mnewsr.com Open in urlscan Pro
2606:4700:3031::6815:1237 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mnewsr.com/
Submission: On November 24 via api (November 24th 2023, 1:56:14 pm UTC) from US — Scanned from US

Summary HTTP 154 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 31 IPs in 2 countries across 22 domains to perform 154 HTTP transactions. The main IP is 2606:4700:3031::6815:1237, located in United States and belongs to CLOUDFLARENET, US. The main domain is mnewsr.com.
TLS certificate: Issued by GTS CA 1P5 on September 29th 2023. Valid for: 3 months.

This is the only time mnewsr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3031::6815:1237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
10	2606:4700:1::... 2606:4700:1::6813:824c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:806::200e	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
3	2400:52e0:1a0... 2400:52e0:1a00::940:1	200325 (BUNNYCDN) (BUNNYCDN)
21	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:824::2006	15169 (GOOGLE) (GOOGLE)
1 2	34.197.147.140 34.197.147.140	14618 (AMAZON-AES) (AMAZON-AES)
6 9	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	68.67.160.137 68.67.160.137	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	23.200.197.46 23.200.197.46	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:612... 2600:1f18:612b:4264:a025:b051:5a6f:e1dc	14618 (AMAZON-AES) (AMAZON-AES)
1	38.91.101.241 38.91.101.241	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
4	142.250.72.102 142.250.72.102	15169 (GOOGLE) (GOOGLE)
1	3.82.68.216 3.82.68.216	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:24f... 2600:9000:24f4:6c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:400d:c09::5e	15169 (GOOGLE) (GOOGLE)
1	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
5	2600:1f13:800... 2600:1f13:800:7780:31d4:5bde:3c0c:bb42	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4000:7::9	15169 (GOOGLE) (GOOGLE)
1	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
154	31

13 2606:4700:3031::6815:1237 (United States)

ASN13335 (CLOUDFLARENET, US)

mnewsr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:1::6813:824c (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:806::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1a00::940:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

cdn.unibots.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4006:824::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:824::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.147.140 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-147-140.compute-1.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.35.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.137 (Brooklyn, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.200.197.46 (Piscataway, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-197-46.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:a025:b051:5a6f:e1dc (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.101.241 (Newark, United States)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: us-ny-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.72.102 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.82.68.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-68-216.compute-1.amazonaws.com

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:24f4:6c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c09::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7780:31d4:5bde:3c0c:bb42 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::200e (United States) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4000:7::9 (United States)

ASN15169 (GOOGLE, US)

r4---sn-q4fl6n66.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	542 KB
27	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154 bid.g.doubleclick.net — Cisco Umbrella Rank: 802 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	166 KB
13	mnewsr.com mnewsr.com	269 KB
10	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 300 gcdn.2mdn.net — Cisco Umbrella Rank: 1173 r4---sn-q4fl6n66.c.2mdn.net — Cisco Umbrella Rank: 139636	177 KB
10	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8705 c.mgid.com — Cisco Umbrella Rank: 6710	294 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 898 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	102 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 447	136 KB
4	gstatic.com csi.gstatic.com fonts.gstatic.com Failed	350 B
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	326 KB
3	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 522	750 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	192 KB
3	unibots.in cdn.unibots.in — Cisco Umbrella Rank: 49224	28 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	628 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	23 KB
1	zprk.io pixel.zprk.io — Cisco Umbrella Rank: 17991	460 B
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 6032	241 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1279	175 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
154	22

	Domain	Requested by
27	pagead2.googlesyndication.com	mnewsr.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
21	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net mnewsr.com imasdk.googleapis.com
13	mnewsr.com	mnewsr.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com mnewsr.com
9	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
9	jsc.mgid.com	mnewsr.com jsc.mgid.com cdn.unibots.in
7	s0.2mdn.net	googleads.g.doubleclick.net mnewsr.com s0.2mdn.net
5	dt.adsafeprotected.com	googleads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	ad.doubleclick.net	mnewsr.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	mnewsr.com www.googletagmanager.com cdn.unibots.in
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	mnewsr.com
3	fonts.googleapis.com	googleads.g.doubleclick.net s0.2mdn.net
3	cdn.unibots.in	mnewsr.com cdn.unibots.in
2	r4---sn-q4fl6n66.c.2mdn.net
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects mnewsr.com
1	googleads4.g.doubleclick.net	mnewsr.com
1	gcdn.2mdn.net	1 redirects
1	cdnjs.cloudflare.com	s0.2mdn.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	pixel.zprk.io	googleads.g.doubleclick.net
1	pro.ip-api.com	cdn.unibots.in
1	partners.tremorhub.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	c.mgid.com
0	fonts.gstatic.com Failed	fonts.googleapis.com
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
154	34

This site contains links to these domains. Also see Links.

Domain
wpenjoy.com
unibots.in

Subject Issuer	Validity	Valid
mnewsr.com GTS CA 1P5	`2023-09-29` - `2023-12-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn.unibots.in R3	`2023-10-14` - `2024-01-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-25` - `2023-12-26`	a year	crt.sh
*.zprk.io Amazon RSA 2048 M03	`2023-09-19` - `2024-10-17`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh

This page contains 25 frames:

Primary Page: https://mnewsr.com/
Frame ID: 8F6E3B7631308628DF1AFFCF705DDC2B
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: DFC00C45D960753722A87345CE1019BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4381523483074067&output=html&adk=1812271804&adf=3025194257&lmt=1700731454&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fmnewsr.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700834166022&bpp=15&bdt=967&idt=501&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6138686263864&frm=20&pv=2&ga_vid=354402961.1700834167&ga_sid=1700834167&ga_hid=2016546101&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809316%2C31078297%2C44807754%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3258155344124022&tmod=2035927513&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=523
Frame ID: 32822A577FD8C1C780A7668BA99CA672
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4381523483074067&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700731454&rafmt=1&to=qs&pwprc=5672812633&format=1200x280&url=https%3A%2F%2Fmnewsr.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700834166037&bpp=2&bdt=983&idt=514&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6138686263864&frm=20&pv=1&ga_vid=354402961.1700834167&ga_sid=1700834167&ga_hid=2016546101&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809316%2C31078297%2C44807754%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3258155344124022&tmod=2035927513&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=517
Frame ID: B85CC5CF5F3C7713FB5536472FED472B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4381523483074067&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700731454&rafmt=1&to=qs&pwprc=5672812633&format=1200x280&url=https%3A%2F%2Fmnewsr.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700834167173&bpp=1&bdt=2119&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3141a54009e53ac8%3AT%3D1700834166%3ART%3D1700834166%3AS%3DALNI_MYJ8_Zyz7oDxBI7tELQcGaKcFqMFQ&gpic=UID%3D00000da39f07fb1c%3AT%3D1700834166%3ART%3D1700834166%3AS%3DALNI_MbDWwJvq5njbEiwz2l9Bt2wbRTUFA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6138686263864&frm=20&pv=1&ga_vid=354402961.1700834167&ga_sid=1700834167&ga_hid=2016546101&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809316%2C31078297%2C44807754%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3258155344124022&tmod=2035927513&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=9
Frame ID: 1B2849DC3CE5EC8951869929753A3C46
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4381523483074067&output=html&h=280&adk=2801471196&adf=2042587861&pi=t.aa~a.3440390615~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700731454&rafmt=1&to=qs&pwprc=5672812633&format=1200x280&url=https%3A%2F%2Fmnewsr.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700834167173&bpp=1&bdt=2118&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3141a54009e53ac8%3AT%3D1700834166%3ART%3D1700834166%3AS%3DALNI_MYJ8_Zyz7oDxBI7tELQcGaKcFqMFQ&gpic=UID%3D00000da39f07fb1c%3AT%3D1700834166%3ART%3D1700834166%3AS%3DALNI_MbDWwJvq5njbEiwz2l9Bt2wbRTUFA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6138686263864&frm=20&pv=1&ga_vid=354402961.1700834167&ga_sid=1700834167&ga_hid=2016546101&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809316%2C31078297%2C44807754%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3258155344124022&tmod=2035927513&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15
Frame ID: 7080EF109DFEE8C0E25475E260215D5F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 93ABFB2FAFF206436C82742099E6160D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C639C345E91E22E37689224DA634473E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: AFC1F657A4990BA9D8C11733E4F9C0A7
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 61C156C176547523F687A8262F4C1206
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4E4BA7D9D517602EDB174946DF16A6A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 420535D64584463B8519F808C91F994C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjk7gEQvKm3Ahi-qZL1ATAB&v=APEucNW32-fzEzzfN7HqfjXRRBiGXPciHOoSHPx44wsgRzHYKoZxF9H7QIoEETtXmZOe-yJdMMU5oR9D8mgDP6u30BzTbRd8zQ
Frame ID: BA706489B695DF9963EAE0571B80995E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Frame ID: F632FBA20B3BE0C3C1AD913783C1C550
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjk7gEQvKm3AhienqzyATAB&v=APEucNWKCOuI-ZIZc8iXydWPYkPnnAw7OO9hJznnwbgd-XDQo45oS-103bmsNhSOWyNQ9y364AvTXPZWtX-5zzLFeo5A9ueatg
Frame ID: 0CC6DE0E8FCA9CBDD9A459B0D20F8CF8
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/16119263422396672699
Frame ID: B143BCC291C8C479F333EB773A04E580
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQ_oXq9AEYr43M-AEwAQ&v=APEucNXhQEMn1icIwXQoETBw2H7GPfaMeLbseGkzyElFK5kRpimFvc0pzs2KO4SCD7RYqlkoRx_GWKj6mS5lt3m8fGZpnYbxRA
Frame ID: 1BC2E1B6057076C74DD16D8E2FE44003
Requests: 4 HTTP requests in this frame

