scheme: https

GET
H2 200 fda-approves-controversial-new-alzheimers-drug.jpeg
img2-azrcdn.newser.com/square-image/307069-20210607105200-M/ 44 KB
44 KB 156ms
134ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307069-20210607105200-M/fda-approves-controversial-new-alzheimers-drug.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 50d8bfa86f8131b9d007a853da9a8f97398b7d7b1f7f529696bc662566a86ce9

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 10:24:51 GMT
rawurl: /square-image/307069-20210607105200-M/fda-approves-controversial-new-alzheimers-drug.jpeg
x-azure-ref: 0XKu/YAAAAABtxey2Vk95S7YE1kIrOwmITE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 45018
scheme: https

GET
H2 200 carbon-dioxide-levels-reach-an-unwanted-record.jpeg
img2-azrcdn.newser.com/square-image/307065-20210607102630-M/ 47 KB
48 KB 157ms
135ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307065-20210607102630-M/carbon-dioxide-levels-reach-an-unwanted-record.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cec7b2721600fc433be3b780052a35fac1df2d3b94dffa85af9aece30c32e664

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:58:22 GMT
rawurl: /square-image/307065-20210607102630-M/carbon-dioxide-levels-reach-an-unwanted-record.jpeg
x-azure-ref: 0XKu/YAAAAABAKJW3ISCwQYO28y6Sr0BGTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 48508
scheme: https

GET
H2 200 much-is-at-stake-for-kamala-harris-in-first-big-trip.jpeg
img2-azrcdn.newser.com/square-image/307059-20210607094600-M/ 47 KB
47 KB 158ms
136ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307059-20210607094600-M/much-is-at-stake-for-kamala-harris-in-first-big-trip.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7e6d53dee544a72c3a6587f99b2983223c31948bfe0bf8c474239fe827a9a3f7

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:04:28 GMT
rawurl: /square-image/307059-20210607094600-M/much-is-at-stake-for-kamala-harris-in-first-big-trip.jpeg
x-azure-ref: 0XKu/YAAAAAASUmtEa4IgQqFAranCvaAFTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 48061
scheme: https

GET
H2 200 / Show response
loadus.exelator.com/load/ 124 B
506 B 93ms
29ms Script
application/x-javascript 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://loadus.exelator.com/load/?p=320&g=001&c=700151&ctg=home&subctg=&ag=&gd=
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: 1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
content-type: application/x-javascript;charset=UTF-8
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 dpx.js Show response
i.simpli.fi/ 3 KB
4 KB 171ms
100ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=3056&m=1&referrer=http://www.newser.com

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 08 Jun 2021 17:39:40 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3095
x-request-id: FoasIq46HzvHvEgOYJ5h
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 abp.png
img2-azrcdn.newser.com/images/ 2 KB
2 KB 158ms
136ms Image
image/png 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/abp.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref: 0XKu/YAAAAAA4k+xO0fSzSbewNd5kYd+PTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1639

GET
H2 200 ubo.png
img2-azrcdn.newser.com/images/ 2 KB
2 KB 158ms
135ms Image
image/png 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/ubo.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref: 0XKu/YAAAAABsjdLfOdvhQ6D/GfO790fETE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1613

GET
H2 200 ghostery.png
img1-azrcdn.newser.com/images/ 2 KB
2 KB 12ms
11ms Image
image/png 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/ghostery.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:39 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0ywy/YAAAAAByTmnE2uKxQpkoiQLLTTCgTE9OMjFFREdFMDEyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0XKu/YAAAAABHlwF6Ly1zTq1m5Fc/qabKRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1612

GET
H/1.1 200
OK jYmmoKA.js Show response
www.newser.com/MqB/RljVckYamU/tno/ 12 KB
6 KB 247ms
243ms Script
text/javascript 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/MqB/RljVckYamU/tno/jYmmoKA.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 900ba15a85e0df2cf379e089480e9f22d18ee7657e3e344452f0603bdde7b9d1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.newser.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.newser.com/
Cookie: ASP.NET_SessionId=stni2f2v4taq21lylzkaycei; USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1468861877
Connection: keep-alive
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 17:39:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
X-Tornado: yes
Content-Length: 5681

GET
H/1.1 200
OK Cookie set controlpage.aspx Show response
www.newser.com/ 84 KB
14 KB 611ms
401ms XHR
text/html 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/controlpage.aspx?control=storysquarecontainer&sectionid=1&SITEPAGENAME=Home&donotshowads=&gridrownum=49&squarewidth=320&squareheight=213&numgridrows=48&numgridcols=1&hardsoft=5&StartDate=&EndDate=&PickADate=&ShowPopular=N&PopularType=None&viewhardsoft=n&ajaxcall=y&autorefreshcall=n&lastrefreshdate=6/8/2021%2012:39:40%20PM&firststorypubdate=6/8/2021%2012:17:59%20PM&siteid=0&tagid=0&userid=0&taggroupid=0&type=&linkstorytype=&scrollcount=1&displayadsection=home&categoryid=0&channelid=0&ShowGridLeaderboardAds=false&ShowGridMobileAds=false&RenderUserFormat=false&StoryView=G&ShowStats=false&StoryId=0&ShowSimpleListView=True&ShowRolloversOverride=False&IsHeadlineTest=true&URLSubfolder=&Website=D&showipadads=N&ShowGridRepeatingAds=C1,C2,C4&GridFirstAdLocation=0&GridSubsequentAdLocation=0&OnClickOverride=&GridPositioning=&IsMobile=false
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20210603_0800/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 919d9ac345e284c3dff8b06950da505823990d70c83ff3b9e25fe2f5fd64b9aa

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.newser.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: text/html
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: ASP.NET_SessionId=stni2f2v4taq21lylzkaycei; USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1468861877
Connection: keep-alive
Referer: https://www.newser.com/
Accept: text/html
Referer: https://www.newser.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 17:39:40 GMT
Content-Encoding: gzip
max-age: 0
RawURL: /controlpage.aspx?control=storysquarecontainer&sectionid=1&SITEPAGENAME=Home&donotshowads=&gridrownum=49&squarewidth=320&squareheight=213&numgridrows=48&numgridcols=1&hardsoft=5&StartDate=&EndDate=&PickADate=&ShowPopular=N&PopularType=None&viewhardsoft=n&ajaxcall=y&autorefreshcall=n&lastrefreshdate=6/8/2021%2012:39:40%20PM&firststorypubdate=6/8/2021%2012:17:59%20PM&siteid=0&tagid=0&userid=0&taggroupid=0&type=&linkstorytype=&scrollcount=1&displayadsection=home&categoryid=0&channelid=0&ShowGridLeaderboardAds=false&ShowGridMobileAds=false&RenderUserFormat=false&StoryView=G&ShowStats=false&StoryId=0&ShowSimpleListView=True&ShowRolloversOverride=False&IsHeadlineTest=true&URLSubfolder=&Website=D&showipadads=N&ShowGridRepeatingAds=C1,C2,C4&GridFirstAdLocation=0&GridSubsequentAdLocation=0&OnClickOverride=&GridPositioning=&IsMobile=false
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Set-Cookie: USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1468861877; expires=Fri, 06-Jun-2031 17:39:41 GMT; path=/; secure; SameSite=Lax USERSETTINGS=; expires=Mon, 07-Jun-2021 17:39:41 GMT; path=/; secure; SameSite=Lax
Content-Length: 13009
Scheme: https

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 75ms
19ms Script
application/javascript 52.222.174.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-42.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:36:45 GMT
via: 1.1 bb94c626686a13857c0144152dfd53b9.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 176
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: GPdskIfSbs_3Pk96WgYBRF1pPO7HZoHRERb0V6UTdYd36ZtA3wlD9w==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 41ms
26ms Script
application/x-javascript 2600:9000:218d:ec00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:ec00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:21:16 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:04:46 GMT
server: nginx
age: 8304
etag: W/"60665f9e-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 5d2368bfd604bacd708d77b716fea614.cloudfront.net (CloudFront)
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: CDG50-P2
x-amz-cf-id: Ua3FKZOwSxgysz7z-Zzs3DitLhDplv1PG479pWIMkbBLG_VPTO_78Q==
expires: Wed, 09 Jun 2021 15:21:16 GMT

GET
H2 200 rules-p-8dMeaPxgtnRKk.js Show response
rules.quantcount.com/ 3 B
437 B 84ms
34ms Script
application/javascript 2600:9000:218d:a800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8dMeaPxgtnRKk.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:a800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 10:23:55 GMT
via: 1.1 7fbc1adfbf55c351343006ea853f668b.cloudfront.net (CloudFront)
age: 26146
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:13:40 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
x-amz-cf-id: SwomAnDX3oyxPMmot0ZllrJOntIRP3BX82hSscdg1UhAPuWUsmFPag==

GET
H2 200 latest.js Show response
global.proper.io/payloads/ 369 KB
93 KB 51ms
50ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/latest.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/newser.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb1e05acff04f501aacaa5fdd7a734f8cb3ba80266a9b6a7055279d0d454fca2

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 May 2021 19:19:53 GMT
server: cloudflare
age: 1192349
etag: W/"609c2a59-5c3ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 65c3e6a2cfb9c303-FRA
cf-request-id: 0a8e4e79bc0000c30304b84000000001
expires: Tue, 08 Jun 2021 17:44:40 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 218 KB
64 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=cb823c00993c3e54d571194f8149a67a&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

604a724a6f7d51e5672eb117995d826d5e52a9f159db3318b5c21fda3374e35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.newser.com
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: +UKyN+dSnCoFfVDB7kWqng==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65742
x-fb-rlafr: 0
x-fb-debug: V2QTgI1XbJnFuWLh8OD1lUAo2ui+zmLa4xVIYAekVwk7WZAmK6SBXwV/QX2rSnSQFscE5jOTDm/WqnsrYAS4tw==
x-fb-content-md5: 5959aab381052b676ee7c4ccbb5c0802
x-frame-options: DENY
date: Tue, 08 Jun 2021 17:39:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "454a8f3a161d0469dbdc0d290f5a1772"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 08 Jun 2022 15:55:03 GMT

GET
H2 200 Tag.engine Show response
engine.4dsply.com/ 2 KB
2 KB 201ms
199ms Script
application/json 2606:4700::6810:9f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.4dsply.com/Tag.engine?time=-120&id=7f1a7287-2f7e-4f83-800d-06bd711ee14e&rand=35852&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=60&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.newser.com%2F&kw=
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 10169bd91eab033d188a08ba313687a577d5a0b74476bcc09d0ceb1f6dc008e5

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 65c3e6a2fc764eb6-FRA
date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-adscore-status: null
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: private, no-transform
content-type: application/json; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a8e4e79d900004eb6f1065000000001

GET
H2 200 pixel.gif
load77.exelator.com/ 43 B
334 B 22ms
6ms Image
image/gif 2a02:6ea0:c700::10
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: Abk73BC1yAXv69cGAA==
x-accel-expires: @1623762289
date: Tue, 08 Jun 2021 17:39:40 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: gMoykCFzrSQ=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 448491
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035830&ns__t=1623173980671&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1623173980671&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2...

64 B
331 B

37ms
36ms

Image
image/gif

52.222.174.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1623173980671&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-42.cdg50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
via: 1.1 bb94c626686a13857c0144152dfd53b9.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: OdmAMbkURZ4iKb_TER81WMnjxwDXxwZ8ui5dYFIa1-vFV51yw6Fi-Q==

Redirect headers

date: Tue, 08 Jun 2021 17:39:40 GMT
via: 1.1 bb94c626686a13857c0144152dfd53b9.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1623173980671&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=
content-length: 241
x-amz-cf-id: WIeTZWNBPdhTuDGuWX6z8nk_rX5tP081iLB6PUor8nTCQH0DVEpZZQ==

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 85ms
28ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=53513
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 pixel;r=1365224874;rf=0;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=1;fpa=P0-890817193-1623173980721;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=ne...
pixel.quantserve.com/ 35 B
371 B 13ms
11ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1365224874;rf=0;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=1;fpa=P0-890817193-1623173980721;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=newser.com;je=0;sr=1600x1200x24;dst=1;et=1623173980721;tzo=-120;ogl=

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 3 B
427 B 28ms
22ms Script
application/javascript 2600:9000:218d:a800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:a800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:06:15 GMT
via: 1.1 7fbc1adfbf55c351343006ea853f668b.cloudfront.net (CloudFront)
age: 2006
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 02:39:21 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
x-amz-cf-id: m6JoWSmnUqGNaG20eaubvHNgTO7g07rqpHMcYpna6dq5bABROWVSjw==

GET
H2 200 pixel;r=2842313;rf=3;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=0;fpa=P0-890817193-1623173980721;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=newse...
pixel.quantserve.com/ 35 B
210 B 10ms
10ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2842313;rf=3;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=0;fpa=P0-890817193-1623173980721;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=newser.com;je=0;sr=1600x1200x24;dst=1;et=1623173980745;tzo=-120;ogl=

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:40 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 45ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/MqB/RljVckYamU/tno/jYmmoKA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4276a54108e7c6b43655cd4e49fbe97a02a5806749101101fb7fb07ad195704e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48448
x-xss-protection: 0
server: cafe
etag: 9781435320957097862
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Jun 2021 17:39:40 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
634 B 46ms
16ms Script
application/javascript 2606:4700:3035::6815:40f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/MqB/RljVckYamU/tno/jYmmoKA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:40f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 44422
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9
cf-request-id: 0a8e4e7a86000096f8e0a84000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aLn5KJK1pFpP3DoD%2BW8C0rsT3dHGjhaqFEXwwhdANtPuqybOapbimnndD34kNbTa0yzIwTWRH8IZCvTySI0vjOBKOZIbnRm9yBIemNAbRMLskkLv%2BHUpEq11Vzjfu%2Bye0%2FmWjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 65c3e6a4080196f8-FRA

GET
H2 200 adcode.png
rddywd.com/ 43 B
683 B 70ms
33ms Image
image/gif 2606:4700:3035::6815:40f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:40f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin: https://www.newser.com
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 39245
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
cf-request-id: 0a8e4e7a8d0000635f2a034000000001
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zrK1eRNiW0%2Ft%2Faawj34f9hd6RXXqKJcayownbWgtb7ORBkQcVERyt0F3DQq%2BjzJWSyosnKXN%2B7WBU36mrnDNUsfQq31WnMACDhtEDnGMcUzVPFkMGOlL7fq278TGVrM1VTGvXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 65c3e6a41e81635f-FRA

GET
H2 204 generate_204
www.googleapis.com/ 0
39 B 9ms
5ms Image
text/plain 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame 23E0 319 KB
103 KB 10ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.newser.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newser.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newser.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 424295
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 08 Jun 2021 17:39:40 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/newser/ 1005 B
556 B 41ms
41ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/newser/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 870c196156856ec66eb4e1d7b376eca50e218883c93775524484b4fe4603f5ed

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: gzip
etag: -1912583789--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=46, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 379

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 99ms
98ms Image
image/gif 18.208.31.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newser.com&p=%2F&u=CpoQQBBPWU5NBk1uPF&d=newser.com&g=19359&g0=Home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2847&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1277&t=DiMtW8aHbowDzUlHTDTxF7-BlVFuC&V=126&i=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&tz=-120&sn=1&sv=8yx4dDLiB46B4ZWcLwv6T0CK_GTJ&sd=1&im=062b073f&_
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.31.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-31-26.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:40 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 23E0 256 B
441 B 202ms
145ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=68db8d17a1d90e60863934bd7c93e42c99f869b9

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.newser.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 17:39:40 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 45f0e51a072c67e72f24bdd72800695a9a4c6a26e2de4404567bc9ea82a9e6a3
content-length: 176

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210603/r20190131/ Frame 6650 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210603/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210603/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newser.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newser.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 08 Jun 2021 13:35:02 GMT
expires: Tue, 22 Jun 2021 13:35:02 GMT
content-type: text/html; charset=UTF-8
etag: 3869991350818612685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4515
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 14678
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 42ms
41ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 08 Jun 2021 17:39:40 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 38ms
37ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

f84592296bce21da87c6d21e4f4ec2ab274413a2f3c0e4132ec15426f1e4d14a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "896 / 656 of 1000 / last-modified: 1623150540"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21290
x-xss-protection: 0
expires: Tue, 08 Jun 2021 17:39:40 GMT

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D3da64748-2156-4715-8226-a239c5d1d776%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D3da64748-2156-4715-8226-a239c5d1d776%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=3da64748-2156-4715-8226-a239c5d1d776&uid=523fda2f-81d9-45a6-bd19-5ff064931c35

183 B
386 B

535ms
175ms

Script
text/javascript

35.164.25.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=3da64748-2156-4715-8226-a239c5d1d776&uid=523fda2f-81d9-45a6-bd19-5ff064931c35
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.25.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-25-130.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 459b02cb131affcd202cbdd3264681cbaab647ed270a0123498994fa5856f052

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 08 Jun 2021 17:39:41 GMT
server: nginx/1.18.0
content-length: 183
content-type: text/javascript

Redirect headers

location: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=3da64748-2156-4715-8226-a239c5d1d776&uid=523fda2f-81d9-45a6-bd19-5ff064931c35
date: Tue, 08 Jun 2021 17:39:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_22348198_2d820270_2
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_22348198_2d820270_2&verify=true
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-ZhCziaNE2uFdrGbss5L7_8K59AfFvg6b~A

155 B
367 B

556ms
174ms

Script
text/javascript

35.164.25.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-ZhCziaNE2uFdrGbss5L7_8K59AfFvg6b~A
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.25.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-25-130.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: a31e757e13bc988e0340eaa13d71f4b219e203379d7a58a77a4066e8689ece46

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 08 Jun 2021 17:39:41 GMT
server: nginx/1.18.0
content-length: 155
content-type: text/javascript

Redirect headers

Date: Tue, 08 Jun 2021 17:39:40 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-ZhCziaNE2uFdrGbss5L7_8K59AfFvg6b~A
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 445.json Show response
id5-sync.com/g/v2/ 213 B
532 B 139ms
44ms XHR
application/json 51.89.20.87
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/445.json

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.20.87 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p19.id5-sync.com

Software

Resource Hash

4c7d09915bd5535cc0df08b27b3a761a22746d3e33881155f981bc0650816555

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.newser.com
Date: Tue, 08 Jun 2021 17:39:40 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 204 id Show response
id.sharedid.org/ 0
214 B 546ms
179ms XHR
text/plain 44.236.110.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.110.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-110-255.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.newser.com
pragma: no-cache
date: Tue, 08 Jun 2021 17:39:41 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
328 B 72ms
27ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=72

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.newser.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 742ms
182ms XHR
application/octet-stream 35.163.108.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.108.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-108-30.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 08 Jun 2021 17:39:41 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 main.js Show response
player.propervideo.io/new_rtp/ 113 KB
24 KB 51ms
23ms Script
application/javascript 2606:4700::6812:9eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.propervideo.io/new_rtp/main.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 441ade9ef5cfed957f816834d80b38bb6e7694c502d4728f20a4b3f203f4bb78

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 6500
cf-polished: origSize=170488
cf-bgj: minify
cf-request-id: 0a8e4e7ae900002c5622b08000000001
last-modified: Tue, 08 Jun 2021 15:50:53 GMT
server: cloudflare
etag: W/"60bf91dd-299f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 65c3e6a4ad0d2c56-FRA
expires: Tue, 08 Jun 2021 17:44:40 GMT

GET
H/1.1 200
OK Cookie set utility.aspx Show response
www.newser.com/ 0
554 B 331ms
277ms XHR
text/html 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/utility.aspx?function=metricsab&b=false&platform=D&visitorid=1468861877&visitorclassification=P
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20210603_0800/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.newser.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: ASP.NET_SessionId=stni2f2v4taq21lylzkaycei; USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1468861877; g36FastPopSessionRequestNumber=1; _cb_ls=1; __qca=P0-890817193-1623173980721; _cb=CpoQQBBPWU5NBk1uPF; _chartbeat2=.1623173980794.1623173980794.1.8yx4dDLiB46B4ZWcLwv6T0CK_GTJ.1; _cb_svref=null; __atuvc=1%7C23; __atuvs=60bfab5c5b8cdb0e000; _pubcid=3da64748-2156-4715-8226-a239c5d1d776; proper_tracker_cookie=eyJwaWQiOiIiLCJiaWRkZXJzIjp7fSwicHJvcGVyX3VpZCI6IjNkYTY0NzQ4LTIxNTYtNDcxNS04MjI2LWEyMzljNWQxZDc3NiJ9; _lr_retry_request=true; _lr_env_src_ats=false; properSessionData=eyJ1dWlkIjoiZGQyNzE3MzctNmQ1Mi00Mjg2LTk0NWQtMzQzMTllYTk5MTU4IiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fdGVybSI6IiIsInV0bV9jb250ZW50IjoiIiwicmV2ZW51ZSI6MCwiYmlkX2F2ZyI6e319
Connection: keep-alive
Referer: https://www.newser.com/
Accept: */*
Referer: https://www.newser.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 17:39:41 GMT
RawURL: /utility.aspx?function=metricsab&b=false&platform=D&visitorid=1468861877&visitorclassification=P
Content-Type: text/html
Scheme: https
Cache-Control: private, no-store
Set-Cookie: USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1468861877; expires=Fri, 06-Jun-2031 17:39:41 GMT; path=/; secure; SameSite=Lax USERSETTINGS=; expires=Mon, 07-Jun-2021 17:39:41 GMT; path=/; secure; SameSite=Lax
Content-Length: 0
Expires: Tue, 08 Jun 2021 17:38:41 GMT

GET
H/1.1 200
OK headertag Show response
as-sec.casalemedia.com/ 55 B
509 B 167ms
81ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%22351469808%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newser.com%2F%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-21e7f%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-21e7f%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-2-HuHXZ%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-HuHXZ%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-3-bXVUe%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-3-bXVUe%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-4-sSr2t%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-4-sSr2t%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22ec00104f-ed71-11ea-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22liveramp.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%7B%7D%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22idl%22%7D%7D%5D%7D%5D%7D%7D&t=300&fn=window.proper_788d1b44_7d3896a7_3
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d0fb07552a320be992bc4383d6fbd266036d2b93593144023e6103cd8461cbc

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 17:39:41 GMT
Content-Encoding: gzip
X-AK-INITIAL-GEO: CC:[FR], RC:[IDF], CN:[EU], CIP:[82.102.18.114], XFF:[]
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: text/javascript
X-CS-CLIENT-GEO: 28
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 75
X-AK-CLIENT-GEO: 28
Expires: Tue, 08 Jun 2021 17:39:41 GMT

GET
H2 200 arj Show response
propermedia-d.openx.net/w/1.0/ 173 B
557 B 76ms
27ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.newser.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&aus=728x90%7C728x90%7C728x90%7C728x90&auid=542378248%2C542378249%2C542378253%2C542378254&aumfs=100%2C100%2C100%2C100&dddid=7c133e80-66fb-4bf8-8168-3a69b7379b49%2Cd4d8241d-95ea-4b9f-98ee-e4756ab06ed4%2C4e325b6a-4bea-4cba-8286-61fee40937d2%2Cd54008a8-635e-455c-92b5-37ed42632776&divIds=openx-a3a63ad8-8c90-4435-b157-5467d610b418%2Copenx-2f6ecb30-5e74-44c4-b0cd-8b7312aece17%2Copenx-47cec792-2138-4f5e-a112-aab7941b8809%2Copenx-faa2ffbf-a355-467a-b886-7017c2a7fd1a&be=1&bc=hb_pb_3.0.1&nocache=1623173980928&schain=1.0%2C1!proper.io%2Cec00104f-ed71-11ea-8272-06ef03bc0096%2C1&idl_env=%5Bobject%20Object%5D&_pubcid=3da64748-2156-4715-8226-a239c5d1d776
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: f0725715eef7e5bd7c49e181a8424a531139e89650733a4f0654c568028beab6

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: gzip
server: OXGW/16.208.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.newser.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
657 B 304ms
101ms XHR
application/json 18.211.29.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.29.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-29-63.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 4be7166c5a0629bb6a48dd728b6b4310f641011bfe612a365a21c0a1e7d91da4

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Jun 2021 17:39:41 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newser.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
662 B 304ms
102ms XHR
application/json 18.211.29.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.29.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-29-63.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: e43d5136fbbe9f8d50b7c0baf5d124fe00f4adf82e5ab68cb98030af170a5ae8

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Jun 2021 17:39:41 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newser.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
650 B 379ms
177ms XHR
application/json 18.211.29.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.29.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-29-63.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: b1315ffe975f1fef37c344bd634531402fd4c981ef0c82b3248880d4f45c83d4

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Jun 2021 17:39:41 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newser.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
661 B 304ms
102ms XHR
application/json 18.211.29.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.29.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-29-63.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 3cdb7d7bff5e53b7d7dd697e23b8a55711b15805cfed2fb3f1649d33ea99f018

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Jun 2021 17:39:41 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newser.com
access-control-allow-credentials: true

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 178 B
764 B 169ms
72ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22ccc7fe6434fb66ae834a%22%3A%22ccc7fe6434fb66ae834a%7C728x90%7C0.1%22%2C%2264e595c20b879f62c834%22%3A%2264e595c20b879f62c834%7C728x90%7C0.1%22%2C%224329af1e77c12b95f021%22%3A%224329af1e77c12b95f021%7C728x90%7C0.1%22%2C%22b9b670b5118ecbbec418%22%3A%22b9b670b5118ecbbec418%7C728x90%7C0.1%22%7D&ref=https%3A%2F%2Fwww.newser.com%2F&s=3d1171a5-0001-4166-bf7b-f8dff3ae5038&pv=aed5a0ce-e99a-4a67-9ac6-c8a33af15995&vp=desktop&lib_name=prebid&lib_v=4.25.0&us=1&ius=1&userid=%7B%22pubcid%22%3A%7B%22pubcid%22%3A%223da64748-2156-4715-8226-a239c5d1d776%22%7D%7D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22ec00104f-ed71-11ea-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

008c726bce98bec80bafa24f69205d40c3c734c7751cb0dffdffbd1ab589fc3c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 17:39:41 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.newser.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 155
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
319 B 74ms
25ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.newser.com
access-control-allow-credentials: true
cf-ray: 65c3e6a52a5432b0-CDG
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0a8e4e7b3b000032b094301000000001

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 147ms
79ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.newser.com
date: Tue, 08 Jun 2021 17:39:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 101ms
57ms Script
application/javascript 52.222.200.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-200-121.cdg50.r.cloudfront.net
Software: Server /
Resource Hash: 5b6f3806c04b7c91d2ee5cf8f42b31343a9d33ea62ad9d0506cfa1be078477d3

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: E3YSXBJMjZlokKHa7.qL9ZqkRLiXb9jY
content-encoding: gzip
server: Server
age: 741
etag: 6bda376aea84df42909484ff0d20f22a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 015720ab3b3cbbc6f2312b46993e4bb7.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Tue, 08 Jun 2021 17:27:20 GMT
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: WwnL_Kc1yBf4RLIon66iGtrlCbyO35RDgoARmpn9o7HQT2k_uzSoNw==

POST
H2 204 mvo Show response
tag.1rx.io/rmp/214194/0/ 0
170 B 104ms
38ms XHR
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/214194/0/mvo?z=1r&hbv=4.25,2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.newser.com
pragma: no-cache
date: Tue, 08 Jun 2021 17:39:41 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 408 B
759 B 239ms
196ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fwww.newser.com%2F

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

6f0820683115a3e36ab59f75d4a025ecc17ea6921b6c67444a026aed069a5686

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:40 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newser.com
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 176
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 408
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 593 B
5 KB 172ms
61ms XHR
application/json 213.19.162.21
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=345018&zone_id=1856232&size_id=2&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=88432141-aa0b-412a-8916-d406bd67a0f0%3B4219a61f-c7b0-4610-8db4-38f748cbcca1%3Bb450a353-03cc-4c41-bc44-41371fcd53c7%3B8d29b471-0d5c-43f1-a316-70562bed7288&p_screen_res=1600x1200&tg_fl.eid=1856232-1%3B1856232-2%3B1856232-3%3B1856232-4&rf=https%3A%2F%2Fwww.newser.com%2F&x_source.pchain=proper.io%3Aec00104f-ed71-11ea-8272-06ef03bc0096&ppuid=3da64748-2156-4715-8226-a239c5d1d776&eid_pubcid.org=3da64748-2156-4715-8226-a239c5d1d776%5E1&rp_schain=1.0%2C1!proper.io%2Cec00104f-ed71-11ea-8272-06ef03bc0096%2C1&slots=4&rand=0.3175422379082169
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 64101892a187f46af455204de8f3ed19fd091ff5c5c921a1488e63b3e24d51fa

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 17:39:41 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.newser.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 593
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
114 B 119ms
47ms XHR
text/plain 18.198.115.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Ly7nxP2ukzmD5nd8HuLUqVcX&bidId=Ly7nxP2ukzmD5nd8HuLUqVcX&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&idluid=%5Bobject%20Object%5D&pubcid=3da64748-2156-4715-8226-a239c5d1d776&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22ec00104f-ed71-11ea-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.115.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-115-155.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.newser.com
date: Tue, 08 Jun 2021 17:39:41 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
714 B 91ms
30ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 17:39:41 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.59:80
AN-X-Request-Uuid: fe67fec3-86c8-4868-9079-2bee3820a5ca
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.newser.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
159 B 99ms
38ms XHR
text/plain 35.156.10.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1623173980936
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.10.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.newser.com
date: Tue, 08 Jun 2021 17:39:41 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 106ms
53ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUW4K2MG
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: dea93fb8cdb1cb62aeeec494c5c90ca086ae41fd3b5eda55e6b673830dfb8bde

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:41 GMT
via: 1.1 google
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.newser.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 102ms
32ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=29&wv=4.25.0&cb=19616803189&im=1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.newser.com
date: Tue, 08 Jun 2021 17:39:40 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H3-29 200 pubads_impl_2021060301.js Show response
securepubads.g.doubleclick.net/gpt/ 312 KB
109 KB 45ms
45ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Jun 2021 08:37:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112073
x-xss-protection: 0
expires: Tue, 08 Jun 2021 17:39:40 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 311ms
20ms XHR
application/javascript 52.222.200.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-200-121.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 65967
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Mon, 07 Jun 2021 23:20:15 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 941acf135bdda975383e37976690acc7.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: CDG50-P2
x-amz-cf-id: zlvBalnEcNPpOt3rwSjsbU_nclBu_j_HBSfVbhxXRvZqc_i4eM_IOw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 20ms
19ms XHR
text/plain 52.222.200.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=cb3b5777-430d-4622-b7fc-358cfa27d518&u=https%3A%2F%2Fwww.newser.com%2F
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-200-121.cdg50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 22:04:54 GMT
via: 1.1 015720ab3b3cbbc6f2312b46993e4bb7.cloudfront.net (CloudFront)
server: Server
age: 70487
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.newser.com
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-pop: CDG50-P2
x-amz-cf-id: GaKW0AwcMZ_iaViiXcf3k3guOlOiSNCiwGvNvs6m15YHpIPJrdM-vw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
371 B 52ms
52ms XHR
text/javascript 52.222.200.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.newser.com%2F&pid=Hm1lpaVoKGgx9&cb=0&ws=1600x1200&v=7.65.00&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22desktop-6%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22desktop-7%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&cfgv=0&schain=1.0%2C1!proper.io%2Cec00104f-ed71-11ea-8272-06ef03bc0096%2C1%2C%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-200-121.cdg50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:41 GMT
via: 1.1 015720ab3b3cbbc6f2312b46993e4bb7.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG50-P2
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.newser.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: oweu0AdTh6aVAH2Bj5mAGSsdI7bI1GuOhPuCkjwwWZ1FehLCNCvDmA==

GET
H2 200 scotus-may-soon-take-a-look-at-mandated-draft-for-women.jpeg
img1-azrcdn.newser.com/square-image/307046-20210607090928-M/ 57 KB
57 KB 12ms
9ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307046-20210607090928-M/scotus-may-soon-take-a-look-at-mandated-draft-for-women.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 945d30c39a5423493061f7b0e82ba52fca6ff52b74310a211acb4f64ab33413a

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 08:14:27 GMT
x-azure-ref-originshield: 0H1W/YAAAAAC0YeOjVnloRYsDPVXM/2xCTE9OMjFFREdFMDExOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307046-20210607090928-M/scotus-may-soon-take-a-look-at-mandated-draft-for-women.jpeg
x-azure-ref: 0Xau/YAAAAADKcA0EFlVjTroUn6ln8nzURlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 58064
scheme: https

GET
H2 200 jeff-bezos-is-about-to-go-on-his-greatest-adventure.jpeg
img2-azrcdn.newser.com/square-image/307061-20210607083845-M/ 34 KB
34 KB 27ms
23ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307061-20210607083845-M/jeff-bezos-is-about-to-go-on-his-greatest-adventure.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7bf3bfd3c36843e8adabdd3fb9316636ed4add6c87f3b1cda17b78b271ccbaf9