Frame: https://fw.adsafeprotected.com/rjss/st/1622598/75186829/skeleton.js
Frame ID: 75D007254F9A94A3BD4A682F21AFC945
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9D38D12D11415CDAB45BD230CE427D1C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 327027FD64A4B2CBBE31629AD6013BE9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Frame ID: 5B76A7EB47AF10BFE5EB6CFB9E3DF202
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AB6ADCF01EAE08A12D610A0FFD4A794B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7175492104940212821/index.html?ev=01_250
Frame ID: 331A094D9504C053798C475B529E45A1
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4E8CB84FAE95EBBFD09EB960EA9AAB66
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: E10BA62F1EB44876E98B2C7D87FA55EB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

mnewsr

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

154
Requests

85 %
HTTPS

65 %
IPv6

22
Domains

34
Subdomains

31
IPs

2
Countries

2279 kB
Transfer

6739 kB
Size

17
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://wpenjoy.com/
Title: WPEnjoy

Search URL Search Domain Scan URL

URL: https://unibots.in/?utm_source=unibots&utm_medium=cubeadwidget
Title: Powered by Unibots

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMb7S8sd8euZRbrSFMhCHZM&google_cver=1

Request Chain 79

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWCrdxOhWOFgKfSr9uV1BAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMb7S8sd8euZRbrSFMhCHZM&google_cver=1

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIOli_IxjXcFzmICYtoDmYU&google_cver=1

Request Chain 81

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMxNDc2MjgzNzA2Njk0OTEwNw%3D%3D

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoJMMr4F7FFCTOMKaLtv9w&google_cver=1

Request Chain 85

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzhlYTg0YzUtYzk0MC0yOThiLWNkMzQtMmI1OGZkN2UxZTRk

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEMJgrjR2F62dNoNHfYiXTnI&google_cver=1

Request Chain 87

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZmIwYzU5OWItNjQ5NC00NzJlLTljMWMtNTc0YzhlNDJmZDA2

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEIxyHNjkOO4JZU4ji4c_n7Y&google_cver=1

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGYn9xO1fxErC7xzZy3a9WQ&google_cver=1

Request Chain 109

https://fw.adsafeprotected.com/rfw/st/1622598/75186829/4.js?adContainerId=brand_safety_dqtgZdr_J4HLxtYP7IiakA8&cbFunctionName=goog_wrapCb_dqtgZdr_J4HLxtYP7IiakA8&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fmnewsr.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fmnewsr.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-4381523483074067%26fa%3D1%26ifi%3D8%26uci%3Da!8%26btvi%3D5&adsafe_type=be&adsafe_jsinfo=,id:8c773384-a6b1-14eb-e985-e623df2f1265,c:uQZjGB,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5f456796bd-wz68w,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:7,mot:0,app:0,maw:0,fm:tWxgPUn+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C1911%7C19121%7C1a11%7C1a121%7C1b1*.1622598-75186829%7C1b11%7C1b121%7C1b13,idMap:1b1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:51,oid:377423b9-8ad1-11ee-b56d-1ebc857765b1,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 136

https://gcdn.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/B7FF5CBD00430A1B20E3D7D8AC1E1D5B8C9B36C0.36E638E93EE6C01EF4CB76F65DB1F3786D0B141A/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/410CE81DA335192298D5BBE4C95B242576FD6242.5CA052A3BA03B129BB72A8D37AAF2BBEA20A5D69/key/cms1/cms_redirect/yes/mh/p_/mip/2001:550:1d05:1::5/mm/42/mn/sn-q4fl6n66/ms/onc/mt/1700833050/mv/u/mvi/4/pl/48/file/file.mp4

154 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mnewsr.com/ 64 KB
13 KB 200ms
43ms Document
text/html 2606:4700:3031::6815:1237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnewsr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / EasyEngine v4.6.6
Resource Hash: cf5da9ac90fdb2d1a9d232e7f7c6082fb71dce0eab5c4624e9ee5313c3480ef2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 92451
alt-svc: h3=":443"; ma=86400
cache-control: max-age=16070400
cf-cache-status: HIT
cf-ray: 82b2273b6cdfb3b9-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 24 Nov 2023 13:56:05 GMT
last-modified: Thu, 23 Nov 2023 09:24:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jvxOppEa7%2FUYVqLYt25nNn7cI99%2F3h012Quogw%2FiBllB%2BVOjPEWxPkxm7ULisK34FB4SsxKIhLHdzaAxpNbt30eQiIh20Uo0vnzH6KwH2ATWUqwx1FQ9u1XM%2FN%2FUZvEvBOXvjJQTLJc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
wpo-cache-status: cached
x-powered-by: EasyEngine v4.6.6

GET
H2 200 wpo-minify-header-c38121ec.min.css
mnewsr.com/wp-content/cache/wpo-minify/1699698059/assets/ 164 KB
25 KB 48ms
47ms Stylesheet
text/css 2606:4700:3031::6815:1237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnewsr.com/wp-content/cache/wpo-minify/1699698059/assets/wpo-minify-header-c38121ec.min.css
Requested by: Host: mnewsr.com
URL: https://mnewsr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / EasyEngine v4.6.6
Resource Hash: a5688cb5035a5e247c39b9771383af9768ddec790cb17e386864acb20eae2bef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 113257
x-powered-by: EasyEngine v4.6.6
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 Nov 2023 10:21:00 GMT
server: cloudflare
etag: W/"654f558c-28e97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dj5u0hXIN62WXtgTNyTTYdVVJOJ%2B7ToAdFhHCpmUlA2XMT4DTpdyfKtkUKAumLXh%2FrxK%2BghmI%2Bfat6dMSqWDoAOzqf4U0FEJveheI%2BuPA%2BWoU3Li8qO%2Fq4F%2BUdHt%2FBvTdvWFK0sLD01i"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 82b2273bbd5ab3b9-MIA
expires: Fri, 24 Nov 2023 06:28:28 GMT

GET
H2 200 wpo-minify-header-f5440c18.min.js Show response
mnewsr.com/wp-content/cache/wpo-minify/1699698059/assets/ 99 KB
35 KB 53ms
52ms Script
application/javascript 2606:4700:3031::6815:1237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnewsr.com/wp-content/cache/wpo-minify/1699698059/assets/wpo-minify-header-f5440c18.min.js
Requested by: Host: mnewsr.com
URL: https://mnewsr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / EasyEngine v4.6.6
Resource Hash: 732b75262f6c9b6d5a61da968e653880646b58cc1b25387b32badbe03881dfe1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 113257
x-powered-by: EasyEngine v4.6.6
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 Nov 2023 10:21:00 GMT
server: cloudflare
etag: W/"654f558c-18b11"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2YppM9GEORQY3d3q%2BveJMbt74ECN%2FR8A9PX9bEzqvTF0dO8shGIrPb6QhAFjnABwLH4nhGThMZP6DAPD%2BLV14uXPUd4vcH5%2BMpjQ7UwPo5jDopEKDG6nMMvDiQb9AjJWdS%2F%2F8HfoJIo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 82b2273bbd5bb3b9-MIA
expires: Fri, 24 Nov 2023 06:28:28 GMT

GET
H2 200 html5.js Show response
mnewsr.com/wp-content/themes/blogsite-pro/assets/js/ 10 KB
3 KB 40ms
39ms Script
application/javascript 2606:4700:3031::6815:1237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnewsr.com/wp-content/themes/blogsite-pro/assets/js/html5.js
Requested by: Host: mnewsr.com
URL: https://mnewsr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / EasyEngine v4.6.6
Resource Hash: a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 109547
x-powered-by: EasyEngine v4.6.6
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Nov 2023 01:24:39 GMT
server: cloudflare
etag: W/"654c34d7-285a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlSajSiyI3d0RVZ6yUZSosqcORcdzofECAO5uUGhx4cBy%2BpJjYNP4Hv6QsfyjDvz5EdDyRX%2BIXjEwaFrlc1GZThYVhiuyqETB4MM8vIT9S64x33KqtJ10cxMZjXmso9DCIVBC2uctxt%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 82b2273bbd5cb3b9-MIA
expires: Fri, 24 Nov 2023 07:30:18 GMT

GET
H2 200 wpo-minify-footer-658528ad.min.js Show response
mnewsr.com/wp-content/cache/wpo-minify/1699698059/assets/ 65 KB
18 KB 46ms
46ms Script
application/javascript 2606:4700:3031::6815:1237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mnewsr.com/wp-content/cache/wpo-minify/1699698059/assets/wpo-minify-footer-658528ad.min.js
Requested by: Host: mnewsr.com
URL: https://mnewsr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / EasyEngine v4.6.6
Resource Hash: ba8d31566a51d54a72a2014a586184dabe9cff8a98e087db5a629ca7eff4b187

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 113257
x-powered-by: EasyEngine v4.6.6
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 Nov 2023 10:21:00 GMT
server: cloudflare
etag: W/"654f558c-1035f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4EFrubBMwCupiYcorVe2%2BBYZW2YrHxu6rlrNpQUODwYvpwDngetYFiJEk2%2BQ9x7hwGGdJbV6HZDSchc1uu%2FZuFzivfMfNo2MxEO7aF5wA6PSv8OXTFW3MyheDhRU377dE1PeVUH3KZN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400, must-revalidate
cf-ray: 82b2273bbd5db3b9-MIA
expires: Fri, 24 Nov 2023 06:28:28 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 1700730853015-300x300.jpg
mnewsr.com/wp-content/uploads/2023/11/ 24 KB
25 KB 212ms
210ms Image
image/jpeg 2606:4700:3031::6815:1237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mnewsr.com/wp-content/uploads/2023/11/1700730853015-300x300.jpg
Requested by: Host: mnewsr.com
URL: https://mnewsr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / EasyEngine v4.6.6
Resource Hash: 42a72effd58384af1e9fe38912380f336abb4e30ebde6c9f37d3a38609f1d323