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 10:47:48 GMT
rawurl: /square-image/307061-20210607083845-M/jeff-bezos-is-about-to-go-on-his-greatest-adventure.jpeg
x-azure-ref: 0Xau/YAAAAAD0xaS5EyNFQZpBofeG0SlVTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 34953
scheme: https

GET
H2 200 german-militarys-odd-problem-60k-cans-of-beer.jpeg
img2-azrcdn.newser.com/square-image/307063-20210607103358-M/ 37 KB
37 KB 27ms
23ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307063-20210607103358-M/german-militarys-odd-problem-60k-cans-of-beer.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 75c0f5f25e27b3a90a096504b28eb85c04f68d0792e9236f98a9c88a5d8f5614

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 08:24:58 GMT
rawurl: /square-image/307063-20210607103358-M/german-militarys-odd-problem-60k-cans-of-beer.jpeg
x-azure-ref: 0Xau/YAAAAADumsgWd1zBQIpYjvsAMdTTTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 37962
scheme: https

GET
H2 200 he-teed-off-in-yellowstone-park-service-isnt-laughing.jpeg
img2-azrcdn.newser.com/square-image/307055-20210607080415-M/ 46 KB
46 KB 30ms
24ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307055-20210607080415-M/he-teed-off-in-yellowstone-park-service-isnt-laughing.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9223f3e75b12b4787ba6e4f9d9a7fc768e7c4c37b9b745b38c82c17dd3b677bb

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 08:16:19 GMT
rawurl: /square-image/307055-20210607080415-M/he-teed-off-in-yellowstone-park-service-isnt-laughing.jpeg
x-azure-ref: 0Xau/YAAAAABnMnYUXPg5RoyhFoCZz/DETE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 46841
scheme: https

GET
H2 200 pac-co-founder-fox-rejected-our-ad-on-capitol-riot.jpeg
img2-azrcdn.newser.com/square-image/307057-20210607074215-M/ 45 KB
45 KB 32ms
26ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307057-20210607074215-M/pac-co-founder-fox-rejected-our-ad-on-capitol-riot.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2b5ca4e07a1f92d905eb10d7801194fa1bbb4f0025e0d0fbef627f13d685e20a

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:58:23 GMT
rawurl: /square-image/307057-20210607074215-M/pac-co-founder-fox-rejected-our-ad-on-capitol-riot.jpeg
x-azure-ref: 0Xau/YAAAAADt9SKTQkkySpJFH9d2iA6sTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 46298
scheme: https

GET
H2 200 one-congressman-sues-another-over-capitol-riot.jpeg
img1-azrcdn.newser.com/square-image/307038-20210607065730-M/ 46 KB
47 KB 15ms
6ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307038-20210607065730-M/one-congressman-sues-another-over-capitol-riot.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cc3a4b53b63b77e5e87e17b205a2c233c250a824bdfef529a444b04c166fff5d

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 10:12:18 GMT
x-azure-ref-originshield: 0ZIy/YAAAAABQ+N4q4U0jS4BMryzCDkj+TE9OMjFFREdFMDExNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307038-20210607065730-M/one-congressman-sues-another-over-capitol-riot.jpeg
x-azure-ref: 0Xau/YAAAAAAW7dxbwmGCTr8H5E2aqHgMRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 47498
scheme: https

GET
H2 200 he-wore-a-flag-over-gown-is-denied-diploma.jpeg
img2-azrcdn.newser.com/square-image/307049-20210607063845-M/ 50 KB
51 KB 33ms
25ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307049-20210607063845-M/he-wore-a-flag-over-gown-is-denied-diploma.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f5ce322a5871c1ece90c4c3a919ed4820762aad25de95fcfc560c873a286806f

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 10:24:50 GMT
rawurl: /square-image/307049-20210607063845-M/he-wore-a-flag-over-gown-is-denied-diploma.jpeg
x-azure-ref: 0Xau/YAAAAAD0uStKtmkGT5lXjucuDw90TE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 51706
scheme: https

GET
H2 200 artist-sells-invisible-sculpture-for-18k.jpeg
img2-azrcdn.newser.com/square-image/307051-20210607064030-M/ 25 KB
25 KB 36ms
28ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307051-20210607064030-M/artist-sells-invisible-sculpture-for-18k.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cdfe5a2996f0d454a5d194782e0853c45c5a85f6641bf363b298dc31473ffed8

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:04:28 GMT
rawurl: /square-image/307051-20210607064030-M/artist-sells-invisible-sculpture-for-18k.jpeg
x-azure-ref: 0Xau/YAAAAADSJpV3EhOnS7XfNjKl6WWBTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 25372
scheme: https

GET
H2 200 they-celebrated-daughters-pregnancy-days-later-mom-daughter-baby-were-dead.jpeg
img1-azrcdn.newser.com/square-image/307048-20210607054443-M/ 48 KB
49 KB 17ms
9ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307048-20210607054443-M/they-celebrated-daughters-pregnancy-days-later-mom-daughter-baby-were-dead.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d9b41e301c9316cd379dbdbae2ca394215cd23668b0c1896019e9230a187fcf0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:25:55 GMT
x-azure-ref-originshield: 0ZCO/YAAAAABTc+NnSPlYSq/TsT0mtrMlTE9OMjFFREdFMDEwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307048-20210607054443-M/they-celebrated-daughters-pregnancy-days-later-mom-daughter-baby-were-dead.jpeg
x-azure-ref: 0Xau/YAAAAADayOiX6PiER6nAMWlP7dBQRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 49349
scheme: https

GET
H2 200 us-seems-unlikely-to-hit-bidens-july-4-vaccine-goal.jpeg
img2-azrcdn.newser.com/square-image/307037-20210607045640-M/ 41 KB
41 KB 36ms
29ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307037-20210607045640-M/us-seems-unlikely-to-hit-bidens-july-4-vaccine-goal.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 99947888a51dc4502b01c7ce5d1c0e0ec7aa863599dbc69dbfba3c93622c7abe

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:04:28 GMT
rawurl: /square-image/307037-20210607045640-M/us-seems-unlikely-to-hit-bidens-july-4-vaccine-goal.jpeg
x-azure-ref: 0Xau/YAAAAAAMlTO4XyeSTb+8u4TyxCClTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 41991
scheme: https

GET
H2 200 crystal-smith-scrubbed-sons-bloodstained-jeans-cops.jpeg
img2-azrcdn.newser.com/square-image/307035-20210607051925-M/ 36 KB
37 KB 37ms
29ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307035-20210607051925-M/crystal-smith-scrubbed-sons-bloodstained-jeans-cops.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ecb6d99b58703f5593bcf755b75c3f3e8a7d841d1a9700f6703a7d7dca7c079b

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:32:45 GMT
rawurl: /square-image/307035-20210607051925-M/crystal-smith-scrubbed-sons-bloodstained-jeans-cops.jpeg
x-azure-ref: 0Xau/YAAAAABAEYe1WeZNSLF8ehaCUsaLTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 37205
scheme: https

GET
H2 200 suspected-road-rage-shooter-arrested.jpeg
img2-azrcdn.newser.com/square-image/307045-20210607051410-M/ 64 KB
64 KB 38ms
30ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307045-20210607051410-M/suspected-road-rage-shooter-arrested.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 86c5a757cc22de3bc18dc615532cc5bf01ab05bfe41a4880644a26918e188eaa

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 08:42:18 GMT
rawurl: /square-image/307045-20210607051410-M/suspected-road-rage-shooter-arrested.jpeg
x-azure-ref: 0Xau/YAAAAAAieXSdqI8+Sqxs2dDQwtYCTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 65037
scheme: https

GET
H2 200 burger-king-takes-dig-at-chick-fil-a-with-donations.jpeg
img1-azrcdn.newser.com/square-image/307028-20210607062802-M/ 35 KB
35 KB 17ms
9ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307028-20210607062802-M/burger-king-takes-dig-at-chick-fil-a-with-donations.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d8ba79bccc9b0f12cf27ebbd0a60582ddd85b4657d99d3463d37437e9429d351

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:39:31 GMT
x-azure-ref-originshield: 0ZCO/YAAAAABDfN64lZamS7O9KqaTyv+zTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307028-20210607062802-M/burger-king-takes-dig-at-chick-fil-a-with-donations.jpeg
x-azure-ref: 0Xau/YAAAAABS3H5WrjhuQZbyJJcI/wBIRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 35981
scheme: https

GET
H2 200 at-least-30-dead-after-2-trains-collide-in-pakistan.jpeg
img1-azrcdn.newser.com/square-image/307044-20210607050417-M/ 54 KB
54 KB 18ms
11ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307044-20210607050417-M/at-least-30-dead-after-2-trains-collide-in-pakistan.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 64ade02a75ab6bc81a860f9ccb07c3f2dda41d6fdbcf0505eda5d4459080ab61

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 06:33:33 GMT
x-azure-ref-originshield: 0ZCO/YAAAAABVfFaAjNiVRpk691NKaFjzTE9OMjFFREdFMDIxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307044-20210607050417-M/at-least-30-dead-after-2-trains-collide-in-pakistan.jpeg
x-azure-ref: 0Xau/YAAAAACwXUTsEOKXS6bwT+UOAMfKRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 55243
scheme: https

GET
H2 200 last-of-soldiers-who-freed-auschwitz-dies-at-98.jpeg
img1-azrcdn.newser.com/square-image/307034-20210606175458-M/ 51 KB
51 KB 22ms
15ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307034-20210606175458-M/last-of-soldiers-who-freed-auschwitz-dies-at-98.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1df4929facdfe1b4521afbc2c5574211d9e50abf579d5f0bf12b17ec27fab279

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 08:14:27 GMT
x-azure-ref-originshield: 0A0O/YAAAAAA33EekK9ejRqsYr9uDy/tGTE9OMjFFREdFMDIwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307034-20210606175458-M/last-of-soldiers-who-freed-auschwitz-dies-at-98.jpeg
x-azure-ref: 0Xau/YAAAAADLje0TkeXFT5TiHKvId65FRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 52047
scheme: https

GET
H2 200 suspect-arrested-in-killing-of-teen-girl-in-1972.jpeg
img2-azrcdn.newser.com/square-image/306999-20210606165513-M/ 45 KB
46 KB 38ms
30ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/306999-20210606165513-M/suspect-arrested-in-killing-of-teen-girl-in-1972.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: eb26e601ddf0d3a6c39e2aec3b99d964dfe235cdb5dbf4754c6151fc658fb179

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 10:04:55 GMT
rawurl: /square-image/306999-20210606165513-M/suspect-arrested-in-killing-of-teen-girl-in-1972.jpeg
x-azure-ref: 0Xau/YAAAAADjwpxrI+CHR475lV/+jqpeTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 46382
scheme: https

GET
H2 200 miami-area-sees-another-mass-shooting.jpeg
img2-azrcdn.newser.com/square-image/307031-20210606162013-M/ 50 KB
50 KB 38ms
31ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307031-20210606162013-M/miami-area-sees-another-mass-shooting.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 29466881172c8d4a791418d9b98f0d7019032a7f28889718c728aecb4fec451f

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:58:23 GMT
rawurl: /square-image/307031-20210606162013-M/miami-area-sees-another-mass-shooting.jpeg
x-azure-ref: 0Xau/YAAAAAAQ6qQfZTkCRZVr581k3NBtTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 50718
scheme: https

GET
H2 200 texas-mother-charged-after-school-stunt-video-goes-viral.jpeg
img2-azrcdn.newser.com/square-image/307021-20210606154343-M/ 36 KB
36 KB 39ms
32ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307021-20210606154343-M/texas-mother-charged-after-school-stunt-video-goes-viral.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1e9d7cbc625bd4b714d58e770b3e5cc860d44f6b1ffebc3165e2c0abb9ac618e

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 10:51:11 GMT
rawurl: /square-image/307021-20210606154343-M/texas-mother-charged-after-school-stunt-video-goes-viral.jpeg
x-azure-ref: 0Xau/YAAAAABrQjGVFRUATrdiq4iHIBp+TE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 36558
scheme: https

GET
H2 200 teacher-had-excellent-reason-for-going-shoeless-at-grad.jpeg
img2-azrcdn.newser.com/square-image/306921-20210606150058-M/ 48 KB
49 KB 40ms
33ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/306921-20210606150058-M/teacher-had-excellent-reason-for-going-shoeless-at-grad.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ed16a406bb2d80d3564f827caf0688c307215fa1b75952654ce7592e75878512

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 09:31:47 GMT
rawurl: /square-image/306921-20210606150058-M/teacher-had-excellent-reason-for-going-shoeless-at-grad.jpeg
x-azure-ref: 0Xau/YAAAAADyK4Jb3eI6TLnfNXOkqOPYTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 49519
scheme: https

GET
H2 200 manchin-wont-vote-for-democrats-election-bill.jpeg
img1-azrcdn.newser.com/square-image/307030-20210606144258-M/ 38 KB
38 KB 19ms
12ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307030-20210606144258-M/manchin-wont-vote-for-democrats-election-bill.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6d4043d0b58bc072f1a9d8cbc9537842287baadb2b1ca78d6c8bdc1117932137

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 11:17:24 GMT
x-azure-ref-originshield: 0H1W/YAAAAABxSpdXfqP/SaiSl9+kJytCTE9OMjFFREdFMDIxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307030-20210606144258-M/manchin-wont-vote-for-democrats-election-bill.jpeg
x-azure-ref: 0Xau/YAAAAACBCB63SUCPTbj9CO4KkxAWRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 38767
scheme: https

GET
H2 200 you-probably-should-stop-drinking-alone.jpeg
img2-azrcdn.newser.com/square-image/306831-20210606135929-M/ 35 KB
35 KB 42ms
36ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/306831-20210606135929-M/you-probably-should-stop-drinking-alone.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f0423f032cb9d9b95be2d37abb4d0ad02363b32f15fb1c399025ffe9cd093321

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 10:04:56 GMT
rawurl: /square-image/306831-20210606135929-M/you-probably-should-stop-drinking-alone.jpeg
x-azure-ref: 0Xau/YAAAAABz4TmU8vMDR7Gh9poV8WoFTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 35681
scheme: https

GET
H2 200 d-day-events-are-smaller-but-moving.jpeg
img2-azrcdn.newser.com/square-image/307025-20210606133958-M/ 51 KB
51 KB 41ms
35ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307025-20210606133958-M/d-day-events-are-smaller-but-moving.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2ef77ab513046ddab775f3c74d55ba3e305c87c86f723b3b58615af5a6f4c897

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 08:24:59 GMT
rawurl: /square-image/307025-20210606133958-M/d-day-events-are-smaller-but-moving.jpeg
x-azure-ref: 0Xau/YAAAAAB2EaslLAiPS7xdubSUWMGHTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 52274
scheme: https

GET
H2 200 lili-joins-archie-harry-and-meghan.jpeg
img2-azrcdn.newser.com/square-image/307027-20210606123713-M/ 46 KB
46 KB 42ms
36ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307027-20210606123713-M/lili-joins-archie-harry-and-meghan.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 74554acbf651d2569c1f4c9b9158bf3a0a7fe2bd88206974b9fbcf73554639cb

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 11:11:45 GMT
rawurl: /square-image/307027-20210606123713-M/lili-joins-archie-harry-and-meghan.jpeg
x-azure-ref: 0Xau/YAAAAADmvzWKLJJhQpWOPlk5fHv3TE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 46764
scheme: https

GET
H2 200 tiger-sharks-are-pretty-brave-during-hurricanes.jpeg
img2-azrcdn.newser.com/square-image/307023-20210606120913-M/ 52 KB
52 KB 43ms
36ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307023-20210606120913-M/tiger-sharks-are-pretty-brave-during-hurricanes.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 639f52c5ec3b172320d736779fa3307791c109e88d6f5b65729a0b211092f6e8

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 09:15:32 GMT
rawurl: /square-image/307023-20210606120913-M/tiger-sharks-are-pretty-brave-during-hurricanes.jpeg
x-azure-ref: 0Xau/YAAAAABSXbO0mnB3RLFjeKtVNXpgTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 53231
scheme: https

GET
H2 200 tribe-buys-back-maine-island-stolen-160-years-ago.jpeg
img2-azrcdn.newser.com/square-image/306969-20210606131535-M/ 42 KB
42 KB 49ms
42ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/306969-20210606131535-M/tribe-buys-back-maine-island-stolen-160-years-ago.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c52463aceb07e0b4eb96bdfb682fb8647fd57e58180dcaa65dd7d552be05f82d