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: EasyEngine v4.6.6
alt-svc: h3=":443"; ma=86400
content-length: 25074
last-modified: Thu, 23 Nov 2023 09:14:14 GMT
server: cloudflare
etag: "655f17e6-61f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwK%2FbuxmtAIEF%2FvXrlz2gz21aVjMoZCgLrYYwtgm2z%2BRAfqwR4o7ijRuOJqdrCcrG8EikYeUajC0s96FfHXZfvxajUff6ffyeC0lluppu570VSYJdOjcfAR9Z4dpEBFCmRrwodkr4FBP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82b2273c8a543367-MIA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1700729629073-300x300.jpg
mnewsr.com/wp-content/uploads/2023/11/ 21 KB
21 KB 213ms
212ms Image
image/jpeg 2606:4700:3031::6815:1237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mnewsr.com/wp-content/uploads/2023/11/1700729629073-300x300.jpg
Requested by: Host: mnewsr.com
URL: https://mnewsr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / EasyEngine v4.6.6
Resource Hash: ed308f4edf54d6d2513a7a6773d3b405ae09b2a109131c1e7a6036ce88645b4f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: EasyEngine v4.6.6
alt-svc: h3=":443"; ma=86400
content-length: 21434
last-modified: Thu, 23 Nov 2023 08:53:51 GMT
server: cloudflare
etag: "655f131f-53ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZ%2B%2BcaRt00OnARfDdj3bfLtuyCYio%2FirfHeXpyk3ItzuSU1mfrgoTGvCLZx61Nvh%2BWSulrFIS%2FX81CY6XtuY%2B4yBMGK0Sq2pExcIUeYYsOHMtQHhb4bkruiJR2CaBzjJn%2B3k18fkH16b"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82b2273c8a563367-MIA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1700729044815-300x300.jpg
mnewsr.com/wp-content/uploads/2023/11/ 25 KB
26 KB 244ms
243ms Image
image/jpeg 2606:4700:3031::6815:1237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mnewsr.com/wp-content/uploads/2023/11/1700729044815-300x300.jpg
Requested by: Host: mnewsr.com
URL: https://mnewsr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / EasyEngine v4.6.6
Resource Hash: 168ab4741477866c5bcf4e5bd8c973ed7ec2415288f2b24e144385ac19b6d35e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: EasyEngine v4.6.6
alt-svc: h3=":443"; ma=86400
content-length: 26076
last-modified: Thu, 23 Nov 2023 08:44:06 GMT
server: cloudflare
etag: "655f10d6-65dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QW8IRBYkvC4pc%2FQke%2FZy5TftVWO8N4u990Y0CXijYcwWYCe12JTu3QVeSmZ6Brf3nAgnDa%2B7rqzGr26LsQLqNSsyU%2BYr1Y69D3RHFbe3SrimAVtOxb%2Fn1ht0%2BGIMbKGW7c3TRjoEM%2FjC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82b2273c8a583367-MIA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1700727952888-300x300.jpg
mnewsr.com/wp-content/uploads/2023/11/ 22 KB
23 KB 179ms
179ms Image
image/jpeg 2606:4700:3031::6815:1237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mnewsr.com/wp-content/uploads/2023/11/1700727952888-300x300.jpg
Requested by: Host: mnewsr.com
URL: https://mnewsr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / EasyEngine v4.6.6
Resource Hash: 0c76b4f8350c71a968962afc27ca3909b725c320e1117826fa180730a3dac4b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: EasyEngine v4.6.6
alt-svc: h3=":443"; ma=86400
content-length: 22821
last-modified: Thu, 23 Nov 2023 08:26:24 GMT
server: cloudflare
etag: "655f0cb0-5925"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBL53mIrAxweteFqFJCiFCri3pIoHu4x4D5cbzGIaQ9rH8SKJGcfJ3xidQ6FBi3gcIaYdPL%2FX3757YfXXYwknd2LJh%2FhwBX1fjaDlmMa3iupB%2Ff30vpoVBZFNuItGEN4HCW5YwkgQ8td"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82b2273c8a5b3367-MIA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1700730853015-300x150.jpg
mnewsr.com/wp-content/uploads/2023/11/ 13 KB
14 KB 42ms
42ms Image
image/jpeg 2606:4700:3031::6815:1237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mnewsr.com/wp-content/uploads/2023/11/1700730853015-300x150.jpg
Requested by: Host: mnewsr.com
URL: https://mnewsr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / EasyEngine v4.6.6
Resource Hash: 0849b6022f32c7011656d629110e5ddcb19ba534f3246005bff3b0b904abb375

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102302
x-powered-by: EasyEngine v4.6.6
alt-svc: h3=":443"; ma=86400
content-length: 13353
last-modified: Thu, 23 Nov 2023 09:14:14 GMT
server: cloudflare
etag: "655f17e6-3429"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3S5Tr74jZ5FifPjg%2B3UC5LwV8wlS5SDyuN5MO6XiRsIG98vtT8xOHRzFekiECkFtyGBtpdqPgNqpW%2FOIxJTZasPyvyQTLwq2VbdfPvFYP3AzMu9O6SGxNf9XrLUILZThNyUAJ0i%2B2NGl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82b2273c8a5d3367-MIA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1700727472585-300x300.jpg
mnewsr.com/wp-content/uploads/2023/11/ 22 KB
22 KB 179ms
179ms Image
image/jpeg 2606:4700:3031::6815:1237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mnewsr.com/wp-content/uploads/2023/11/1700727472585-300x300.jpg
Requested by: Host: mnewsr.com
URL: https://mnewsr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / EasyEngine v4.6.6
Resource Hash: af765103e9142a4cd701898bca57e0faf9147cec946d5fcf5ce5ae4312c49683

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: EasyEngine v4.6.6
alt-svc: h3=":443"; ma=86400
content-length: 22099
last-modified: Thu, 23 Nov 2023 08:18:00 GMT
server: cloudflare
etag: "655f0ab8-5653"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaN5HnRFSzVigT85FlkMttT3j8P%2BiRu6gyHfQAfLchdG0r3czcOzKZhtHb5l%2Bai58VIjBYMZD1BMUtd1Cb0uTHnczxvGvuOTCXHPmFsEYAVcqwApl3JozJReiNFLoLYl4xRUy8%2Bc1t1k"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82b2273d8bac3367-MIA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1700727728448-300x300.jpg
mnewsr.com/wp-content/uploads/2023/11/ 18 KB
18 KB 177ms
177ms Image
image/jpeg 2606:4700:3031::6815:1237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mnewsr.com/wp-content/uploads/2023/11/1700727728448-300x300.jpg
Requested by: Host: mnewsr.com
URL: https://mnewsr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / EasyEngine v4.6.6
Resource Hash: 2536af08fb7243970f65af73d4bd4a68d6dd8bafd8e38e9fd5baf4a59f03392d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: EasyEngine v4.6.6
alt-svc: h3=":443"; ma=86400
content-length: 18248
last-modified: Thu, 23 Nov 2023 08:22:13 GMT
server: cloudflare
etag: "655f0bb5-4748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ois%2FIn5VsZivcUHwsOy1Gn5IcEKAsCmL%2BMxBlgUwp0SnAWDN4YysTNXgeowD%2F3B13NO5U62T00TiFyD3oOlOpcBe54wKwBD4vlieCNGQox8W5j7mXzH88NqYV3YE3pnZGCKuky4s70kS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82b2273e6cd43367-MIA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
52 KB 246ms
101ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4381523483074067

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2a7ee2fa0e3321a443c4ed8de0a4b519f4e047585845372550d269997ab8684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53183
x-xss-protection: 0
server: cafe
etag: 11389368870557941830
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 13:56:05 GMT

GET
H2 200 mnewsr.com.1336101.js Show response
jsc.mgid.com/m/n/ 4 KB
2 KB 116ms
43ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/m/n/mnewsr.com.1336101.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

692c077e466841114827ba25a7023e1bf0f84757ffc15443a75c4f1d6d193db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:05 GMT
x-amz-version-id: V29M16vzlCsJGAlB3TcWbenEainydrlB
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 79R8V383JYQXPH4Q
age: 3237
cf-polished: origSize=3757
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3A9ITicDQc56i4lDfyJ+/skegc36AsykSfeqUAOfqYGP/fZ4p510+u+Kqi4L8NhY/EelrFwlAPc=
cf-bgj: minify
last-modified: Fri, 24 Nov 2023 13:01:07 GMT
server: cloudflare
etag: W/"353feaf818a58da5d80c21643ef64e59"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82b2273ffb0074a8-MIA
expires: Fri, 24 Nov 2023 16:56:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 212ms
78ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-195329056-1

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

087940b1223c7253cf05afb213b620a962397e2221591a092131941f36dc1986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68751
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Nov 2023 13:56:05 GMT

GET
H2 200 mnewsr.com.1336101.es6.js Show response
jsc.mgid.com/m/n/ 343 KB
101 KB 427ms
59ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/m/n/mnewsr.com.1336101.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/n/mnewsr.com.1336101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5d766bd7edde4dc4bdddeab46caea776d9025562cd1e70c8a30b4d228ae86c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://mnewsr.com/
Origin: https://mnewsr.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:06 GMT
x-amz-version-id: EtOw.o8t.u8In3j_4tC0GisFJknDGDjY
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 79REN48G1EFNAYV8
age: 3237
cf-polished: origSize=350732
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1IXtyiTY/QmqjgwEyaGG9t50YSwSsO9i19LoSkX82yenw0ogLdHv2FeWBvLh/lD9A0KbHPHKhQA=
cf-bgj: minify
last-modified: Fri, 24 Nov 2023 13:01:07 GMT
server: cloudflare
etag: W/"7a1f4f59fef7509b1a510b2f9e2c8971"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82b2274288db8dd2-MIA
expires: Fri, 24 Nov 2023 16:56:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
77 KB 78ms
77ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YKGS7VWZ4Y&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195329056-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f27f1d5be01ca24a83580db45e6eb7d85b21fb20698afc3bbd8ac4f178bde69b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79205
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Nov 2023 13:56:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 517ms
62ms Script
text/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195329056-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Nov 2023 12:38:08 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4678
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 24 Nov 2023 14:38:08 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 122ms
121ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4381523483074067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f69294cb3228695da3ba9b677db613089da1f680cc7daba635881b6e6554af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138484
x-xss-protection: 0
server: cafe
etag: 12696593722970998856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 13:56:06 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame DFC0 9 KB
4 KB 198ms
62ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4381523483074067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mnewsr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 6791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 12:02:55 GMT
etag: 16674218716276178799
expires: Fri, 08 Dec 2023 12:02:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 mnewsr.com.1336098.js Show response
jsc.mgid.com/m/n/ 4 KB
2 KB 43ms
42ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/m/n/mnewsr.com.1336098.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b09b895a8433cbd3d56cb57c967eda87acfa2c6d9934381e9c238054c1e0214

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:06 GMT
x-amz-version-id: ARyXZuvkJ0VCgvT8dNYxLfuJLGzfVOcu
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: PZSA3Y8VMYCXPP5V
age: 453
cf-polished: origSize=4240
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: f+qB4h4KFUbEA5CPpklBi7fwy4IgR0XXaUBAOJL7ukZmCKIAD/uJx6DZE4iwElT5dN1CJnUGi7KcUET8aPPStw==
cf-bgj: minify
last-modified: Thu, 09 Nov 2023 11:54:52 GMT
server: cloudflare
etag: W/"b8c5604bb1d5129005e4f35f8a0509b2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82b22741fe2474a8-MIA
expires: Fri, 24 Nov 2023 16:56:06 GMT

GET
H2 200 script.js Show response
cdn.unibots.in/genericcube/common/ 64 KB
24 KB 469ms
62ms Script
application/javascript 2400:52e0:1a00::940:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibots.in/genericcube/common/script.js
Requested by: Host: mnewsr.com
URL: https://mnewsr.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::940:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-940 /
Resource Hash: 000d8950448207e7805a6719271a6ee6356d351b000b9a0c3fc933111c58f2f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:06 GMT
content-encoding: br
cdn-edgestorageid: 871
cdn-storageserver: DE-663
cdn-cachedat: 10/31/2023 18:52:06
cdn-pullzone: 483488
last-modified: Mon, 16 Oct 2023 11:00:39 GMT
server: BunnyCDN-IL1-940
cdn-fileserver: 532
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"652d17d7-ff35"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: d4767ec62e4cadb23c130798a551cdcd
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
BLOB 200
OK 1296ecf2-954b-4a7e-8ee2-1dfc8ca0a744
https://mnewsr.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mnewsr.com/1296ecf2-954b-4a7e-8ee2-1dfc8ca0a744
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK db804dc4-b62b-48b4-a173-7dae9f41d467
https://mnewsr.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mnewsr.com/db804dc4-b62b-48b4-a173-7dae9f41d467
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 mnewsr.com.1336098.es6.js Show response
jsc.mgid.com/m/n/ 314 KB
95 KB 55ms
55ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/m/n/mnewsr.com.1336098.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/n/mnewsr.com.1336098.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5ed8cefa2d0d0db794cbfa1c0fb8587d0eaaad6fc9185efce8d5a34a502ed60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:06 GMT
x-amz-version-id: GyEcEeMjgBD7IRHBWDgrspzdxrpv1J5D
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: X7G205XG5ERZX3W6
age: 4548
cf-polished: origSize=321512
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: eUleG5CR/zATW9O7SHwvmENRChUrUDJG4YwMc3j0neZvsGl2H/nZzWfag8kf6w+d7kXv5ficG44MO8cIK6ikOulNqEcXtVZ7IwiAA4c5jKg=
cf-bgj: minify
last-modified: Wed, 15 Nov 2023 11:40:18 GMT
server: cloudflare
etag: W/"52e9822231c34f6a47cfdcc3a0244f57"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82b227448a0c0a0e-MIA
expires: Fri, 24 Nov 2023 16:56:06 GMT

GET
H3 200 mnewsr.com.1336366.es6.js Show response
jsc.mgid.com/m/n/ 306 KB
93 KB 153ms
153ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/m/n/mnewsr.com.1336366.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/n/mnewsr.com.1336098.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3433edbe5d836918661f011eda3ae77ff74e7b12a07861fa1976c12e363caaff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:06 GMT
x-amz-version-id: UQII2F7RXg.SiYS.wG3wWLwvny_upMtN
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: NHPAED68PMRJWYH8
age: 5114
cf-polished: origSize=312933
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6pjUIMDzAnTXoQtgib2eNP0d5cKJQamvplvsjIc3Lt5YHaYALgcaRq57rBG45zOeciurkqX/Txk=
cf-bgj: minify
last-modified: Fri, 24 Nov 2023 06:01:06 GMT
server: cloudflare
etag: W/"0a1023e4a219e753c05d908543e0679a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82b227448a0e0a0e-MIA
expires: Fri, 24 Nov 2023 16:56:06 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
167 B 76ms
76ms Ping
text/plain 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YKGS7VWZ4Y&gtm=45je3b81v9111297688&_p=1700834165076&gcd=11l1l1l1l1&dma=0&cid=354402961.1700834167&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1700834166&sct=1&seg=0&dl=https%3A%2F%2Fmnewsr.com%2F&dt=mnewsr&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1661
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YKGS7VWZ4Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mnewsr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
c.mgid.com/pv/ 43 B
115 B 84ms
68ms Image
image/gif 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fmnewsr.com%2F&cbuster=1700834166517330507792&pvid=18c019dc6f5986a93ad&implVersion=16&cxurl=https%3A%2F%2Fmnewsr.com%2F&site=752819&i=1&scum=%3F0&scuw=%3F0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 82b22744fb1774a8-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3282 520 KB
123 KB 441ms
397ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4381523483074067&output=html&adk=1812271804&adf=3025194257&lmt=1700731454&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fmnewsr.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700834166022&bpp=15&bdt=967&idt=501&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6138686263864&frm=20&pv=2&ga_vid=354402961.1700834167&ga_sid=1700834167&ga_hid=2016546101&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809316%2C31078297%2C44807754%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3258155344124022&tmod=2035927513&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=523

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64c7b8d79d1308bd2e6344366cae553c763af0455056adf0352e405722f6efd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mnewsr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 125690
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 13:56:06 GMT
expires: Fri, 24 Nov 2023 13:56:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 220ms
95ms XHR
application/json 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b090f178a2e108037231074fdfce6ecd08b0243db23bf2e2e56e8aa54ea3e0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12539
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B85C 716 B
579 B 243ms
206ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4381523483074067&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700731454&rafmt=1&to=qs&pwprc=5672812633&format=1200x280&url=https%3A%2F%2Fmnewsr.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700834166037&bpp=2&bdt=983&idt=514&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6138686263864&frm=20&pv=1&ga_vid=354402961.1700834167&ga_sid=1700834167&ga_hid=2016546101&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809316%2C31078297%2C44807754%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3258155344124022&tmod=2035927513&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=517

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

339500954c8a669a086d31393e545d9e4dd8174db33f081e10e14fad847937a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mnewsr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 13:56:06 GMT
expires: Fri, 24 Nov 2023 13:56:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 78ms
77ms XHR
text/plain 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2016546101&t=pageview&_s=1&dl=https%3A%2F%2Fmnewsr.com%2F&ul=en-us&de=UTF-8&dt=mnewsr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=90453493&gjid=1625907555&cid=354402961.1700834167&tid=UA-195329056-1&_gid=1540180477.1700834167&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1240343625

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mnewsr.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mnewsr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 7d3573b1-3ff2-46ae-9c06-02c1aadc90a2
https://mnewsr.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mnewsr.com/7d3573b1-3ff2-46ae-9c06-02c1aadc90a2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 60654bc3-f1c5-432a-8081-f69b8c5250c5
https://mnewsr.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mnewsr.com/60654bc3-f1c5-432a-8081-f69b8c5250c5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK 4d1f108b-e622-4ffd-8c53-4b43fc09d2ca
https://mnewsr.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mnewsr.com/4d1f108b-e622-4ffd-8c53-4b43fc09d2ca
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 3647dc2d-9485-4da0-bcf1-c70ef8499666
https://mnewsr.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mnewsr.com/3647dc2d-9485-4da0-bcf1-c70ef8499666
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 514ms
88ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 13:56:07 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 160 KB
55 KB 101ms
100ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e005ae227e7f23773b07f93b4b512a1b777b5eab0bf3d933a34dd346d9797e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55789
x-xss-protection: 0
server: cafe
etag: 15219411439414799250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 13:56:07 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B28 436 B
535 B 198ms
196ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4381523483074067&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700731454&rafmt=1&to=qs&pwprc=5672812633&format=1200x280&url=https%3A%2F%2Fmnewsr.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700834167173&bpp=1&bdt=2119&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3141a54009e53ac8%3AT%3D1700834166%3ART%3D1700834166%3AS%3DALNI_MYJ8_Zyz7oDxBI7tELQcGaKcFqMFQ&gpic=UID%3D00000da39f07fb1c%3AT%3D1700834166%3ART%3D1700834166%3AS%3DALNI_MbDWwJvq5njbEiwz2l9Bt2wbRTUFA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6138686263864&frm=20&pv=1&ga_vid=354402961.1700834167&ga_sid=1700834167&ga_hid=2016546101&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809316%2C31078297%2C44807754%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3258155344124022&tmod=2035927513&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