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:06:11 GMT
rawurl: /square-image/306969-20210606131535-M/tribe-buys-back-maine-island-stolen-160-years-ago.jpeg
x-azure-ref: 0Xau/YAAAAADn6GXFj+yFS6vR3l/n5QE8TE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 42706
scheme: https

GET
H2 200 he-changed-bowling-by-looking-inside-the-ball.jpeg
img2-azrcdn.newser.com/square-image/306709-20210606110913-M/ 49 KB
49 KB 48ms
40ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/306709-20210606110913-M/he-changed-bowling-by-looking-inside-the-ball.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 08532adc62ea92384c133ab84eaad9bb9b63da30d1e6fe5549c556d0186edc2a

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 10:51:11 GMT
rawurl: /square-image/306709-20210606110913-M/he-changed-bowling-by-looking-inside-the-ball.jpeg
x-azure-ref: 0Xau/YAAAAAB/j1NxY2dRRo6zlLp8jwTKTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 49956
scheme: https

GET
H2 200 pope-expresses-sorrow-but-doesnt-apologize-for-canadian-deaths.jpeg
img1-azrcdn.newser.com/square-image/307024-20210606105328-M/ 49 KB
50 KB 22ms
16ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307024-20210606105328-M/pope-expresses-sorrow-but-doesnt-apologize-for-canadian-deaths.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5b041a6f457e508b5982d4c76d3fe29801756d39d73c4b7724099e6b5dcac5ce

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:08:11 GMT
x-azure-ref-originshield: 0MiW/YAAAAACtnOEIonRbRY7DgQbG7FrnTE9OMjFFREdFMDExMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307024-20210606105328-M/pope-expresses-sorrow-but-doesnt-apologize-for-canadian-deaths.jpeg
x-azure-ref: 0Xau/YAAAAAAdg3eg7jdhSJAY1xOrrKCBRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 50616
scheme: https

GET
H2 200 after-suicide-schools-to-pay-parents-3m.jpeg
img2-azrcdn.newser.com/square-image/307017-20210606102028-M/ 39 KB
39 KB 45ms
38ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307017-20210606102028-M/after-suicide-schools-to-pay-parents-3m.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3172dac8fffe80904a45dcf4013556cd569e4491c5437d7da947368f8fdc7246

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 10:04:56 GMT
rawurl: /square-image/307017-20210606102028-M/after-suicide-schools-to-pay-parents-3m.jpeg
x-azure-ref: 0Xau/YAAAAABciKrquv+dSZuRV1vHe4uiTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 39555
scheme: https

GET
H2 200 falwell-liberty-university-just-trying-to-shame-me.jpeg
img2-azrcdn.newser.com/square-image/307015-20210606094958-M/ 37 KB
37 KB 51ms
44ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307015-20210606094958-M/falwell-liberty-university-just-trying-to-shame-me.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4df9b57fb94e0dfe71fed5fed597462be8cf5494392e1c00f7bcb9cf2e7fb004

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 08:54:01 GMT
rawurl: /square-image/307015-20210606094958-M/falwell-liberty-university-just-trying-to-shame-me.jpeg
x-azure-ref: 0Xau/YAAAAAAdKbutim40R6Tam18p3DesTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 37573
scheme: https

GET
H2 200 man-so-flabbergasted-he-won-1m-he-forgets-one-big-thing.jpeg
img1-azrcdn.newser.com/square-image/307022-20210606124719-M/ 42 KB
42 KB 26ms
20ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307022-20210606124719-M/man-so-flabbergasted-he-won-1m-he-forgets-one-big-thing.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8dda830f48c573d57d24ff08f297a40315e20f5fe83f46511fd72593b6e8240d

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 11:17:24 GMT
x-azure-ref-originshield: 0gnS/YAAAAACcCv65rWtkQ5PXE1NZilO4TE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307022-20210606124719-M/man-so-flabbergasted-he-won-1m-he-forgets-one-big-thing.jpeg
x-azure-ref: 0Xau/YAAAAADaTC37NdzXTo9O3v++fRc0RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 43008
scheme: https

GET
H2 200 turkey-is-battling-a-sea-snot-problem.jpeg
img1-azrcdn.newser.com/square-image/307014-20210606084029-M/ 56 KB
56 KB 24ms
18ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307014-20210606084029-M/turkey-is-battling-a-sea-snot-problem.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7ad9792f028e5b7446d976532a9b71b78c5c6ec55d7c1e71311f2bbd14fc6cc1

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 07 Jun 2021 07:17:56 GMT
x-azure-ref-originshield: 0i96+YAAAAADKuk8oKEn2SYUNsKsc+CBiTE9OMjFFREdFMDExMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307014-20210606084029-M/turkey-is-battling-a-sea-snot-problem.jpeg
x-azure-ref: 0Xau/YAAAAACLR5kc51IATpgRVf3Ona+jRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 57181
scheme: https

GET
H2 200 scientists-reanimate-killer-fungus-to-save-our-coffee.jpeg
img2-azrcdn.newser.com/square-image/306955-20210606075558-M/ 61 KB
61 KB 45ms
39ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/306955-20210606075558-M/scientists-reanimate-killer-fungus-to-save-our-coffee.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d68f21629b7eae4c0c16bd06026a156f94a17377f5dbe7fc2fa85b98216792da

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:23:25 GMT
rawurl: /square-image/306955-20210606075558-M/scientists-reanimate-killer-fungus-to-save-our-coffee.jpeg
x-azure-ref: 0Xau/YAAAAAB8GLLywGL0Qa5NW0wL43n+TE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 62331
scheme: https

GET
H2 200 sheriff-florida-man-kills-boss-who-fired-him-after-31-years.jpeg
img1-azrcdn.newser.com/square-image/307016-20210606124744-M/ 49 KB
49 KB 27ms
21ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307016-20210606124744-M/sheriff-florida-man-kills-boss-who-fired-him-after-31-years.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5d835db01378c567ad3c4e518bcc2f542a677cb335d7e24e4b81340b7c97a5f0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Sun, 06 Jun 2021 21:43:20 GMT
x-azure-ref-originshield: 0ZCO/YAAAAABbZGCcaxgESL//gmyh3a2XTE9OMjFFREdFMTUxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307016-20210606124744-M/sheriff-florida-man-kills-boss-who-fired-him-after-31-years.jpeg
x-azure-ref: 0Xau/YAAAAABLEL48JGpxRak30znkqWC5RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 49832
scheme: https

GET
H2 200 he-wanted-to-go-diving-for-treasure-he-found-a-leg.jpeg
img1-azrcdn.newser.com/square-image/306892-20210606071313-M/ 50 KB
51 KB 30ms
24ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/306892-20210606071313-M/he-wanted-to-go-diving-for-treasure-he-found-a-leg.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0380a21e1ee3f35b49ecee1398a8362b161c5f5d20b812c48abf5d964bc2683e

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 07 Jun 2021 16:45:55 GMT
x-azure-ref-originshield: 0UQy/YAAAAAB8WmPs1JVtSr+D6aULVpp0TE9OMjFFREdFMDIwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/306892-20210606071313-M/he-wanted-to-go-diving-for-treasure-he-found-a-leg.jpeg
x-azure-ref: 0Xau/YAAAAABGx3Fidr/DS46CvHB3qrVcRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 51457
scheme: https

GET
H2 200 trump-launches-more-active-phase-of-his-post-presidency.jpeg
img1-azrcdn.newser.com/square-image/307020-20210606064928-M/ 45 KB
46 KB 32ms
26ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307020-20210606064928-M/trump-launches-more-active-phase-of-his-post-presidency.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6f09179353275ddcbdf92ab445530bd6b7ab1f5c4021ef1c6f864bba1725f2ce

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 07 Jun 2021 18:50:16 GMT
x-azure-ref-originshield: 0yAS/YAAAAADfmcp1XXsVTYVURL1XdPbbTE9OMjFFREdFMDIwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307020-20210606064928-M/trump-launches-more-active-phase-of-his-post-presidency.jpeg
x-azure-ref: 0Xau/YAAAAAA5PlNv5TbUTZQIZz3HqWLtRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 46243
scheme: https

GET
H2 200 cops-as-we-pursued-suspect-he-hurled-his-baby-at-us.jpeg
img1-azrcdn.newser.com/square-image/307018-20210606163851-M/ 38 KB
39 KB 37ms
32ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307018-20210606163851-M/cops-as-we-pursued-suspect-he-hurled-his-baby-at-us.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d215966f74fa3530bb64f94d626a78f78b95b7d683ccb3aa007afddd871a017a

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 08:29:53 GMT
x-azure-ref-originshield: 0gnS/YAAAAAD4Zgy8LRllTrVuB1nWJC1DTE9OMjFFREdFMDExMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307018-20210606163851-M/cops-as-we-pursued-suspect-he-hurled-his-baby-at-us.jpeg
x-azure-ref: 0Xau/YAAAAAC6xrJbZyD0Ra5PCXgmAi33RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 39234
scheme: https

GET
H2 200 gone-girl-actress-badly-injured-in-hit-and-run.jpeg
img2-azrcdn.newser.com/square-image/307019-20210606055458-M/ 42 KB
42 KB 50ms
44ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307019-20210606055458-M/gone-girl-actress-badly-injured-in-hit-and-run.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 18f8efaf289734dbcfdb53ff9205317eb38e50c9370d860d0dd249abd82cd74f

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:06:12 GMT
rawurl: /square-image/307019-20210606055458-M/gone-girl-actress-badly-injured-in-hit-and-run.jpeg
x-azure-ref: 0Xau/YAAAAABzGdalSWr+R6l0SVUblLq8TE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 43058
scheme: https

GET
H2 200 segregationist-governor-didnt-protect-freedom-riders.jpeg
img2-azrcdn.newser.com/square-image/307013-20210605174959-M/ 43 KB
43 KB 50ms
44ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307013-20210605174959-M/segregationist-governor-didnt-protect-freedom-riders.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e090bb51a19e6b1ccdfc41dde5171fcd4b769dccc696aac2bb8deccc433797f7

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 10:04:57 GMT
rawurl: /square-image/307013-20210605174959-M/segregationist-governor-didnt-protect-freedom-riders.jpeg
x-azure-ref: 0Xau/YAAAAACR+iR2ByHLSKRP0tSQsAfFTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 43652
scheme: https

GET
H2 200 venice-cruise-ships-get-mixed-reception.jpeg
img2-azrcdn.newser.com/square-image/307011-20210605172443-M/ 39 KB
39 KB 51ms
46ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307011-20210605172443-M/venice-cruise-ships-get-mixed-reception.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 561b9a903f36ae2093c20b2766e9d59ada0f131502cee43555ee8d3ce7d8c582

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:32:45 GMT
rawurl: /square-image/307011-20210605172443-M/venice-cruise-ships-get-mixed-reception.jpeg
x-azure-ref: 0Xau/YAAAAAAvTujwtVDRTI7ESUK80zNITE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 39638
scheme: https

GET
H2 200 how-ohios-cops-courts-failed-a-sex-trafficked-teen.jpeg
img1-azrcdn.newser.com/square-image/306888-20210605214434-M/ 50 KB
51 KB 21ms
16ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/306888-20210605214434-M/how-ohios-cops-courts-failed-a-sex-trafficked-teen.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bc7f0ed7f14303dd340586a683b52d14ca6476d04bcaab93f0a4035925ecde39

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 07 Jun 2021 18:31:40 GMT
x-azure-ref-originshield: 0cOy+YAAAAAB0EFTCEWBvT6EI96yphBz+TE9OMjFFREdFMTUyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/306888-20210605214434-M/how-ohios-cops-courts-failed-a-sex-trafficked-teen.jpeg
x-azure-ref: 0Xau/YAAAAADAF6Mc/mh2Rr7JKgAyapMnRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 51427
scheme: https

GET
H2 200 thousands-oppose-putting-chinese-college-in-budapest.jpeg
img1-azrcdn.newser.com/square-image/307012-20210605163413-M/ 63 KB
63 KB 32ms
27ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307012-20210605163413-M/thousands-oppose-putting-chinese-college-in-budapest.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: edaf3e511dcae71a8975fc2b0de45596cfef5cbaf145f3d7abab6bafcfa55f93

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 07 Jun 2021 10:26:50 GMT
x-azure-ref-originshield: 0cOy+YAAAAABS0r1jX81dTZDLerjaUoCUTE9OMjFFREdFMDIxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307012-20210605163413-M/thousands-oppose-putting-chinese-college-in-budapest.jpeg
x-azure-ref: 0Xau/YAAAAAB8ipiYI5qjT7H/UkJaRucfRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 64430
scheme: https

GET
H2 200 jimmy-allen-ruth-drove-freedom-riders-to-jackson.jpeg
img1-azrcdn.newser.com/square-image/307010-20210605160458-M/ 49 KB
49 KB 32ms
28ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307010-20210605160458-M/jimmy-allen-ruth-drove-freedom-riders-to-jackson.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1fcb5e175a00cd189b261593c1e787dad954744a996c6e2940765f7e32bdd70c

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:57:05 GMT
x-azure-ref-originshield: 0h5C/YAAAAADyxmV3sHsZQoyV9KN7bOX3TE9OMjFFREdFMTUyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307010-20210605160458-M/jimmy-allen-ruth-drove-freedom-riders-to-jackson.jpeg
x-azure-ref: 0Xau/YAAAAAD5QivCx7uvQ4MUpwWbYKefRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 50287
scheme: https

GET
H2 200 amazon-is-about-to-take-and-share-a-slice-of-your-internet.jpeg
img1-azrcdn.newser.com/square-image/306874-20210605150058-M/ 44 KB
44 KB 34ms
30ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/306874-20210605150058-M/amazon-is-about-to-take-and-share-a-slice-of-your-internet.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3a70652ce79fe560cac2c3ad4927e0aacc0dd19f7fc6bad37baaaaa4d95d5dd4

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 07:57:05 GMT
x-azure-ref-originshield: 0h5C/YAAAAADlv7mcjsHjSJ6rcNJbT+qSTE9OMjFFREdFMDIwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/306874-20210605150058-M/amazon-is-about-to-take-and-share-a-slice-of-your-internet.jpeg
x-azure-ref: 0Xau/YAAAAABiaxshZ79OSIRqpJnfs2wtRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 44885
scheme: https

GET
H2 200 government-flips-on-seizure-of-reporters-phone-records.jpeg
img1-azrcdn.newser.com/square-image/307004-20210605145513-M/ 42 KB
42 KB 36ms
32ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307004-20210605145513-M/government-flips-on-seizure-of-reporters-phone-records.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f24acb6d731ede7c52c60bfa8f5fefa36d4b92789ea49d45b166040bd8d217f2

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 08:29:53 GMT
x-azure-ref-originshield: 0jEa/YAAAAAAXJioj3rugTKmHqfAt8c25TE9OMjFFREdFMTUwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307004-20210605145513-M/government-flips-on-seizure-of-reporters-phone-records.jpeg
x-azure-ref: 0Xau/YAAAAADwJjHOj6VDTKbAKqXRReGlRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 42946
scheme: https

GET
H2 200 naked-bike-riders-have-to-wear-just-one-item.jpeg
img2-azrcdn.newser.com/square-image/307009-20210605140928-M/ 59 KB
59 KB 49ms
45ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307009-20210605140928-M/naked-bike-riders-have-to-wear-just-one-item.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9c4005cd4a7a9d5dff1d1ae617bed4d68d53ae11745d7a441be07eda8a8544a5

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 11:11:45 GMT
rawurl: /square-image/307009-20210605140928-M/naked-bike-riders-have-to-wear-just-one-item.jpeg
x-azure-ref: 0Xau/YAAAAADIPjsxcXZtQIUjqlewYpixTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 60050
scheme: https

GET
H2 200 mysterious-ancient-event-nearly-wiped-out-sharks.jpeg
img2-azrcdn.newser.com/square-image/306971-20210605134713-M/ 43 KB
44 KB 51ms
46ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/306971-20210605134713-M/mysterious-ancient-event-nearly-wiped-out-sharks.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e35fa0fc21755c516f05f4ac28bdb5a08900623d07ba3f22a0b2ba1011e05303

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 08:24:59 GMT
rawurl: /square-image/306971-20210605134713-M/mysterious-ancient-event-nearly-wiped-out-sharks.jpeg
x-azure-ref: 0Xau/YAAAAABJP+39VhEDSaXYXSnyc6PRTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 44470
scheme: https