201460ee33628025b07c9ec4ba9d2da4f3ccb00baef0d944afadcc07c5e074be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mnewsr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 13:56:07 GMT
expires: Fri, 24 Nov 2023 13:56:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7080 436 B
507 B 197ms
196ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4381523483074067&output=html&h=280&adk=2801471196&adf=2042587861&pi=t.aa~a.3440390615~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1700731454&rafmt=1&to=qs&pwprc=5672812633&format=1200x280&url=https%3A%2F%2Fmnewsr.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700834167173&bpp=1&bdt=2118&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3141a54009e53ac8%3AT%3D1700834166%3ART%3D1700834166%3AS%3DALNI_MYJ8_Zyz7oDxBI7tELQcGaKcFqMFQ&gpic=UID%3D00000da39f07fb1c%3AT%3D1700834166%3ART%3D1700834166%3AS%3DALNI_MbDWwJvq5njbEiwz2l9Bt2wbRTUFA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6138686263864&frm=20&pv=1&ga_vid=354402961.1700834167&ga_sid=1700834167&ga_hid=2016546101&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809316%2C31078297%2C44807754%2C44807763%2C44808149%2C44808284%2C44809055&oid=2&pvsid=3258155344124022&tmod=2035927513&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b31db30080e2c6e8aa4ca9b620079e602e4f744b59ed970513076619336b222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mnewsr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 13:56:07 GMT
expires: Fri, 24 Nov 2023 13:56:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 93AB 13 KB
5 KB 68ms
65ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mnewsr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 13285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 10:14:42 GMT
expires: Sat, 23 Nov 2024 10:14:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C639 829 B
1 KB 220ms
84ms Document
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1d5e39635cf673f2c362e2cb6015719e3a2816d47e9e5a5c9684b7cb053be824

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wCx9VifsyrZ22WzMeVESiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mnewsr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wCx9VifsyrZ22WzMeVESiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 13:56:07 GMT
expires: Fri, 24 Nov 2023 13:56:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame AFC1 9 KB
4 KB 63ms
63ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mnewsr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 6775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 12:03:12 GMT
etag: 16674218716276178799
expires: Fri, 08 Dec 2023 12:03:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 61C1 9 KB
4 KB 63ms
62ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mnewsr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 6775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 12:03:12 GMT
etag: 16674218716276178799
expires: Fri, 08 Dec 2023 12:03:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 4E4B 9 KB
4 KB 79ms
62ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mnewsr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 6775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 12:03:12 GMT
etag: 16674218716276178799
expires: Fri, 08 Dec 2023 12:03:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 4205 9 KB
4 KB 83ms
62ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mnewsr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 6775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 12:03:12 GMT
etag: 16674218716276178799
expires: Fri, 08 Dec 2023 12:03:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame AFC1 4 KB
1 KB 218ms
70ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Nov 2023 13:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 12:14:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Nov 2023 13:56:07 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame AFC1 15 KB
7 KB 62ms
62ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 05:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:42:02 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame AFC1 21 KB
9 KB 85ms
84ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 05:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29644
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:42:03 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BA70 624 B
242 B 104ms
104ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjk7gEQvKm3Ahi-qZL1ATAB&v=APEucNW32-fzEzzfN7HqfjXRRBiGXPciHOoSHPx44wsgRzHYKoZxF9H7QIoEETtXmZOe-yJdMMU5oR9D8mgDP6u30BzTbRd8zQ

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 13:56:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame F632 23 KB
9 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 21:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 21:59:56 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame F632 7 KB
3 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 21:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 21:59:56 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F632 41 KB
14 KB 66ms
64ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 02:01:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 02:01:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F632 3 KB
1 KB 79ms
78ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 02:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 02:18:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F632 20 KB
8 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 15:29:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F632 202 KB
64 KB 225ms
81ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 13:56:07 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F632 42 B
63 B 123ms
122ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ADUgsrgF7j5l2Aa6sr2Py2OiXx0P1AZq7vgRiw10bHyXEha-LujlUfSMkSsKwSbSrFELk9kyx50L6sUgCBeoUUKKrQNcPOxGDQK16osJBNEIFioI0

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 16119263422396672699
s0.2mdn.net/simgad/ Frame F632 42 KB
43 KB 205ms
63ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16119263422396672699

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be9e9b319fe9c2fd4cfa7fb372bba3a64f2bc2c4e4df9d1b997f25fe74aa0e02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:01:00 GMT
x-content-type-options: nosniff
age: 53707
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43361
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 09:16:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 23:01:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0CC6 640 B
262 B 95ms
94ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjk7gEQvKm3AhienqzyATAB&v=APEucNWKCOuI-ZIZc8iXydWPYkPnnAw7OO9hJznnwbgd-XDQo45oS-103bmsNhSOWyNQ9y364AvTXPZWtX-5zzLFeo5A9ueatg

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 13:56:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 16119263422396672699
s0.2mdn.net/simgad/ Frame B143 42 KB
42 KB 259ms
148ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16119263422396672699

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be9e9b319fe9c2fd4cfa7fb372bba3a64f2bc2c4e4df9d1b997f25fe74aa0e02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:01:00 GMT
x-content-type-options: nosniff
age: 53707
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43361
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 09:16:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 23:01:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame B143 23 KB
9 KB 66ms
64ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 21:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 21:59:56 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame B143 7 KB
3 KB 84ms
82ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 21:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 21:59:56 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B143 41 KB
14 KB 80ms
79ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 02:01:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 02:01:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B143 3 KB
1 KB 98ms
97ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 02:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 02:18:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B143 20 KB
8 KB 80ms
78ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 15:29:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B143 202 KB
64 KB 300ms
194ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 13:56:07 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B143 42 B
63 B 125ms
124ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DoyAcc3p-6C0LGiFB2i1zQHRBMAZkDKGXbk_mOO_1TG2-A2ez_6foFV7XTgwYwbEGDqEZt-nMPgMOCvdohshTXF3xiwIwIzS52wZgfjjdZf0656mc

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1BC2 482 B
213 B 90ms
88ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQ_oXq9AEYr43M-AEwAQ&v=APEucNXhQEMn1icIwXQoETBw2H7GPfaMeLbseGkzyElFK5kRpimFvc0pzs2KO4SCD7RYqlkoRx_GWKj6mS5lt3m8fGZpnYbxRA

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 13:56:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1622598/75186829/ Frame 75D0 254 KB
76 KB 270ms
59ms Script
application/javascript 34.197.147.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1622598/75186829/skeleton.js
Requested by: Host: mnewsr.com
URL: https://mnewsr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.147.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-147-140.compute-1.amazonaws.com
Software: /
Resource Hash: 67be0ee4c8160e697ae47d94523981784569e814df2e8f206d784e563c2023cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 75D0 111 KB
39 KB 199ms
63ms Script
text/javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 04:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 04:20:13 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 75D0 7 KB
3 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 21:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 21:59:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 75D0 23 KB
9 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 21:59:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 21:59:56 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 75D0 41 KB
14 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 02:01:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 02:01:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 75D0 3 KB
1 KB 93ms
92ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 02:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 02:18:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 75D0 20 KB
8 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 15:29:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 75D0 202 KB
64 KB 274ms
214ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 13:56:07 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 75D0 42 B
63 B 124ms
123ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CB9wQbdjBrGt3189lzusPcCPl9MgBOnTbRw7j_b0X7FkTH3cx8-Mt4uk4IocrHrX76gPpHh6CEojMHgh-1Z3ODYaoqtHhEzQN9OvUtXJO_Vb9uRtU

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 93AB 39 KB
15 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 12:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 12:02:13 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BA70
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMb7S8sd8euZRbrSFMhCHZM&google_cver=1

43 B
773 B

73ms
72ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMb7S8sd8euZRbrSFMhCHZM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjk7gEQvKm3Ahi-qZL1ATAB&v=APEucNW32-fzEzzfN7HqfjXRRBiGXPciHOoSHPx44wsgRzHYKoZxF9H7QIoEETtXmZOe-yJdMMU5oR9D8mgDP6u30BzTbRd8zQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhlQ%2B4dqAAmbxp2GCI0%2FqG8Js6e%2BZDHuXbkXojj5grt6r6Lr9nys9XDhqS1TxzFnY4j3GX%2BRfPPWe5%2FXXd40tJs117JFoaIVmj5eSsmg3ILPJtMBuhtTQhB8QM8j%2FjgMfTDEllrksn7Zvw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82b2274d8e480a2a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMb7S8sd8euZRbrSFMhCHZM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BA70
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWCrdxOhWOFgKfSr9uV1BAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMb7S8sd8euZRbrSFMhCHZM&google_cver=1

43 B
735 B

75ms
72ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMb7S8sd8euZRbrSFMhCHZM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjk7gEQvKm3Ahi-qZL1ATAB&v=APEucNW32-fzEzzfN7HqfjXRRBiGXPciHOoSHPx44wsgRzHYKoZxF9H7QIoEETtXmZOe-yJdMMU5oR9D8mgDP6u30BzTbRd8zQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cn4p%2F0n7Qen1LdgM6U1DQUv4%2FmNCpddophvYLl6moKnEN9FaxwMoA0ndWOLAnSuxiLDU%2B5fhSENQ%2FoVophSMas%2BboVg6u7BdOwaAjGnfaHKwJS5twpPtXXVQRWoCBcV6jRTlk6kVFNT90w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82b2274dee980a2a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMb7S8sd8euZRbrSFMhCHZM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame BA70
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIOli_IxjXcFzmICYtoDmYU&google_cver=1

43 B
843 B

71ms
70ms

Image
image/gif

68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIOli_IxjXcFzmICYtoDmYU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjk7gEQvKm3Ahi-qZL1ATAB&v=APEucNW32-fzEzzfN7HqfjXRRBiGXPciHOoSHPx44wsgRzHYKoZxF9H7QIoEETtXmZOe-yJdMMU5oR9D8mgDP6u30BzTbRd8zQ

Protocol

Server

68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
an-x-request-uuid: de118915-9771-4194-bf78-c5aea906a023
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.68; 38.132.118.68; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIOli_IxjXcFzmICYtoDmYU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BA70
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMxNDc2MjgzNzA2Njk0OTEwNw%3D%3D

170 B
232 B

90ms
90ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMxNDc2MjgzNzA2Njk0OTEwNw%3D%3D

Requested by

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
an-x-request-uuid: 4e53c1b1-7d7b-4fc0-8b5e-4df317ff50d7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMxNDc2MjgzNzA2Njk0OTEwNw%3D%3D
x-proxy-origin: 38.132.118.68; 38.132.118.68; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 mnewsr.json Show response
cdn.unibots.in/genericcube/ 879 B
1 KB 194ms
53ms Fetch
application/json 2400:52e0:1a00::940:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibots.in/genericcube/mnewsr.json
Requested by: Host: cdn.unibots.in
URL: https://cdn.unibots.in/genericcube/common/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::940:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-940 /
Resource Hash: 34547fe18f978e6854aed0b1844c4ae25d8d9b12365743d0ba97fb71c8ea04c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:07 GMT
content-encoding: gzip
cdn-edgestorageid: 941
cdn-storageserver: DE-664
cdn-cachedat: 11/12/2023 17:42:46
cdn-pullzone: 483488
last-modified: Tue, 26 Sep 2023 09:30:01 GMT
server: BunnyCDN-IL1-940
cdn-fileserver: 340
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 2896c518d9316d30570c82f364388b9a
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C639 0
0 130ms
129ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3258155344124022&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 0CC6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoJMMr4F7FFCTOMKaLtv9w&google_cver=1

43 B
61 B

61ms
60ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoJMMr4F7FFCTOMKaLtv9w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjk7gEQvKm3AhienqzyATAB&v=APEucNWKCOuI-ZIZc8iXydWPYkPnnAw7OO9hJznnwbgd-XDQo45oS-103bmsNhSOWyNQ9y364AvTXPZWtX-5zzLFeo5A9ueatg
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHoJMMr4F7FFCTOMKaLtv9w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0CC6
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzhlYTg0YzUtYzk0MC0yOThiLWNkMzQtMmI1OGZkN2UxZTRk

170 B
243 B

76ms
76ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzhlYTg0YzUtYzk0MC0yOThiLWNkMzQtMmI1OGZkN2UxZTRk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjk7gEQvKm3AhienqzyATAB&v=APEucNWKCOuI-ZIZc8iXydWPYkPnnAw7OO9hJznnwbgd-XDQo45oS-103bmsNhSOWyNQ9y364AvTXPZWtX-5zzLFeo5A9ueatg

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 24 Nov 2023 13:56:07 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzhlYTg0YzUtYzk0MC0yOThiLWNkMzQtMmI1OGZkN2UxZTRk
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame 0CC6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEMJgrjR2F62dNoNHfYiXTnI&google_cver=1

23 B
278 B

78ms
77ms

Image
image/gif

23.200.197.46
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEMJgrjR2F62dNoNHfYiXTnI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjk7gEQvKm3AhienqzyATAB&v=APEucNWKCOuI-ZIZc8iXydWPYkPnnAw7OO9hJznnwbgd-XDQo45oS-103bmsNhSOWyNQ9y364AvTXPZWtX-5zzLFeo5A9ueatg
Protocol: H2
Server: 23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-197-46.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Fri, 24 Nov 2023 13:56:07 GMT
pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEMJgrjR2F62dNoNHfYiXTnI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0CC6
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZmIwYzU5OWItNjQ5NC00NzJlLTljMWMtNTc0YzhlNDJmZDA2

170 B
232 B

79ms
78ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZmIwYzU5OWItNjQ5NC00NzJlLTljMWMtNTc0YzhlNDJmZDA2

Requested by

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
server: pekko-http/1.0.0
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZmIwYzU5OWItNjQ5NC00NzJlLTljMWMtNTc0YzhlNDJmZDA2
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Fri, 24 Nov 2023 13:56:07 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9D38 38 KB
13 KB 65ms
64ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 91530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 12:30:37 GMT
expires: Fri, 22 Nov 2024 12:30:37 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3270 38 KB
13 KB 63ms
62ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 91530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 12:30:37 GMT
expires: Fri, 22 Nov 2024 12:30:37 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 5B76 23 KB
9 KB 67ms
63ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 10:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12916
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 10:20:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5B76 8 KB
823 B 81ms
75ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Nov 2023 13:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 13:25:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Nov 2023 13:56:07 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 5B76 15 KB
3 KB 214ms
62ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 23:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 23:42:18 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 5B76 376 KB
131 KB 216ms
64ms Script
text/javascript 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 15:12:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5B76 20 KB
8 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 15:29:11 GMT

GET
DATA 200
OK truncated
/ Frame 75D0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d209f24ea54d5ff757a413f87f52f0f15056327bae9214d9f31aa2f33eade964

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame AB6A 38 KB
13 KB 75ms
72ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 91530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 12:30:37 GMT
expires: Fri, 22 Nov 2024 12:30:37 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync
partners.tremorhub.com/ Frame 1BC2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESEIxyHNjkOO4JZU4ji4c_n7Y&google_cver=1

43 B
175 B

185ms
59ms

Image
image/gif

2600:1f18:612b:4264:a025:b051:5a6f:e1dc
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEIxyHNjkOO4JZU4ji4c_n7Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQ_oXq9AEYr43M-AEwAQ&v=APEucNXhQEMn1icIwXQoETBw2H7GPfaMeLbseGkzyElFK5kRpimFvc0pzs2KO4SCD7RYqlkoRx_GWKj6mS5lt3m8fGZpnYbxRA
Protocol: H2
Server: 2600:1f18:612b:4264:a025:b051:5a6f:e1dc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 24 Nov 2023 13:56:08 GMT
server: nginx
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://partners.tremorhub.com/sync?UIGL=CAESEIxyHNjkOO4JZU4ji4c_n7Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

partner
sync.search.spotxchange.com/ Frame 1BC2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGYn9xO1fxErC7xzZy3a9WQ&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame 1BC2 0
0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D38 39 KB
15 KB 69ms
63ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 12:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 12:02:13 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 3270 39 KB
15 KB 72ms
64ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 12:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 12:02:13 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame AB6A 39 KB
15 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 12:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 12:02:13 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 93AB 0
10 B 62ms
61ms Image
text/plain 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VVmstQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 86 B
241 B 201ms
56ms Fetch
application/json 38.91.101.241
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?fields=status,message,country,regionName,city&key=LWKtz4EzQwMJRyQ
Requested by: Host: cdn.unibots.in
URL: https://cdn.unibots.in/genericcube/common/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.101.241 Newark, United States, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: us-ny-1.pro.ip-api.com
Software: /
Resource Hash: ac1f206b82887d56ec7299d5ffd19aeceb34c5d9d4cab52be9d4fd0b422c21aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 24 Nov 2023 13:56:07 GMT
Content-Length: 86
Content-Type: application/json; charset=utf-8