GET
H2 200 a-cryptocurrency-ceo-died-at-30-then-things-got-weirder.jpeg
img2-azrcdn.newser.com/square-image/306897-20210605130343-M/ 68 KB
68 KB 50ms
45ms Image
image/jpeg 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/306897-20210605130343-M/a-cryptocurrency-ceo-died-at-30-then-things-got-weirder.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b06e5dd8db4f28a20cc36c07af7b482cb571e22ebb3a5badc1d2f2840d1f27aa

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Tue, 08 Jun 2021 10:51:12 GMT
rawurl: /square-image/306897-20210605130343-M/a-cryptocurrency-ceo-died-at-30-then-things-got-weirder.jpeg
x-azure-ref: 0Xau/YAAAAAA0z0GNZdnzR7N/IGdr8qbRTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 69285
scheme: https

GET
H2 200 trouble-may-lurk-for-maines-beloved-blueberries.jpeg
img1-azrcdn.newser.com/square-image/307008-20210605122828-M/ 59 KB
59 KB 33ms
29ms Image
image/jpeg 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/307008-20210605122828-M/trouble-may-lurk-for-maines-beloved-blueberries.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 06bc9b6fcf7806e9b964d19c6f8b8df949ed09f24cb11691e5724942ad583dbd

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:40 GMT
last-modified: Mon, 07 Jun 2021 10:26:50 GMT
x-azure-ref-originshield: 0cOy+YAAAAADJ9CF7AwHCRJKk5FNExsCJTE9OMjFFREdFMTUxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307008-20210605122828-M/trouble-may-lurk-for-maines-beloved-blueberries.jpeg
x-azure-ref: 0Xau/YAAAAAB/Hi1q09rMSLJpw68lxmFyRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=2592000
content-length: 60031
scheme: https

POST
H2 200 s2s Show response
eb.proper.io/ 432 B
540 B 260ms
259ms XHR
application/json 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eb.proper.io/s2s?proper_uid=3da64748-2156-4715-8226-a239c5d1d776
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc4e649b5fd57b75ee14e5eb63ef664f013d82ec8da4b7e5ee1b211a5e424344

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:41 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.newser.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-timing: dur:232
cf-ray: 65c3e6a8ba98c303-FRA
cf-request-id: 0a8e4e7d700000c303339e0000000001
expires: -1

GET
H2 200 p Show response
i.simpli.fi/ 746 B
1 KB 31ms
31ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp

Requested by

Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=3056&m=1&referrer=http://www.newser.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

aa766499c95ceff3bd9044255f02a89758553a62e657b350e3abbf9ee29bb0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=5A5AB8CE9B9B4C538B94290CC70E9F07

43 B
183 B

322ms
94ms

Image
image/gif

2600:1f18:612b:4232:1f73:43cf:8eeb:9521
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=5A5AB8CE9B9B4C538B94290CC70E9F07
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:1f73:43cf:8eeb:9521 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:41 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=5A5AB8CE9B9B4C538B94290CC70E9F07
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Mon, 07 Jun 2021 17:39:41 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=5A5AB8CE9B9B4C538B94290CC70E9F07
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=5A5AB8CE9B9B4C538B94290CC70E9F07

95 B
426 B

25ms
25ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=5A5AB8CE9B9B4C538B94290CC70E9F07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:41 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Tue, 08 Jun 2021 17:39:41 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=5A5AB8CE9B9B4C538B94290CC70E9F07
alt-svc: clear
content-length: 0

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=5A5AB8CE9B9B4C538B94290CC70E9F07
https://d.agkn.com/pixel/10751/?che=1623173981&ip=82.102.18.114&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164880503811000552190
https://um.simpli.fi/aa_px?sk=164880503811000552190

43 B
409 B

29ms
28ms

Image
image/gif

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164880503811000552190

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 07 Jun 2021 17:39:41 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 17:39:41 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164880503811000552190
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nexage
um.simpli.fi/ 43 B
409 B 106ms
29ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 07 Jun 2021 17:39:41 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=5A5AB8CE9B9B4C538B94290CC70E9F07

0
0

141ms
19ms

Image
text/html

52.84.174.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=5A5AB8CE9B9B4C538B94290CC70E9F07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-22.cdg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=5A5AB8CE9B9B4C538B94290CC70E9F07
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Mon, 07 Jun 2021 17:39:41 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 106ms
30ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 07 Jun 2021 17:39:41 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 31ms
28ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 07 Jun 2021 17:39:41 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=5A5AB8CE9B9B4C538B94290CC70E9F07;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=5A5AB8CE9B9B4C538B94290CC70E9F07;mimetype=img;sr
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=3508560098466219288

0
0

59ms
19ms

Image
text/html

52.84.174.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=3508560098466219288
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-22.cdg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:41 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=3508560098466219288
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=5A5AB8CE9B9B4C538B94290CC70E9F07&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=5A5AB8CE9B9B4C538B94290CC70E9F07&j=0&xl8blockcheck=1

0
759 B

34ms
34ms

Image
text/plain

18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=5A5AB8CE9B9B4C538B94290CC70E9F07&j=0&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:41 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Tue, 08 Jun 2021 17:39:41 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=5A5AB8CE9B9B4C538B94290CC70E9F07&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 31ms
29ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 07 Jun 2021 17:39:41 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=5A5AB8CE9B9B4C538B94290CC70E9F07

0
421 B

647ms
100ms

Image
text/plain

34.205.51.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=5A5AB8CE9B9B4C538B94290CC70E9F07
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.51.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 08 Jun 2021 17:39:41 GMT

Redirect headers

date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=5A5AB8CE9B9B4C538B94290CC70E9F07
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Mon, 07 Jun 2021 17:39:41 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=5A5AB8CE9B9B4C538B94290CC70E9F07

62 B
745 B

567ms
251ms

Image
image/gif

23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=5A5AB8CE9B9B4C538B94290CC70E9F07
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 17:39:42 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 536a
Content-Type: image/gif

Redirect headers

date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=5A5AB8CE9B9B4C538B94290CC70E9F07
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Mon, 07 Jun 2021 17:39:41 GMT

GET
H2

200

tpid=5A5AB8CE9B9B4C538B94290CC70E9F07
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=5A5AB8CE9B9B4C538B94290CC70E9F07
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=5A5AB8CE9B9B4C538B94290CC70E9F07

49 B
709 B

47ms
47ms

Image
image/gif

52.48.248.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=5A5AB8CE9B9B4C538B94290CC70E9F07
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:42 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.6.0
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:42 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=5A5AB8CE9B9B4C538B94290CC70E9F07
cache-control: no-cache
x-server: 10.45.6.133
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=5A5AB8CE9B9B4C538B94290CC70E9F07
https://ce.lijit.com/merge?pid=2&3pid=5A5AB8CE9B9B4C538B94290CC70E9F07&dnr=1

0
433 B

41ms
41ms

Image
text/plain

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=5A5AB8CE9B9B4C538B94290CC70E9F07&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 17:39:42 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 17:39:42 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=5A5AB8CE9B9B4C538B94290CC70E9F07&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=5A5AB8CE9B9B4C538B94290CC70E9F07

0
66 B

1067ms
24ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=5A5AB8CE9B9B4C538B94290CC70E9F07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:42 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=5A5AB8CE9B9B4C538B94290CC70E9F07
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Mon, 07 Jun 2021 17:39:41 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1623173981563&cv=7&fst=1623173981563&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=973273668&cv=7&fst=1623173981563&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
https://www.google.com/pagead/1p-conversion/1026675585/?random=973273668&cv=7&fst=1623173981563&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
https://www.google.de/pagead/1p-conversion/1026675585/?random=973273668&cv=7&fst=1623173981563&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...

42 B
108 B

18ms
18ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=973273668&cv=7&fst=1623173981563&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Xau_YO2DJebD7_UP1N2F2A8&random=4013333665&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=973273668&cv=7&fst=1623173981563&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Xau_YO2DJebD7_UP1N2F2A8&random=4013333665&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=5A5AB8CE9B9B4C538B94290CC70E9F07
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=5A5AB8CE9B9B4C538B94290CC70E9F07&__user_check__=1&sync_id=821a4962-c880-11eb-a542-16821cb20206

43 B
549 B

37ms
37ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=5A5AB8CE9B9B4C538B94290CC70E9F07&__user_check__=1&sync_id=821a4962-c880-11eb-a542-16821cb20206
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 17:39:42 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 131
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 08 Jun 2021 17:39:42 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=5A5AB8CE9B9B4C538B94290CC70E9F07&__user_check__=1&sync_id=821a4962-c880-11eb-a542-16821cb20206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 60
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=5A5AB8CE9B9B4C538B94290CC70E9F07
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D5A5AB8CE9B9B4C538B94290CC70E9F07

43 B
1 KB

28ms
28ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D5A5AB8CE9B9B4C538B94290CC70E9F07

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 17:39:41 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.8:80
AN-X-Request-Uuid: 8a602b6d-3dc8-4ad0-95d0-e3ef2f32645a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 17:39:41 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.116:80
AN-X-Request-Uuid: 95a2af03-703f-4bbe-a999-41f513c85951
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D5A5AB8CE9B9B4C538B94290CC70E9F07
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=5A5AB8CE9B9B4C538B94290CC70E9F07&expires=365

0
239 B

1181ms
29ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=5A5AB8CE9B9B4C538B94290CC70E9F07&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=5A5AB8CE9B9B4C538B94290CC70E9F07&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Mon, 07 Jun 2021 17:39:41 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=5A5AB8CE9B9B4C538B94290CC70E9F07

43 B
122 B

27ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=5A5AB8CE9B9B4C538B94290CC70E9F07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:41 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=5A5AB8CE9B9B4C538B94290CC70E9F07
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Mon, 07 Jun 2021 17:39:41 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEMxeHm2OUhIJxgW_oU530tg&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5A5AB8CE9B9B4C538B94290CC70E9F07
https://um.simpli.fi/g_match?id=

0
320 B

32ms
31ms

Image
text/plain

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:41 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 07 Jun 2021 17:39:41 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.newser.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 17:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newser.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 17:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 92 KB
17 KB 431ms
431ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2442731519264179&correlator=206770356785874&output=ldjh&impl=fifs&eid=31060783%2C31061040%2C31061384%2C31061180&vrg=2021060301&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20210608&iu_parts=5376056%2Cnewser_leaderboard%2Cdynamic_1%2Cnewser_gridwide%2Cdynamic_2&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F3%2F2%2C%2F0%2F3%2F4&prev_iu_szs=1x1%7C728x90%2C1x1%7C728x90%2C1x1%7C728x90&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D6558%26proper_site%3Dnewser%26proper_slot%3D1.01%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D6558%26proper_site%3Dnewser%26proper_slot%3D12.01%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D6558%26proper_site%3Dnewser%26proper_slot%3D12.02%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623173982&dt=1623173982102&dlt=1623173980376&idt=675&frm=20&biw=1600&bih=1200&oid=3&adxs=561%2C315%2C315&adys=55%2C684%2C1311&adks=1569744204%2C1045808715%2C935732023&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newser.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0%7C728x0%7C728x0&msz=728x0%7C728x0%7C728x0&ga_vid=2126381474.1623173982&ga_sid=1623173982&ga_hid=1682431392&ga_fc=false&fws=4%2C0%2C0&ohw=728%2C0%2C0&btvi=0%7C0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

23ad9ab24753985d4afbee07f707d82936e74268e985c0bccfbeee693389c40b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17614
x-xss-protection: 0
google-lineitem-id: 2151234376,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138203123417,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newser.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
4a0da0c88ec7e709c3f92d0f2c3a4bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 29ms
13ms Other
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://4a0da0c88ec7e709c3f92d0f2c3a4bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
BLOB 200
OK b6531ae1-719b-4196-9cef-85fb6d4676a2
https://www.newser.com/ 131 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newser.com/b6531ae1-719b-4196-9cef-85fb6d4676a2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b58ee3d7b8cf7715cb2efcc2910ced1fbeeac027b23a5f5b600cd8c07c100b1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 131
Content-Type: text/javascript

GET
BLOB 200
OK f7413162-be4d-4356-b904-112c63603710
https://www.newser.com/ 131 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newser.com/f7413162-be4d-4356-b904-112c63603710
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b58ee3d7b8cf7715cb2efcc2910ced1fbeeac027b23a5f5b600cd8c07c100b1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 131
Content-Type: text/javascript

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 25ms
24ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

496dc8114b042b4a7953194447f862e9b03061221b458c63f4d8a5d04765dd67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 17:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8019
x-xss-protection: 0

GET
BLOB 200
OK 02834a27-d17d-4e93-9870-63f536b180bd
https://www.newser.com/ 131 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newser.com/02834a27-d17d-4e93-9870-63f536b180bd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b58ee3d7b8cf7715cb2efcc2910ced1fbeeac027b23a5f5b600cd8c07c100b1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 131
Content-Type: text/javascript

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 08 Jun 2021 17:39:42 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 98AF 12 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newser.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 08 Jun 2021 17:35:28 GMT
expires: Wed, 08 Jun 2022 17:35:28 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 254
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5D70 783 B
531 B 16ms
16ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

79e46517de56a67fbd85029639b513c291ec89f5298ea172978ef9248411ae0d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-essxyIRPBBoVQDmSheFo4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newser.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newser.com/

Response headers

expires: Tue, 08 Jun 2021 17:39:42 GMT
date: Tue, 08 Jun 2021 17:39:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-essxyIRPBBoVQDmSheFo4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js Show response
pagead2.googlesyndication.com/bg/ Frame 98AF 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b44eb85c6d5c5c01e075166a2ee52630b0b23ae43db3b2c4fe42ffc4e110cf2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:39:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5784
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 15:39:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021060301&jk=2442731519264179&bg=!19Sl1JDNAAY6sG-_OrA7ACkAdvg8Wm9Us-w-OkLkyS4-ugNm_O13UKm5KADoy4-07SdEUfKcpsaOigIAAABxUgAAAAxoAQcKAAvl9MafVm7FSO3wWpkCaPlzULlaNH_aReSzbt8-IPhdaaKbrcgAkwMLj5scXTZF2dmBBSECeLfUcpSxmsOcgWP8mcWlLFMZC-H8nBqHQZ19vxh04pjJjHccoGQnk1cODzf8J1xQVBmmhBAMZ74xnsS6B5qd3_p71lXuL2XrUQeQOZyYGYyVBJr0icOnnoW-eCJcWALz4D8yWOY_wuWr75ziG_9qiLguVHtrraseo-jNokqVoW-ajKTP2yh6ivZGx2K4D8jiN6sD94DNgC8wPFx52s2W7IVNITJZMQ1GHIooJAxWAHFiXtI3q2smS_QJV6wmQcFXKTkgs6kynSN6il7Hxyllm0gP4_Pkh2og1bVaEVJuXv9wPM8hQ3rVVtkA_IUHoFlW1XkSshwJwkj34-3iRsx7lGBMf1cW0KCUOizl_LzsbRGg8d5E_5Y6dhoqtjbk0WcMdwTVRRmC07NN4NWpwZKNwgMry8tyut4VM2U7s-wKQTsLZyYQviaCa1GKlE3v1oWb0gL6ZP_uds52_9Z6J2HOuBLVdgemWb7FDgpPUkTF1PsCp-9L3Jyz36ytFF6_-Y17VYJOBSnwMGGAJ48VSxkw7kjM0T3QOymi4jsO3e6cyUywj3yFhvdK4g1_hsM2Rhjw0BcprkFDJDKyme7AnebPgO6Gu9AybBiOd0xd4_N6qmr6qg7mWgXWxBH8gRE7MSggFirVq9yxGULcJc2shN5guNjVb0G-KhCJtEdlPM7I1b935KQJSC5M0B-Mx5r4Ulo2YUCYQPab4PdKPi5ZVIF90Q-2t1xi2eBPg4bNhb18tIpc58TEuiMQQIEsbwZGYCZzQyE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D155 0
0 65ms
64ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssL-jROOxMC-V-0gq5oZlSXF3BcoeDkvpLNF7uAbuRvd9sPuqHR1f_NBHI25OA0wYh6UtBSBz_DJvjdS9d22B1LUPEMtkQqdIaG7qTvm5VZlPnkOvtDdmcLtvVxUmMW57TH6LGw6XZeiZJYttelQgxjbrjr05GzbaSf6B7_HnM__Oxng_aLG73AVaSvayHhZFlIrndFsFpagKM00p9--_eaK5kAvKC5GX7VTuLe-hASKsEJca-bwayEBDFPbFFD1VECe_Cw5wt3Ncs_1W40QghBK1KEFzPKfS4BGE3kbEI6gTEHyAV9mGcpFYeaRbGL&sig=Cg0ArKJSzMt1COhCP3GXEAE&urlfix=1&adurl=