GET
H2 200 close_new.png
cdn.unibots.in/genericcube/common/images/ 2 KB
2 KB 64ms
63ms Image
image/png 2400:52e0:1a00::940:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unibots.in/genericcube/common/images/close_new.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::940:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-940 /
Resource Hash: 88eece529b81941f34c359e48850de59f92bcca9d2c951ca328a97cce7e72cdf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:07 GMT
cdn-edgestorageid: 1067
cdn-storageserver: DE-664
cdn-cachedat: 10/31/2023 18:59:56
cdn-pullzone: 483488
content-length: 1860
last-modified: Thu, 21 Sep 2023 05:18:54 GMT
server: BunnyCDN-IL1-940
cdn-fileserver: 696
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: image/png
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: f415f0343fa43d75021119d8e5600977
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/7175492104940212821/ Frame 331A 5 KB
2 KB 76ms
75ms Document
text/html 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7175492104940212821/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd8e4d5bec25873e4263a25a948a3ce48a416ced4dceaed3eb3450a7c529bc0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 83122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2037
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 14:50:46 GMT
expires: Fri, 22 Nov 2024 14:50:46 GMT
last-modified: Thu, 21 Sep 2023 13:42:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 75D0 0
0 354ms
99ms Fetch
image/gif 142.250.72.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsukSsixZEfaT2sB2DmORzSnvzCYWJFJcXo7IynuzukkGGEXLjE4kXIP8sMTHZoUZbIvStbvsOXFQMa9oyK7ddtgzadlO_d_bxA8nI0csxqQI61pX0KWgvPffDlsXXfNc4ip3SdihOU-Jzyz4txH2-Fnxc_-kDGFdbHn1xjZtjGEbLi1JNYTzUrQdXFPF93-R4JcmVyrftP8mc-M4-uTIjx76KnVR5o-rp1Q6UVFEUS9pYvrU__WAtur_q0EYMBeltJIZXWaLZLVL3L_a9EWb1GLfvRfFLpBqM0ICGgQBH4cKzi_wHZeqP7ATv3Bpnl3k-szNmVjOvpiA4oDws3lcZMyeDp51JkdaiD-RfC4f4pa140c9O2w0s79NM3KJhNdbiAFUXLZl_krVr3DUe215nYXBQG0LHBrxlZ5vxaxxDFXJZ2LqLaBTZGyhXvIqL3x4OC-qcI7SwOzKY9DOyayIrH68J7HZx7xdFepW3UJO_aVjVrgdfHXH1NXuVi9BkE9sFZcPN_DDCqXiwc_i-eNXGZLV7u-ZvoRL8hTxJHHyaSmR1l6VsCoNzzSLAchTcDSPRwkFmVxAAXFZdosXNSQYXweMaXO9tSwH0oSAUbveXVjrx98qD-usra_4t9BznCwSo-93Fhr837vvH9nJ4t1racfFrHnZQSBOwPcLmu4S_NPxbQu7ynTy1M0c4A2uVbxiugLjANVGfbqNXnRU_jhyDByBGyAXD-NHk0eniVSRzoKyza1WYpjJEDOwGOJWbUcAq8JpEm5Fi7C3j4MDAg9u6Kid6MfS6ndPFRnsVOGCFjtz7x3EOWKclq-uWw7ConN8qceV7ODEUXikbL20LIRolHGGqnMwKUgRsN9JPDjKuSsSTLGTSFIEmAYApo_hszB1-XAbOVndmICzwPnBxlhImnWlEzZwj-GzQFZBjwFsdzqt1sR9fgyeBAbTrw7W0TG1dPA38IR2DnMPz3flLvE22LnqrPTZ5NsBFJxM1NSvtpqQhAqbg_OBAuIVhsWphuJMHrIHaxX-_IHrDYAkghKeW5XGXsYyrXde-yIZu-jL1kaMgHds-TlpyXnJEajN2HHLXv2OnIyy5SFx0zRSgJ2IVrXhgUidkuuA5SVH-HWSkL4gAjAM8AkohwJmuT0KzZoQ8Bm1otfdCB3BmWeKyxxQPJrFDmWU1Lg0YrXea4XV0YRqKLnbncBL8cjeezy00tU67xTQAO41721iLbGSmqInAlEBBtQd9r4CKW9uwUP1W9_tdePzy3kHyycigOCwQdI_FlSVhyxE-xe-6QiwoI2n9T48vQ8U4ipZhM7vhE-ULJsOJTDiCqvf-i5SWt2cSTqLXzo93EGZZVXHAfTXNpxBFyuOvQ1KdvKbUYaWwyYFzf4uyMMIhmzJPCFK8rEICRZcQybr0v2wk9kCsMHRvJCVQAAS35iEdo_JPvQ7fVJrt_T&sai=AMfl-YTqqW2KtLYaVKVBN8vWn8XvzltkpoMi0VYIGJEgFt8Wk8cjTEoayeIBppb2jVtjP6QihBlu9rY_JbLzbXpQuoKOLHNzNgGC8Kkxox2-gduQB6oxU39klsNiwAtdEOajebXtQ_SR4-y7Vn0aiDTkq1ppD1g6Zrw7XJAj3qkf6M6ltvI1ZrkUeEgZVVqMeFv30Fjs6w_wWOlZB40ES3ir2mPNFisDhMfkhKXDs2yjjD9jLfuyFcACQF32gKqOxO2nX0-izBSiGj-pUzxFvMbZ0iG-k7M15j3Qbt5i2ko9tZ-0xwvyPTIvgSqShug-5zHoH0NQF8Ew4f0ir4ZVv8TdUZaCJfeRz9K_hYUI-53nL6Dw1daZl08tVEhLfPyrwOvvxP_Kn5ZTVa3YNLd1wuQk5Xp5UwIfyS7SD858jAeR4QbYH9Ea6Xd_jzQzrDoGswBP_68AWQBIj12xJhRMsQZ8YGvReBUExkWOyzTjofTdC1OiEajDZxb8Aif6xujiSYjGlxfRy3rqpQ8cvw&sig=Cg0ArKJSzLhEPljrboa6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly92aXNpdGZvcnRteWVycy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=425&cbvp=1&cstd=421&cisv=r20231109.55546&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.102 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Nov 2023 13:56:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 K9pJvgFeCv.gif
pixel.zprk.io/v5/pixel/ Frame 75D0 35 B
460 B 311ms
57ms Image
image/gif 3.82.68.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.zprk.io/v5/pixel/K9pJvgFeCv.gif?ssid=1&ut1=Consumer_23/24_Brand&ut2=Display&ut3=TravelDesk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.68.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-82-68-216.compute-1.amazonaws.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:08 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 35

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 75D0
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1622598/75186829/4.js?adContainerId=brand_safety_dqtgZdr_J4HLxtYP7IiakA8&cbFunctionName=goog_wrapCb_dqtgZdr_J4HLxtYP7IiakA8&true_pb=&adsafe_pb=https%3A%2F%2Fst...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

71ms
68ms

Script
application/javascript

2600:9000:24f4:6c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:24f4:6c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 09:25:11 GMT
x-amz-version-id: rCHUCJhZ3YRYD3iWv9sRo0TaGLFHV_wc
content-encoding: gzip
via: 1.1 46e2fa2a811f54853547788992d9aca0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 189058
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 22 Nov 2023 09:25:09 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: OenvxjZVczQ07o8DaRlEih--32fjzwDL-Cw1hve_BqU6YjjooKekAA==

Redirect headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
server: nginx
x-server-name: app64.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 4E8C 91 KB
23 KB 234ms
68ms Script
application/javascript 2600:9000:24f4:6c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f4:6c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 46e2fa2a811f54853547788992d9aca0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 20417094
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: cS6AzFlsaS9UvQ2xa_YhFIteKVIc-JHkHkJXvc-mm8Gfgq_IWq5qWA==