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 17:39:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D155 122 KB
37 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:43 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066169988846"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Tue, 08 Jun 2021 17:39:43 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:43 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066164336645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28149
x-xss-protection: 0
expires: Tue, 08 Jun 2021 17:39:43 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105242203000/ Frame 0A74 191 KB
55 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b90f60459b17f2ddf447768e249c21c662e70bde6148deff13643982f93f9a6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 384815
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55246
x-xss-protection: 0
server: sffe
date: Fri, 04 Jun 2021 06:46:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9907e100ee706e0"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jun 2022 06:46:08 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame 0A74 12 KB
5 KB 49ms
23ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8de063d7075aa9a9a68120f3eb37178e85777138d4154903a2d4b187b4a893d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4568
x-xss-protection: 0
server: sffe
date: Tue, 08 Jun 2021 13:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b435c2fa80137a0e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:18:25 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame 0A74 87 KB
27 KB 43ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12993a139a46e15abb56308ef8656d80812fb748dfa88116ee6e20ad3494ae98

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 40989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27371
x-xss-protection: 0
server: sffe
date: Tue, 08 Jun 2021 06:16:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6687a81702b10306"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:16:34 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame 0A74 4 KB
2 KB 49ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de4196056e2ffb92e9e6eb78502d3ed77f71a1e8045434a907251ff0b998357

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1521
x-xss-protection: 0
server: sffe
date: Tue, 08 Jun 2021 13:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5a9e085610d63d0a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:18:25 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame 0A74 41 KB
13 KB 52ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e53b8865f7f1e34e44d14f6ff8789dd7f421e7d3c69e48dab33188ff4d99f4e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 384817
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13132
x-xss-protection: 0
server: sffe
date: Fri, 04 Jun 2021 06:46:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1bd5431ac5ac76b7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jun 2022 06:46:06 GMT

GET
DATA 200
OK truncated
/ Frame 0A74 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e2906c077cd52c18bae43790fb2db33e5770277e5b16d8843cc80e50114b5cd

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 13564037280306774609
tpc.googlesyndication.com/daca_images/simgad/ Frame 0A74 40 KB
40 KB 9ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13564037280306774609

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40f5a3b1f58ab44dcb36555013db44a3b6c41cac940ae81cca52d6fde0f1d519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 00:32:41 GMT
x-content-type-options: nosniff
age: 580022
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40455
x-xss-protection: 0
last-modified: Sat, 20 Jun 2020 16:51:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:32:41 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0A74 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 13:34:38 GMT
x-content-type-options: nosniff
server: cafe
age: 14705
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 09 Jun 2021 13:34:38 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0A74 295 B
319 B 12ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 20:37:24 GMT
x-content-type-options: nosniff
server: cafe
age: 75739
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 08 Jun 2021 20:37:24 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 0A74 0
0 15ms
13ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOfUAm5VPf8J5gWPl2viT5ppw5PNOMcIZ9C2WFlJu5DoibvZT-SCuiynnIl7cf4Uve4MMZWqWx-dssE1NFCx6SiaocDg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0A74 0
0 74ms
73ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CB2XJXqu_YNy7Cq-CjuwP-9a-iAzt-4rOYuD5v6aUDMDTsYbTARABINjqtiBg-4GAgIgKoAGriYzPA8gBAqkCzxqo_G1utD7gAgCoAwHIAwiqBPkBT9DqHbUUacT_8olXPkSIUVikV023HE2H8mMPtJyPPojqa_zGtmgauHDagtGHS6I9vp3eZ4nppP4wLvPKTRYyts9yxx-WBeMYhUhMLRmR8CLm6RUJEGfd0vBTiQICd6cDsnVZ6l2RBvI4s3a5f5SD8NzcEFlczT6NpfLZyHqxivhGFJKfnsBq-YIA2ms3QFzGfb8wCHqBCcsPEHbFvhWykBKP4MoOo6nMCfvK4-dSPze0sT3uEFmf1JUQPiEtEMFFivF3BCu9VSPdDmKCw4ergixgJPxb1GCwLMN_2DDjUIa7XRaYDDSZKwqTRHPrbzWRLjDZwtggzCZjwATu6YTnggPgBAGSBQQIBBgBkgUECAUYBKAGAoAHvfbzMKgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDaxQnSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgxMzU4OTkxNTk0OTc2NDaACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNjg5NzkwMjE5MTcxNDgzMw&sigh=xvoGEKgncu0
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105242203000/ Frame F6C9 191 KB
54 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b90f60459b17f2ddf447768e249c21c662e70bde6148deff13643982f93f9a6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 384815
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55246
x-xss-protection: 0
server: sffe
date: Fri, 04 Jun 2021 06:46:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9907e100ee706e0"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jun 2022 06:46:08 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame F6C9 12 KB
5 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8de063d7075aa9a9a68120f3eb37178e85777138d4154903a2d4b187b4a893d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4568
x-xss-protection: 0
server: sffe
date: Tue, 08 Jun 2021 13:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b435c2fa80137a0e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:18:25 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame F6C9 87 KB
27 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12993a139a46e15abb56308ef8656d80812fb748dfa88116ee6e20ad3494ae98

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 40989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27371
x-xss-protection: 0
server: sffe
date: Tue, 08 Jun 2021 06:16:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6687a81702b10306"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:16:34 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame F6C9 4 KB
2 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de4196056e2ffb92e9e6eb78502d3ed77f71a1e8045434a907251ff0b998357

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1521
x-xss-protection: 0
server: sffe
date: Tue, 08 Jun 2021 13:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5a9e085610d63d0a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:18:25 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame F6C9 41 KB
13 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e53b8865f7f1e34e44d14f6ff8789dd7f421e7d3c69e48dab33188ff4d99f4e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 384817
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13132
x-xss-protection: 0
server: sffe
date: Fri, 04 Jun 2021 06:46:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1bd5431ac5ac76b7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jun 2022 06:46:06 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F6C9 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 13:34:38 GMT
x-content-type-options: nosniff
server: cafe
age: 14705
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 09 Jun 2021 13:34:38 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F6C9 295 B
319 B 10ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 20:37:24 GMT
x-content-type-options: nosniff
server: cafe
age: 75739
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 08 Jun 2021 20:37:24 GMT

GET
DATA 200
OK truncated
/ Frame F6C9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86b001286cf030f2340243549988f1a43afbb5f136bb705c7351d56ec7874f81

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 11386206812795270405
tpc.googlesyndication.com/simgad/ Frame F6C9 42 KB
43 KB 10ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11386206812795270405?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmObpPb_NLEmxebn4h7s2jn4oVINg

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9d279f2c6f6478c35e1c6207bc709c0ef79c5c71d143b743f011f08abce82ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:02:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Mar 2021 13:30:45 GMT
server: sffe
age: 16611
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43517
x-xss-protection: 0
expires: Wed, 08 Jun 2022 13:02:52 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F6C9 0
0 15ms
13ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrN2J0ruFhM96t_0gkZJ6ugpAMg34CNeKWJjY9zneGLggnbWHuhVb9JvE8XSxGKkBd6QDeL379D1_yOp2NCjSkfn3GRA
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29

200

B20065566.305254819;dc_pre=CN7R2aXKiPECFROD3godcw4C8A;dc_trk_aid=497668517;dc_trk_cid=152176233;ord=2198166531;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/ Frame F6C9
Redirect Chain

https://924-img.c3tag.com/v.gif?cid=924&c3ce=700&C3NO=1&adid=2198166531&c3=N349404.134426GOOGLEDISPLAYNETWO-305254819&creative=152176233&redirect=~{https://ad.doubleclick.net/ddm/trackimp/N349404.1...
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B20065566.305254819;dc_trk_aid=497668517;dc_trk_cid=152176233;ord=2198166531;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B20065566.305254819;dc_pre=CN7R2aXKiPECFROD3godcw4C8A;dc_trk_aid=497668517;dc_trk_cid=152176233;ord=2198166531;dc_lat=;dc_rd...

42 B
63 B

83ms
47ms

Image
image/gif

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B20065566.305254819;dc_pre=CN7R2aXKiPECFROD3godcw4C8A;dc_trk_aid=497668517;dc_trk_cid=152176233;ord=2198166531;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:43 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B20065566.305254819;dc_pre=CN7R2aXKiPECFROD3godcw4C8A;dc_trk_aid=497668517;dc_trk_cid=152176233;ord=2198166531;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F6C9 0
0 65ms
63ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPbhoXqu_YN27Cq-CjuwP-9a-iAzc94uYY7q_jKGaDpz4jNWYIxABINjqtiBg-4GAgIgKoAHw8JX6A8gBAuACAKgDAcgDCKoE8wFP0MJZqjE0t6GoLleJI_E0OJwkNUCcGAbWNTyFvpdiV-kRif9kjiL7qGSSANkMuG8tq_JJvQma2HoPYfLA7SUWr2ygHnCGlKylAX7heLRWdcoJTzz2N8Gysz-cyt7LfvcQ2zpin08lPaHuSE2zsMKW4aqL_UVpxTBeBD4Gzv4HW9gC6bDlmg1JneaJjCvARhHkJ4d172fMzYjo0_MB9OzwzGrnI81oJdhpsX-8cVEYcBqc_Sy4XSA_DyilzCburC5rFXw5sz6grbmsInoUP-TOUHwqMK3r9k8d4mAgc9sWEXEfbQPQ8I_x-K6_xRL_aOukUxjABIj0yubGA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAeq6OZqqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEL6QB9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tODEzNTg5OTE1OTQ5NzY0NoAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi02ODk3OTAyMTkxNzE0ODMz&sigh=iFNPUEwlNuI
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame D155 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03c6c870e19fc8b985d47b502980b1d7e5f1f597a158b7a76238844c62d7693c

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D155 0
0 71ms
70ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGpeIRfalFHjkK3F6CHDwSusDX2yy8D-O0O_f717JeFkK30-z1N3pamQTqYhYlK3HWGwsVexLKgwXmdHOX10IwdyWuuqxfCPnx0wFUpcq0FW5uFlzGlONGu9fvvo5EMsHKVwZQyR3ROX2M_2i5Rm53dgsmVbSNgZcTjf3P6Y_7ae3sDivCTInw6ruoz4twSM86xyw-gFr65LLfrUCVf3WHrOfePwc_aWIWw4XS-gsFBhe8n18cy5603Tw-eENOkFrrdE-q7htAXD9EQLYcgeQ4t-SD3YFHr2-P664eaYYupf5O6lQ8LSd5Zws00W8ty-s&sig=Cg0ArKJSzKtSsteCZPn8EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 17:39:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 08 Jun 2021 17:39:43 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0A74
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Tue, 08 Jun 2021 17:39:43 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 13564037280306774609
tpc.googlesyndication.com/daca_images/simgad/ Frame 0A74 40 KB
40 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13564037280306774609

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40f5a3b1f58ab44dcb36555013db44a3b6c41cac940ae81cca52d6fde0f1d519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 00:32:41 GMT
x-content-type-options: nosniff
age: 580022
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40455
x-xss-protection: 0
last-modified: Sat, 20 Jun 2020 16:51:48 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:32:41 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0A74 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 13:34:38 GMT
x-content-type-options: nosniff
server: cafe
age: 14705
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 09 Jun 2021 13:34:38 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0A74 295 B
319 B 8ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 20:37:24 GMT
x-content-type-options: nosniff
server: cafe
age: 75739
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 08 Jun 2021 20:37:24 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F6C9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Tue, 08 Jun 2021 17:39:43 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F6C9 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Jun 2021 13:34:38 GMT
x-content-type-options: nosniff
server: cafe
age: 14705
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 09 Jun 2021 13:34:38 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F6C9 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 20:37:24 GMT
x-content-type-options: nosniff
server: cafe
age: 75739
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 08 Jun 2021 20:37:24 GMT

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 183ms
182ms XHR
application/octet-stream 35.163.108.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.108.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-108-30.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 08 Jun 2021 17:39:43 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D155 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHcCDEDzrEtmXp13FIilo4alQo_VFW6rirsa9OFjK8wScGSPAS1O02Wtm4987ThBiEsHM2ZL3amBCNzrph-0Fa6d7njpGvpyg2Vdp1DIU&sig=Cg0ArKJSzGSVaN8zt5q3EAE&id=lidar2&mcvt=1000&p=70,925,71,926&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210607&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1569744204&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623173983166&dlt=0&rpt=51&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0A74 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDOM1m7R7AtHyf1mQp4FrAPWQdCEFnfmn-k2QPulktSMflaFrS2GRbO1O3_TGCzLh_gODg6386Z0vGNNuyw7jIDB7tRqb-JBHK5-MlUj1PcTstluODvO_MJxNYjQ&sai=AMfl-YTo3roksRT8AUbKWLtppvKXVZ-dvv36McmIiZhH6sp0OQYzdDj5hKG8uKVplr6TTwn7lJkIUBj7XGwVcgeX6kKu3-33susLV3uDZ0aVCuLCbh7EuUoG2lyt9__1&sig=Cg0ArKJSzNbG3QrrtWoZEAE&cid=CAASF-RohR0BCZHrBZ8_oaDqAvB-8aR3Ss0Z&id=ampim&o=315,684&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=70&tls=1070&g=100&h=100&tt=1070&r=v&avms=ampa&adk=1045808715

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 2919 995 B
875 B 2549ms
32ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newser.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=8884958538427554348; anj=dTM7k!M4.FE:2jUF']wIg2GU$rKHj(!@wnfH8KW.dG5<#Z0wW'qOHi?qy^hvq#(inG5HoBFoyYjn=^<yn.mPlCsUIrl>u_L%(2K:$doS]%6lO2PH=]i
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newser.com/

Response headers

Server: nginx/1.13.10
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 08 Jun 2022 17:39:48 GMT
Date: Tue, 08 Jun 2021 17:39:48 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 9D80 0
0 1437ms
1435ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newser.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newser.com/

Response headers

date: Tue, 08 Jun 2021 17:39:47 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0a8e4e9503000032b0840ad000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 65c3e6ce6a2032b0-CDG

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 5003 926 B
1 KB 2537ms
43ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host: biddr.brealtime.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newser.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newser.com/

Response headers

Date: Tue, 08 Jun 2021 17:39:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: q6oXyGsuXCKOZ9D1x80oW+Sbu+qJQ9E+FbVw3cTUPQs2fXOI61uR2UBpqjYlw+BgSIJdW+yW6uo=
x-amz-request-id: 289H8Z8FZ2YP2EST
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 5001
Expires: Tue, 08 Jun 2021 17:40:48 GMT
Cache-Control: public, max-age=60
cf-request-id: 0a8e4e99410000ee6dbca02000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 65c3e6d539bcee6d-CDG
Content-Encoding: gzip

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C6E9 38 KB
14 KB 2585ms
45ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newser.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newser.com/

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=45594
expires: Wed, 09 Jun 2021 06:19:42 GMT
date: Tue, 08 Jun 2021 17:39:48 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1F7E 281 B
554 B 2529ms
28ms Document
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newser.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KPOBVNGP-O-9B5R; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu3J57ieEXOusT2oBmbGEEDOX0n2Rlut8GxbuRhZpEEVM57hFBxK9zXGU6NbOrWuFfy3ODDDQuXOwEMwY3qfyPYub65WxIUoBYf1EQfSd4dkw80=; ses2=; vis2=345018^1; audit=1|0o8zzNO5o4YBhoLBW4qaRHQnVL2heOLCHYwBsFCf2YRVRVl3d1dA/k9r7w7S5A7Pcpj76PKZXj9ht+yyOkJ/EhWZCH90eezd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newser.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 08 Jun 2021 17:39:48 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 86ED 1007 B
862 B 31ms
29ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 67b0435b9e394199403bc842b4a2d926d94a41dac9374f1408c493fade493973

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newser.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=c4c137fa-2fe3-03bd-2a6a-d205b06edaa5|1623173980
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newser.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=c4c137fa-2fe3-03bd-2a6a-d205b06edaa5|1623173980; Version=1; Expires=Wed, 08-Jun-2022 17:39:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1623173987|mOgegqnskin0vNomiygu; Version=1; Expires=Wed, 23-Jun-2021 17:39:47 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.208.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 08 Jun 2021 17:39:47 GMT
content-type: text/html
content-length: 544
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame 0343 75 B
289 B 341ms
112ms Document
text/html 208.100.17.181
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=auLbLMbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=auLbLMbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newser.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newser.com/

Response headers

cache-control: max-age=86400
expires: Wed, 09 Jun 2021 17:39:47 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Tue, 08 Jun 2021 17:39:47 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame 662B 75 B
289 B 336ms
113ms Document
text/html 208.100.17.181
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aYM3dqbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=aYM3dqbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newser.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newser.com/

Response headers

cache-control: max-age=86400
expires: Wed, 09 Jun 2021 17:39:47 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Tue, 08 Jun 2021 17:39:47 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame 0999 75 B
289 B 335ms
113ms Document
text/html 208.100.17.181
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aAb9LgbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=aAb9LgbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newser.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newser.com/

Response headers

cache-control: max-age=86400
expires: Wed, 09 Jun 2021 17:39:47 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Tue, 08 Jun 2021 17:39:47 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame 4FCC 75 B
289 B 333ms
113ms Document
text/html 208.100.17.181
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aVbmTmbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=aVbmTmbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newser.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newser.com/

Response headers

cache-control: max-age=86400
expires: Wed, 09 Jun 2021 17:39:47 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Tue, 08 Jun 2021 17:39:47 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 83aa6ee7-16c8-ae03-416b-0c182b1e2411
pr-bh.ybp.yahoo.com/sync/openx/ Frame 86ED 43 B
922 B 98ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/83aa6ee7-16c8-ae03-416b-0c182b1e2411?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:47 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 86ED
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=dWV2CdvQ1LQFHB5

43 B
106 B

26ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=dWV2CdvQ1LQFHB5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:47 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 17:39:47 GMT
Server: PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-0a3ddc230a4e51549@eu-west-1b@dxedge-app-eu-west-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=dWV2CdvQ1LQFHB5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 86ED
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=523fda2f-81d9-45a6-bd19-5ff064931c35
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=523fda2f-81d9-45a6-bd19-5ff064931c35
https://x.bidswitch.net/sync?dsp_id=4&user_id=487d49e8-f999-4a79-8324-4de2b9c7e6f4&ssp=openx&expires=30&user_group=5&bsw_param=523fda2f-81d9-45a6-bd19-5ff064931c35
https://us-u.openx.net/w/1.0/sd?id=537072968&val=523fda2f-81d9-45a6-bd19-5ff064931c35

43 B
106 B

26ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=523fda2f-81d9-45a6-bd19-5ff064931c35
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:47 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=523fda2f-81d9-45a6-bd19-5ff064931c35
date: Tue, 08 Jun 2021 17:39:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame 86ED
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbTNFN0JmMWNBQURNaE5YVmpLUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

37ms
37ms

Image
image/gif

52.209.246.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 08 Jun 2021 17:39:47 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 86ED
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=21da60bf-ab63-4900-8e13-cf99d1cc7e06

43 B
106 B

25ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=21da60bf-ab63-4900-8e13-cf99d1cc7e06
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:47 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 08 Jun 2021 17:39:47 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=21da60bf-ab63-4900-8e13-cf99d1cc7e06
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 08 Jun 2021 17:39:46 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 86ED
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=GmEax00zTcIBM0rHGmdVkUgwQZQBYEDCFGDoUJAn

43 B
106 B

25ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=GmEax00zTcIBM0rHGmdVkUgwQZQBYEDCFGDoUJAn
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:47 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=GmEax00zTcIBM0rHGmdVkUgwQZQBYEDCFGDoUJAn
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 86ED
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1953520803289218904

43 B
106 B

25ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1953520803289218904
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:47 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:47 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1953520803289218904
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 86ED 70 B
265 B 115ms
37ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=176d08a3-8664-3c4a-70bc-1aedd449e958&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 86ED 170 B
188 B 39ms
38ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2IwMmRiNjktNGYxMy02MmVlLTY1NWMtNDA1NDFlYWIyNzM4

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 86ED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEfouM9FMPrfdHRyDVQAjkQ&google_cver=1

43 B
106 B

32ms
31ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEfouM9FMPrfdHRyDVQAjkQ&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:47 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEfouM9FMPrfdHRyDVQAjkQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1F7E 31 KB
10 KB 39ms
38ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4592b5399bc58b3ac8489919a755c75ff74866cfb8071543bd223885abcad17

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 17:39:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 21:12:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=74463
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9302
Expires: Wed, 09 Jun 2021 14:20:51 GMT

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame 2919 0
750 B 136ms
76ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 17:39:48 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.133:80
AN-X-Request-Uuid: f2d3ed16-b70e-4f08-8b00-8eba32f826a2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C6E9 3 KB
3 KB 120ms
37ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83740061&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 3620bfacbeb3e5740f82e5d6ac746f5888ae29de10d9900edc3246994678572f

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:48 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1F7E
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWNiY2I3NmZjNzM0NTU5MGM5ZWE0NzQxMGQ3ODQ1M2Y1MzM3ZjBhOA

170 B
188 B

39ms
38ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWNiY2I3NmZjNzM0NTU5MGM5ZWE0NzQxMGQ3ODQ1M2Y1MzM3ZjBhOA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWNiY2I3NmZjNzM0NTU5MGM5ZWE0NzQxMGQ3ODQ1M2Y1MzM3ZjBhOA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1F7E
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/myRlZc7qBKkR2c0ZV4A4CA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1219350307136908981

0
239 B

30ms
30ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1219350307136908981
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

date: Tue, 08 Jun 2021 17:39:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1219350307136908981
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 1F7E 0
0 26ms
24ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 1F7E 70 B
264 B 39ms
37ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1F7E
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BPQlZOR1AtTy05QjVS

170 B
188 B

39ms
38ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BPQlZOR1AtTy05QjVS

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BPQlZOR1AtTy05QjVS
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 1F7E
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPOBVNGP-O-9B5R&sigv=1&esig=2~245d1476542f31145879f05a9c6a737944a13231

0
445 B

21ms
6ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPOBVNGP-O-9B5R&sigv=1&esig=2~245d1476542f31145879f05a9c6a737944a13231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:48 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPOBVNGP-O-9B5R&sigv=1&esig=2~245d1476542f31145879f05a9c6a737944a13231
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1F7E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=21da60bf-ab63-4900-8e13-cf99d1cc7e06

0
239 B

32ms
31ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=21da60bf-ab63-4900-8e13-cf99d1cc7e06
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

Date: Tue, 08 Jun 2021 17:39:48 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=21da60bf-ab63-4900-8e13-cf99d1cc7e06
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 08 Jun 2021 17:39:47 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1F7E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YL_rZAABoSY4rwA4
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YL_rZAABoSY4rwA4&_test=YL_rZAABoSY4rwA4

0
239 B

30ms
30ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YL_rZAABoSY4rwA4&_test=YL_rZAABoSY4rwA4
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1623173989.045505,VS0,VE0
x-served-by: cache-hhn4028-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YL_rZAABoSY4rwA4&_test=YL_rZAABoSY4rwA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 5FD9 35 B
467 B 42ms
42ms Document
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=A5F6FE14-C14D-4F37-9D2A-D641A3C05C03

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?party=14&cid=A5F6FE14-C14D-4F37-9D2A-D641A3C05C03
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; uid=1953520803289218904
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 08 Jun 2021 17:39:48 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=1953520803289218904; expires=Sat, 07 Aug 2021 17:39:48 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pubmatic Show response
d5p.de17a.com/getuid/ Frame 63E7 35 B
134 B 152ms
49ms Document
image/gif 213.155.156.164
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.164 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method: GET
:authority: d5p.de17a.com
:scheme: https
:path: /getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 9DBB 43 B
347 B 63ms
20ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 08 Jun 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1364
date: Tue, 08 Jun 2021 17:39:48 GMT
content-length: 43

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C6E9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pfb-FMFNTzedKtZBo8BcAw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

39ms
38ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:48 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 06:44:25 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-2080-5c3aeac410031"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=151436
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 2586
expires: Thu, 10 Jun 2021 11:43:44 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame C6E9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=21da60bf-ab63-4900-8e13-cf99d1cc7e06

0
261 B

109ms
35ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=21da60bf-ab63-4900-8e13-cf99d1cc7e06
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:48 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 08 Jun 2021 17:39:48 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=21da60bf-ab63-4900-8e13-cf99d1cc7e06
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 08 Jun 2021 17:39:47 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame C6E9
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=A5F6FE14-C14D-4F37-9D2A-D641A3C05C03
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b555c81594a760d76380b70f52af826b

35 B
247 B

116ms
116ms

Image
image/gif

51.222.80.231
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b555c81594a760d76380b70f52af826b
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.80.231 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns574734.ip-51-222-80.net
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Tue, 08 Jun 2021 17:39:49 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b555c81594a760d76380b70f52af826b
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C6E9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTVGNkZFMTQtQzE0RC00RjM3LTlEMkEtRDY0MUEzQzA1QzAz&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

75ms
34ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:48 GMT
cache-control: no-store, no-cache, private
x-lat: amspug011:0:403
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C6E9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJRQJOeTrLRmG-k13UFyC7U&google_cver=1

42 B
441 B

72ms
34ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJRQJOeTrLRmG-k13UFyC7U&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:47 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:390
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJRQJOeTrLRmG-k13UFyC7U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame C6E9 43 B
409 B 35ms
31ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 07 Jun 2021 17:39:48 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C6E9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1953520803289218904

42 B
545 B

84ms
27ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1953520803289218904
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:435
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:48 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1953520803289218904
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C6E9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:21da60bf-ab63-4900-8e13-cf99d1cc7e06&gdpr=0&gdpr_consent=

42 B
340 B

56ms
28ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:21da60bf-ab63-4900-8e13-cf99d1cc7e06&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:557
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 08 Jun 2021 17:39:48 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x3
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:21da60bf-ab63-4900-8e13-cf99d1cc7e06&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 08 Jun 2021 17:39:47 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C6E9
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=574ce940-cfae-42f9-a38d-d2b1ac0fee02

42 B
291 B

56ms
28ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=574ce940-cfae-42f9-a38d-d2b1ac0fee02
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:394
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:48 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=574ce940-cfae-42f9-a38d-d2b1ac0fee02
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C6E9
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8884958538427554348&gdpr=0&gdpr_consent=

42 B
210 B

84ms
34ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8884958538427554348&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:48 GMT
cache-control: no-store, no-cache, private
x-lat: amspug010:0:399
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 08 Jun 2021 17:39:48 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.74:80
AN-X-Request-Uuid: 6c28392c-ec33-4811-8899-5d9b065b8a9b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8884958538427554348&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 A5F6FE14-C14D-4F37-9D2A-D641A3C05C03
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C6E9 43 B
193 B 35ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/A5F6FE14-C14D-4F37-9D2A-D641A3C05C03?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame C6E9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A5F6FE14-C14D-4F37-9D2A-D641A3C05C03&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5.M8AstE2uXbHcaoNiih_rjJPRYklMU-~A&gdpr=0&gdpr_consent=

0
48 B

35ms
35ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5.M8AstE2uXbHcaoNiih_rjJPRYklMU-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:48 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 08 Jun 2021 17:39:49 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5.M8AstE2uXbHcaoNiih_rjJPRYklMU-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C6E9
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Mx2uemRP-X8oT_56MxvhLGFM9SkoHPR_PRzmWVOl

42 B
584 B

103ms
33ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Mx2uemRP-X8oT_56MxvhLGFM9SkoHPR_PRzmWVOl
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:39:48 GMT
cache-control: no-store, no-cache, private
x-lat: amspug009:0:365
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Mx2uemRP-X8oT_56MxvhLGFM9SkoHPR_PRzmWVOl
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 98ms
98ms Image
image/gif 18.208.31.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newser.com&p=%2F&u=CpoQQBBPWU5NBk1uPF&d=newser.com&g=19359&g0=Home&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=2850&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1277&t=DiMtW8aHbowDzUlHTDTxF7-BlVFuC&V=126&tz=-120&sn=2&sv=8yx4dDLiB46B4ZWcLwv6T0CK_GTJ&sd=1&im=062b073f&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.31.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-31-26.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 17:39:55 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

Verdicts & Comments Add Verdict or Comment

632 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USPAPI workflow exceeded timeout threshold.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: CMP workflow exceeded timeout threshold.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	log	URL: https://www.newser.com/(Line 3556) Message: NewserConsolePWA: Service worker registered, scope: https://www.newser.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105242203000 https://www.newser.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105242203000 https://www.newser.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4a0da0c88ec7e709c3f92d0f2c3a4bdb.safeframe.googlesyndication.com
924-img.c3tag.com
aa.agkn.com
acdn.adnxs.com
ad.doubleclick.net
ads.creative-serving.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.fr
apex.go.sonobi.com
api.ipify.org
api.rlcdn.com
as-sec.casalemedia.com
bcp.crwdcntrl.net
bidder.criteo.com
biddr.brealtime.com
bids.proper.io
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdn.districtm.io
cdn.engine.4dsply.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
d5p.de17a.com
de.tynt.com
dis.criteo.com
dmx.districtm.io
eb.proper.io
engine.4dsply.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
global.proper.io
googleads.g.doubleclick.net
hb-api.omnitagjs.com
hb.emxdgt.com
hbopenbid.pubmatic.com
i.simpli.fi
ib.adnxs.com
id.rlcdn.com
id.sharedid.org
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img1-azrcdn.newser.com
img2-azrcdn.newser.com
load77.exelator.com
loada.exelator.com
loadm.exelator.com
loadus.exelator.com
match.adsrvr.org
match.prod.bidr.io
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
player.propervideo.io
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
propermedia-d.openx.net
rddywd.com
rules.quantcount.com
s7.addthis.com
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simplifi.partners.tremorhub.com
ssc.33across.com
stags.bluekai.com
static.chartbeat.com
static1-azrcdn.newser.com
static2-azrcdn.newser.com
sync-tm.everesttech.net
sync.bfmio.com
sync.intentiq.com
sync.mathtag.com
sync.search.spotxchange.com
syndication.twitter.com
tag.1rx.io
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usync.proper.io
v1.addthisedge.com
www.google.com
www.google.de
www.googleadservices.com
www.googleapis.com
www.googletagservices.com
www.newser.com
x.bidswitch.net
z.moatads.com
104.117.200.100
104.16.68.69
104.17.119.107
104.244.42.136
104.75.88.126
142.250.181.226
142.250.184.226
142.250.186.38
151.101.114.49
159.253.128.188
169.50.137.176
172.217.18.98
178.162.133.150
178.250.0.163
178.250.2.131
18.195.105.17
18.198.115.155
18.198.126.47
18.198.69.109
18.208.31.26
18.211.29.63
185.255.84.150
185.29.132.144
185.33.221.53
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.94.180.125
2.18.232.130
2.18.233.180
2.18.234.21
2.18.235.40
208.100.17.181
213.155.156.164
213.19.147.43
213.19.162.21
216.52.2.39
23.45.99.241
2600:1901:0:8eee::
2600:1f18:612b:4232:1f73:43cf:8eeb:9521
2600:9000:218d:a800:6:44e3:f8c0:93a1
2600:9000:218d:ec00:18:1fcd:34f:cdc1
2606:2800:234:59:254c:406:2366:268c
2606:4700:3035::6815:40f1
2606:4700::6810:9f11
2606:4700::6811:4e22
2606:4700::6812:9eea
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:46::67
2620:1ec:48::67
2620:1ec:bdf::67
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a02:6ea0:c700::10
2a03:2880:f01c:8012:face:b00c:0:3
3.126.56.137
34.107.148.139
34.120.133.55
34.205.51.230
34.98.64.218
35.156.10.121
35.163.108.30
35.164.25.130
35.176.232.241
35.227.248.159
35.244.174.68
37.157.2.238
37.252.172.37
40.114.51.62
44.236.110.255
51.222.80.231
51.89.20.87
52.209.246.140
52.222.174.42
52.222.200.121
52.48.248.240
52.59.128.17
52.59.79.213
52.84.174.22
54.225.165.85
54.72.206.11
66.180.64.123
69.173.144.139
69.173.144.165
76.223.111.131
0007662b9dc39b55b43a2c4a698a11e0dd2c122fd8c4bf602e95be0cd83805f7
008c726bce98bec80bafa24f69205d40c3c734c7751cb0dffdffbd1ab589fc3c
0181d4351f7aa2b2fd35eb1e554d9e2c1294479e6921e7901e4fa1f42e56a9af
0380a21e1ee3f35b49ecee1398a8362b161c5f5d20b812c48abf5d964bc2683e
03c6c870e19fc8b985d47b502980b1d7e5f1f597a158b7a76238844c62d7693c
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06bc9b6fcf7806e9b964d19c6f8b8df949ed09f24cb11691e5724942ad583dbd
08532adc62ea92384c133ab84eaad9bb9b63da30d1e6fe5549c556d0186edc2a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c400382f8aca5b09fdf62e79d281ced69b14646f87b863dc9ff15beeaeb3609
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10169bd91eab033d188a08ba313687a577d5a0b74476bcc09d0ceb1f6dc008e5
1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a
12993a139a46e15abb56308ef8656d80812fb748dfa88116ee6e20ad3494ae98
185b7539076b9f8d807c5740180aac4e2a4b3bc2912b4e9485950ccddb4cb39e
18f8efaf289734dbcfdb53ff9205317eb38e50c9370d860d0dd249abd82cd74f
1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0
1b33e7ec1ece87c3c94825eb3f254b7437ccaf644cc20240e58b929bb73475b1
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d
1df4929facdfe1b4521afbc2c5574211d9e50abf579d5f0bf12b17ec27fab279
1e53b8865f7f1e34e44d14f6ff8789dd7f421e7d3c69e48dab33188ff4d99f4e
1e9d7cbc625bd4b714d58e770b3e5cc860d44f6b1ffebc3165e2c0abb9ac618e
1fcb5e175a00cd189b261593c1e787dad954744a996c6e2940765f7e32bdd70c
21349b60e999f29bb11fd1384e57ea43faf7bb39d7822e81c1e30de505663228
23ad9ab24753985d4afbee07f707d82936e74268e985c0bccfbeee693389c40b
29466881172c8d4a791418d9b98f0d7019032a7f28889718c728aecb4fec451f
2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762
2b5ca4e07a1f92d905eb10d7801194fa1bbb4f0025e0d0fbef627f13d685e20a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ef77ab513046ddab775f3c74d55ba3e305c87c86f723b3b58615af5a6f4c897
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba
307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb
316f775333e0567a2ea23141b96349652855962025964f0ba097c64c06fb639a
3172dac8fffe80904a45dcf4013556cd569e4491c5437d7da947368f8fdc7246
31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b
33441582855b8d5f33a549088fbd6896a7a319ec46e207f54a5403c811f62e4d
35020cceeafbd3103ee7dda3e26d96d7fb84d34af931e5c9bc627c80aadacd81
354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3620bfacbeb3e5740f82e5d6ac746f5888ae29de10d9900edc3246994678572f
3a70652ce79fe560cac2c3ad4927e0aacc0dd19f7fc6bad37baaaaa4d95d5dd4
3b556e6cee32c4b0c80ef893fd00eaea90330b3a127a8dffecabbedaf6aba7c5
3b90f60459b17f2ddf447768e249c21c662e70bde6148deff13643982f93f9a6
3cdb7d7bff5e53b7d7dd697e23b8a55711b15805cfed2fb3f1649d33ea99f018
3e2906c077cd52c18bae43790fb2db33e5770277e5b16d8843cc80e50114b5cd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f9ebf128c9383c5fc8f3a73439f0e2dfb997f34318383e554b124e37c319c2e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40f5a3b1f58ab44dcb36555013db44a3b6c41cac940ae81cca52d6fde0f1d519
4276a54108e7c6b43655cd4e49fbe97a02a5806749101101fb7fb07ad195704e
436ee9f55ae856f23877c27e8e3864baa1e4491ce5047b13bee7b1f8ca5d8e6c
4378d967cda23be4c97dca5684694ba8e2a8ea25a06a4e46b3b0ff67cce47994
441ade9ef5cfed957f816834d80b38bb6e7694c502d4728f20a4b3f203f4bb78
44da54fd69c8966482bc49d3744fff0a7fd944dc2dd5732d9f710da7df4329bf
459b02cb131affcd202cbdd3264681cbaab647ed270a0123498994fa5856f052
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
496dc8114b042b4a7953194447f862e9b03061221b458c63f4d8a5d04765dd67
4b11b4bd9c4af018fddff7bf9f385c6392bc1f9b426ab6af90a0ed90158c702c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be7166c5a0629bb6a48dd728b6b4310f641011bfe612a365a21c0a1e7d91da4
4c7d09915bd5535cc0df08b27b3a761a22746d3e33881155f981bc0650816555
4df9b57fb94e0dfe71fed5fed597462be8cf5494392e1c00f7bcb9cf2e7fb004
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4edb3410fd8084caab9a119138dda714031928efbab26ff4e8fc0b786ced85d1
50d8bfa86f8131b9d007a853da9a8f97398b7d7b1f7f529696bc662566a86ce9
524b71a92404a1b6eadc5046f736849a1f1437b66ef3ea45b147849e12bc48c8
52d55efd325feebafd3047a26441624e27dc6f71e874b50e707a59aa2c84b777
533b0dc19d50a0dde4b1b559923aa524b838a93204d9ec6d118c21d81ac5f65f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561b9a903f36ae2093c20b2766e9d59ada0f131502cee43555ee8d3ce7d8c582
5b041a6f457e508b5982d4c76d3fe29801756d39d73c4b7724099e6b5dcac5ce
5b6f3806c04b7c91d2ee5cf8f42b31343a9d33ea62ad9d0506cfa1be078477d3
5d835db01378c567ad3c4e518bcc2f542a677cb335d7e24e4b81340b7c97a5f0
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
604a724a6f7d51e5672eb117995d826d5e52a9f159db3318b5c21fda3374e35d
607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
639f52c5ec3b172320d736779fa3307791c109e88d6f5b65729a0b211092f6e8
64101892a187f46af455204de8f3ed19fd091ff5c5c921a1488e63b3e24d51fa
64ade02a75ab6bc81a860f9ccb07c3f2dda41d6fdbcf0505eda5d4459080ab61
66f5ce1449dd4f1f6cf64df36e5cf119a4af9d2f1da9699154a66376686825c7
67b0435b9e394199403bc842b4a2d926d94a41dac9374f1408c493fade493973
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d4043d0b58bc072f1a9d8cbc9537842287baadb2b1ca78d6c8bdc1117932137
6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14
6f0820683115a3e36ab59f75d4a025ecc17ea6921b6c67444a026aed069a5686
6f09179353275ddcbdf92ab445530bd6b7ab1f5c4021ef1c6f864bba1725f2ce
73066c33e8ea7ac3605b0c9022722bec94a418228e219777a58ba7596d85a8f8
74554acbf651d2569c1f4c9b9158bf3a0a7fe2bd88206974b9fbcf73554639cb
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75c0f5f25e27b3a90a096504b28eb85c04f68d0792e9236f98a9c88a5d8f5614
79e46517de56a67fbd85029639b513c291ec89f5298ea172978ef9248411ae0d
7a0a40ff3cfe0b48d30d3916371287ddd78d13109b8c85da90bc25aaed3d2aa8
7ad9792f028e5b7446d976532a9b71b78c5c6ec55d7c1e71311f2bbd14fc6cc1
7bd3930cad338245d904700ea5a4dd7263a72d0518af7c5e78c7a20fb62e8f27
7bf3bfd3c36843e8adabdd3fb9316636ed4add6c87f3b1cda17b78b271ccbaf9
7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95
7e6d53dee544a72c3a6587f99b2983223c31948bfe0bf8c474239fe827a9a3f7
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8094fe54e20198e93bf1eed4a50058fd0088c1a711f8a66f9fbd1a95879e1f1f
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84447bc455ec9b32d8809c3e627a39d28e249b9a4ad5470b12ef5d3c8af2f5db
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86b001286cf030f2340243549988f1a43afbb5f136bb705c7351d56ec7874f81
86c5a757cc22de3bc18dc615532cc5bf01ab05bfe41a4880644a26918e188eaa
870c196156856ec66eb4e1d7b376eca50e218883c93775524484b4fe4603f5ed
871a8f1084b6a27c4a67c854ba86e745d89be827f9bbc9057cbf3e535722cee1
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
89024f4bea3b56e902aa3b4c36cb77e0d94ea62820904908143bb7152d64087d
8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dda830f48c573d57d24ff08f297a40315e20f5fe83f46511fd72593b6e8240d
900ba15a85e0df2cf379e089480e9f22d18ee7657e3e344452f0603bdde7b9d1
919d9ac345e284c3dff8b06950da505823990d70c83ff3b9e25fe2f5fd64b9aa
9223f3e75b12b4787ba6e4f9d9a7fc768e7c4c37b9b745b38c82c17dd3b677bb
92a2fc6cc9cd39249eebb8dab7e6c26275727e0779deefb14cc6a07bf44b0555
9425c5a5a1902cad844048fb84891cb8fc3360775c40d0723e48f148be6756c6
945d30c39a5423493061f7b0e82ba52fca6ff52b74310a211acb4f64ab33413a
96fd351965e58d24cc996096987bb6d24675055446751ee3ff9fdd78431e0e22
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269
99947888a51dc4502b01c7ce5d1c0e0ec7aa863599dbc69dbfba3c93622c7abe
9a964181810a135a899f108fb77498a20cf0ce9c128bd38968e9f9d8d8180ed6
9c4005cd4a7a9d5dff1d1ae617bed4d68d53ae11745d7a441be07eda8a8544a5
9d0fb07552a320be992bc4383d6fbd266036d2b93593144023e6103cd8461cbc
9de4196056e2ffb92e9e6eb78502d3ed77f71a1e8045434a907251ff0b998357
9df7c72d32d76dc410949b91fc933432ee2f861921435df78ccc3f1f9aff300b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b
a190f38ed1ef836f8443c9cc5a5adde984aeb598025b299805dcbd58db78e694
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2fdc0616f8f2463f5894e2ce6d1606d1e03ee4eb8bbfc95904ba619c0650eac
a31e757e13bc988e0340eaa13d71f4b219e203379d7a58a77a4066e8689ece46
a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a93a6e98976761442115f82982ee41ad4f1460b239d51792608b4d96f7bc50eb
a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6
aa766499c95ceff3bd9044255f02a89758553a62e657b350e3abbf9ee29bb0d2
aa79efd706b6a76332dc5dd13b59caad8b5c28c6f5e9a7b828fa6bbf0d4babdf
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
acef605a09d5b9b4ef3757aad919e6d14179144b812a1a04ad6c1da9d46646a7
ad668da6debc1b1754a49e828c7cd16c672adc9faf67dba9f27eb88a9daba43b
ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae
b06e5dd8db4f28a20cc36c07af7b482cb571e22ebb3a5badc1d2f2840d1f27aa
b1315ffe975f1fef37c344bd634531402fd4c981ef0c82b3248880d4f45c83d4
b44eb85c6d5c5c01e075166a2ee52630b0b23ae43db3b2c4fe42ffc4e110cf2a
b4592b5399bc58b3ac8489919a755c75ff74866cfb8071543bd223885abcad17
b58ee3d7b8cf7715cb2efcc2910ced1fbeeac027b23a5f5b600cd8c07c100b1f
b8de063d7075aa9a9a68120f3eb37178e85777138d4154903a2d4b187b4a893d
ba185f22be3980058ec224e05365077d02ae5152bbbb634071126026fca365ce
bace79d4918a28acf1fe4a41fdd448c7c59d95c8f713c45770e26e6627563952
bb1e05acff04f501aacaa5fdd7a734f8cb3ba80266a9b6a7055279d0d454fca2
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703
bc7f0ed7f14303dd340586a683b52d14ca6476d04bcaab93f0a4035925ecde39
c00e4b444e4089660152f10bb0cf87d45be907756bf33150841afc2f8a69d791
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
c0e2de1910c51b9146fec0cc847f64b28a62b86f030e1ea05a7d8b05c130dc9f
c4e09813ba7b0617e00e915dd9083bc2df319576c6609ecd0ff87098085f984d
c52463aceb07e0b4eb96bdfb682fb8647fd57e58180dcaa65dd7d552be05f82d
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca431cca290d2b921319076610824b45bb2f2941dacf556278230b0d15de567c
cc3a4b53b63b77e5e87e17b205a2c233c250a824bdfef529a444b04c166fff5d
cdfe5a2996f0d454a5d194782e0853c45c5a85f6641bf363b298dc31473ffed8
cec5b3c1001b1619366235c0292aa59ce02bf72e777e0596c2f194e72d885fcd
cec7b2721600fc433be3b780052a35fac1df2d3b94dffa85af9aece30c32e664
cf07864a99b032b37e568fb5614aabf6bfa60e1456bcf5d3c72acd78783c28e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20
d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c
d1a444f882274ae345d0c6d8c38e71cfd078a90b8411084dfaabf313b6afcb6c
d215966f74fa3530bb64f94d626a78f78b95b7d683ccb3aa007afddd871a017a
d68f21629b7eae4c0c16bd06026a156f94a17377f5dbe7fc2fa85b98216792da
d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857
d8ba79bccc9b0f12cf27ebbd0a60582ddd85b4657d99d3463d37437e9429d351
d8ea30662b14d542bf54eda54a28081242310b3be6db3a48ca63a442e7ddc84e
d8f64ca73c0faaf5d9d1e56252a2d89a23262ea516e7d731adaf5f255d4081a3
d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211
d9b41e301c9316cd379dbdbae2ca394215cd23668b0c1896019e9230a187fcf0
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dc4e649b5fd57b75ee14e5eb63ef664f013d82ec8da4b7e5ee1b211a5e424344
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dde8fca46a16df5fba8d4ef8e18512c06c58e5524355da4c4b770a7206a4227f
dea93fb8cdb1cb62aeeec494c5c90ca086ae41fd3b5eda55e6b673830dfb8bde
e090bb51a19e6b1ccdfc41dde5171fcd4b769dccc696aac2bb8deccc433797f7
e12e6bd02faeec87b92bbdf4749500fad768dd1fd44b50324ac94143088a15b2
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e35fa0fc21755c516f05f4ac28bdb5a08900623d07ba3f22a0b2ba1011e05303
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc
e43d5136fbbe9f8d50b7c0baf5d124fe00f4adf82e5ab68cb98030af170a5ae8
e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb26e601ddf0d3a6c39e2aec3b99d964dfe235cdb5dbf4754c6151fc658fb179
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ecb6d99b58703f5593bcf755b75c3f3e8a7d841d1a9700f6703a7d7dca7c079b
ed16a406bb2d80d3564f827caf0688c307215fa1b75952654ce7592e75878512
ed2deaeb09a041cfb3d360682c3ef2aafb797efec093fb8b7641c2f681bcf6eb
edaf3e511dcae71a8975fc2b0de45596cfef5cbaf145f3d7abab6bafcfa55f93
eddab757ee06928b40fde4d70e5968615046e77461b34d48504aadc66dd097e3
eeb8347bb842400d155509a0fc1c92fb1e6b5b076f1311aea3bfb6aa764bb76b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3
f0423f032cb9d9b95be2d37abb4d0ad02363b32f15fb1c399025ffe9cd093321
f04a70b08b6496a53926eff3cf30c3ab6aa2dcd3c2442f42cc50eb447c38e8b4
f05dff5a881c3c76b8158abe39eb92a74c6770ca1f2ba2504fdd32ac429616d4
f07071bf9000cd46e1be920a4c077531abe266c952222ad6dedf29e3e12a0ba2
f0725715eef7e5bd7c49e181a8424a531139e89650733a4f0654c568028beab6
f0a676643bcd2a9b5db09aef8597e17f63383fe14b4c2cbb6e19422aa56dea5e
f210ba8b4f58fc7a6cd87ae3fc9ad2e9ca61a18b4e0fa6a0152616b7536e1774
f24acb6d731ede7c52c60bfa8f5fefa36d4b92789ea49d45b166040bd8d217f2
f277ee8b54ee26d395d6464a6204090216c768eb57f708bbfe2d2b89ffbc42b9
f32d23e2698ffb31c43c96733607bee16d5ef94cd42d90306326e7f6cb7df10a
f5ce322a5871c1ece90c4c3a919ed4820762aad25de95fcfc560c873a286806f
f84592296bce21da87c6d21e4f4ec2ab274413a2f3c0e4132ec15426f1e4d14a
f9d279f2c6f6478c35e1c6207bc709c0ef79c5c71d143b743f011f08abce82ba
fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077
fd373f68624bd574851d363318788519b835d93dfbd5d9cbf1f870bb6c9402be
febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8

www.newser.com Open in urlscan Pro 40.114.51.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

319 Requests

99 %HTTPS

29 %IPv6

70 Domains

110 Subdomains

86 IPs

9 Countries

6115 kBTransfer

9271 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

319 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newser.com Open in urlscan Pro
40.114.51.62 Public Scan

Screenshot
Live screenshot

Full Image

319
Requests

99 %
HTTPS

29 %
IPv6

70
Domains

110
Subdomains

86
IPs

9
Countries

6115 kB
Transfer

9271 kB
Size

0
Cookies

319 HTTP transactions
3 data transactions