POST
H2 204 csi
csi.gstatic.com/ Frame 5B76 0
234 B 181ms
59ms Ping
image/gif 2607:f8b0:400d:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lpcoqzc2&c=8121581961990&slotId=4060790980995&qqid=CNeSzYLl3IIDFYGl0QQdbIQG8g&fb=outstream-lima&sei=44752538%2C44807614%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B76 0
20 B 128ms
126ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CnzvxdqtgZdf_J4HLxtYP7IiakA_G7ozbc4r43begEvAuEAEggqKoLWDJhoCA3KPEEMgBBagDAcgDmwSqBJ8CT9AiDyGuEMB_AhIdQasjSbQqwVdg6WQiNdDOW5GCKKU49VqPA11kn2VKprozA7IqfeRX2ODQnfdEyd84yBksxg9lW2FufJkKFBiE-UQSrGFAU0IqWiGhYzt6Wv23SuMZbwZk3Q62I4-z35JpqU0X0FqPsorw9TnEt837stdCP6geKOknis_Nnjo3J4FvlezdH2fYYZ165Pks8WsIdM7StJf7uxfIhlgGCxZIobSvzjMywM1EPCAJEGuLcpxbmJckQLZ2ruY67bs1IEU5D3SFzm4Ou89bd4zlSWF8ZDv1j_-3YLGFsTdryAiCcUpP0i9y48icwIpzQHwTDaqfImeEn7U9l284eqXcFcvqILQ62WfrE3suH-VEdLIzlxjz5xfABLLg2LClBOAEA4gFhIyMkUyQBgGgBk6AB76--DeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHzICigI6AoBASL39wTqACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJVU7AT2YnHFMgTkoay4wPYEwqIFAbYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1700834168170&ai=CnzvxdqtgZdf_J4HLxtYP7IiakA_G7ozbc4r43begEvAuEAEggqKoLWDJhoCA3KPEEMgBBagDAcgDmwSqBJ8CT9AiDyGuEMB_AhIdQasjSbQqwVdg6WQiNdDOW5GCKKU49VqPA11kn2VKprozA7IqfeRX2ODQnfdEyd84yBksxg9lW2FufJkKFBiE-UQSrGFAU0IqWiGhYzt6Wv23SuMZbwZk3Q62I4-z35JpqU0X0FqPsorw9TnEt837stdCP6geKOknis_Nnjo3J4FvlezdH2fYYZ165Pks8WsIdM7StJf7uxfIhlgGCxZIobSvzjMywM1EPCAJEGuLcpxbmJckQLZ2ruY67bs1IEU5D3SFzm4Ou89bd4zlSWF8ZDv1j_-3YLGFsTdryAiCcUpP0i9y48icwIpzQHwTDaqfImeEn7U9l284eqXcFcvqILQ62WfrE3suH-VEdLIzlxjz5xfABLLg2LClBOAEA4gFhIyMkUyQBgGgBk6AB76--DeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHzICigI6AoBASL39wTqACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJVU7AT2YnHFMgTkoay4wPYEwqIFAbYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5B76 0
54 B 171ms
61ms Ping
image/gif 2607:f8b0:400d:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lpcoqzcb&c=8121581961990&slotId=4060790980995&qqid=CNeSzYLl3IIDFYGl0QQdbIQG8g&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.19c&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 5B76 31 KB
18 KB 244ms
90ms XHR
text/xml 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DwolbsTb4uGKBHX5wavaLVnOXqyxN-XSO7prJQGSlKgqbvWzBYT_37_c7TkVHPAGvQkx-PxonmWsjYdNBzc6HJQlYI3g&cry=1&dbm_d=AKAmf-BZHi3Rv93gvjIrePWwjK5RV51bu0apWRYAU8v1wSA9ymTjAgb7_VhWTsrNdfDFEqPJlVzjvNHLwFjrSWwvV-JaLjImKk3LraAg25b9VmO8TTTn0NrMMTppIkroDg75uYcNAEnVTHtQv2LKBqY-y4nYoc5akVhfTbeh2tn8Zqy0FbK8PQ3EMlCKMH-LEpmitxTZQ-bpRJCxvUQvycEa7lfdjlGpVpAO4P4aIKWMxPNBU8gmcbY5XUSnpOZ3ggXT8KHjBnWzXo8hCjoJ_yNL1cR4fBXISvCAYS37OaoQHBy1b0BYUrc5h4iRu5LKmjsbDvYVMIe5zX3lZd7SlyiuChq3VwIySwzyMupVOgaKe7KkytM_KFSx5hSSFRsNSsE7fFACueN91dv6F_ZDLonIjDFw6j6dprL0GbS6RLt10MiRHtfr685NJIecBQS8uMMcCyAOQVShxe7Xw__Ssh1MnV7CYyOc0GDmNLcOXTTOLivl7iWSwULpJAT14XXOAIjML0KMzgE9MuizjiC23vyEL0xk0Mb8e0qIBumJgxjN0u04gS76NXkOGo-SyF371nPoszXQRiYYwYGfbCwbDDVQH10J3G2osPT4qiSEC1f85gWZYhbFgx-XmvpCJqywJRZjN1unqY2HIfJFYKwt-QbqShJLuA_95I09FbL6tWZSA1DQdyKSz1pD3oOsoYrq4JxCFP2Z_CPuPQApzqxvYgD5T6pGHjJMBAd19WYjsLXVFYiQ036PWfiNLdfS5Xm4xd-XUT0TsMgscyfBy0g524XDZOxdPAlKW9FQ6gtZonP7PA0QYT4xX3kjoS2WOhEkc8sif4Ar3u3RVLF3zO8vmISgWuo0O2C9eisgd4xyfd_P87QNd1LoYRPARHcUv5J0sEL1JRGnyPIIgox_p1By95KiO15G1sgGuI8qOP5G736X8jC7I85-GFgKQuBjif0hMLN_65a718alZx5zRv4DtveU7aZYEZskcXiBCQ3alXfE14-u6OFkmc3V-YMnluQjqe2_J8cT89lc_65YDBAV4KZj0VnrRuVfNtXXx85mQq6C2Vmzq19yfddrsSguleqBQYwECi0w3TWxaaI4YAVzlvAj74B7gBPWtUl7qNm_mI8f1tDlE4ZjXlrW62be4zGqSnMCTyI_2k38VoeSBqG6LMlteqoVEnWotYFGR5LbsWTq9b0pecIbLYkWdAUb102LbgoWYBfs0LN-4FjJeZ1StK1bxHnEDiwAddj1HvL-3NF4blG5msOdsS9ZeP8tgGtX1e-SrXB-l0jR1DvP4j6NfsGZvosH90OOY69_5j__2tDLXDH5RFg4PoWOEvqOyO9aIjM4X-wH75vQR4lkufcIwjtdbdLrbIhRuPBDyhzK4f4T0P-T6NFOODg1XlHT1pgDqtl08VYh7wZ87q2J3t-MC_ZhH4-G4m6mKyoZY_nwFcwv1IacIAHKdw-ZHD8YRfRl6rvAT1tzfJxH9hkDWgmxtQn03gT6OgmDIZ7BMqFR6dfAmBl7AywrMb2DmJUPHk4B-shrL1B5I7AuCdP4IUSkoLmzXC_gJs7qGke-BfTx8GHOwJpLzs0pqc-HpCDf8spLhVebOnu8_1cmau40blmaDpeDhqfurgqXgoukmH1gF1Wuxswm96xIz2vdcSkvR-CwcR2F-h3Gwzt5T8B_vptXgaJUVyjuok3PHS5q0CiUSi2sOGNik5qxip88dva-MMOaxlrKwpptHbTG6ynuzSPkTqfj0s3Zy_k9krL9d3q9MQDRDFRxEiw6M0l-2rCdu0T39i-rrhlSKmDsZxp71Pi1DXyzqRSt3oRByqGbWEW1I4YWuoWP2fQpZrOMofidckCrKqQI4IlYZ9A0CGK5k3MtwL8DOC5gcaWQ_I7CV5Cx6VpLqgv4jn7ukCEPzbl2tk3A5CDhf-6QfZk_MdndqT7tABeD08P0ZWwFk9t8VCRK1qvryvLv2Xz-fA6TTQHFA2a4aeo9BA-tlFZ5rW4MZBziUq4PgpStCovTSJ-0ncoQ0PjBh3IWdazc6UzKGkhj2Yo0K7N0qYq-75C_YuedSJnnkLZYYOhW1AP9Yzk-ID8kFzwPItTk8RmeCeaujTmz65DbtXEUDRdjJ7ZquQP-P3raLy5oK6R-9Zpf75Aob60NfFOjkiDvfU3z5z-1Y6K6G2Ea4jf441Ol_gnPtOlz7y9azmCgJbIVq_fMbnk5S36FlQXzxB5cDDyGsAyJbDTLr_iEWpW-AZMJ6XgFCwkaXTa-lMp1PJc-nPZSiYiOAN2o1cbT77Dx_jLyQvOqAD85ifFjTs5aPVShQMRdPHzNoTIff9NT0WJ8S1GzdWK-jpbmoYM0pWNoxSMAw_Le9PAdyWRrL7wAbWTr3opdCCqrIopsEvaiJQ_dxhYNh7M25EzVihcRPruEiC4yivuY6OLKyre34oY7_G0kF_rp4HlURtVqRz44KmmrYjdT3Ft7ZC6ZFHF7FWW7GpPxH5udmO3ngQpFltMaqL3J-hyLBKB8_Yk-iM2UkRI93qJIcPlmP82l7ctQBWf_naQP38lkm304XJjEag_RlcnksHV5XUigBYxRlf8hSqIuy1cOE_rtqc_LfRASNcUonmnQcr-_OHOFgepzjI6Ltme7uNPHDX2DR4g0HKuIlkSQfJ324TT-uYyXdH0TYUJP6SgagJQfagaqudqotprkjpY6wXUn3RGHTOZHYxJP-OGZNmh69xamzWyWSHqsRAYzNgUZg13_8gjyhw7Maj-UpjtD-w18x6m70igmtPFPCN6igq3hOZGbgGkCzsUkdOIrmNeRoavx9d-SaEL6iQwtINJZp9wc46eZ47FiIXbV47ZfJZWgU5wdi6t6zGC5vuEh6DayvdwnR8Yuns5IeMP4svOOYSM56dAn4Nvb5rdDTIvIExILYjkuq2fg9oR0No3zBCJTJ52ENG2HuCJxU2j5dBmRRqRxSOiwgjZmvWRHTAsXrqLOXXV2mNiNct-VMqz9_URQATBPRKPdh1UWug0EUf0_D2LI_VM7Hz7h9pkFS0ff0fsr-100hMX5PHlCL3LqcEFSAEwnJHjDf7Dzr78Xvaw3O6BUh7NqbGYfUpEzpag11FmmL-ecngduElGTlakniam-dRSso7Lab2L90Bk72BdPZDO0MHWz7RY9SdOB7R2ZMCxTJw_VIqF2q06d0BwTgN8_aVqqCwKJs3FO49yyuvCuhglxFjQ2pX2SDeH9rV739fUbzOmcFJd8Y7i0ZaoR9-pWUlAIUzdUcYvLwz9kK_zhm0E2ADEgc6SmAuC-g9teWDHBDEOwpZl_k1UM0Rw2HTSAtO1E8a_Pq2vqwn3WEhojZvROuNdLDGAv9Rg5CNP_WH_y3eE2GrHdfVNTXtkCHBDNZg8dnXyDMHWJO5Sv08IhIa3YtNtREYlKYvMnpqGmgTZXDiDpW8UdQohCqG6GoJvHjjN4GgtFeHDOQj4jUje4wDDrRO_5OjxEnYcR18wurRHMPqBtDnul21Qocm9cmGcrcX90zUeGRHuA2z3vNvTURfnE7uArPJRQxNzVgKCVrRx16MsNh-SfgyeluRcgqlm4UvQ0DCgM3TRCK9hw5qpwl_j0YYrjUAiM1PS-byIbpizduCHr7D_q2q4qaC7YSa0D4PuhqPoHZiQyWwgwYKHle7_-MApYJoND2Qj6GcdNOL5PY_1R0qLKAnCwZgDpVjwLB2OMfwy2VwaCOoNKIBTexFcQ&cid=CAQSTwDICaaN76rcZSIhILXhXaaAtiCtG3RR8O4Yepnycv2udHzem9TZdFdbE3qpsFZOCZCHx74cyyhADHwd4PpZSw-cyWl8ooVfIhOU7G8fJmwYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

80d7dffbf6c66e244f4eb2e6d8d6b983e015a5e2b6e2069dcd5977f3afe297a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17650
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 75D0 43 B
215 B 350ms
115ms Image
image/gif 2600:1f13:800:7780:31d4:5bde:3c0c:bb42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1622598&asId=8c773384-a6b1-14eb-e985-e623df2f1265&tv=%7Bc:uQZjHQ,pingTime:-3,time:127,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:50%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:127,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:50,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B111~0%5D,as:%5B111~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWxgPUn+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C1911%7C19121%7C1a11%7C1a121%7C1b1*.1622598-75186829%7C1b11%7C1b121%7C1b13,idMap:1b1*,rmeas:1,rend:0,renddet:DIV,siq:52%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:31d4:5bde:3c0c:bb42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 75D0 43 B
216 B 346ms
114ms Image
image/gif 2600:1f13:800:7780:31d4:5bde:3c0c:bb42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1622598&asId=8c773384-a6b1-14eb-e985-e623df2f1265&tv=%7Bc:uQZjHR,pingTime:-6,time:128,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:128,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:50,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B112~0%5D,as:%5B112~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWxgPUn+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C1911%7C19121%7C1a11%7C1a121%7C1b1*.1622598-75186829%7C1b11%7C1b121%7C1b13,idMap:1b1*,rmeas:1,rend:0,renddet:DIV,siq:52%7D&tpiLookup=ao:mnewsr.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:31d4:5bde:3c0c:bb42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 1700727261308-300x300.jpg
mnewsr.com/wp-content/uploads/2023/11/ 25 KB
26 KB 176ms
176ms Image
image/jpeg 2606:4700:3031::6815:1237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mnewsr.com/wp-content/uploads/2023/11/1700727261308-300x300.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / EasyEngine v4.6.6
Resource Hash: ad3d228de9f119943d0e2c5d41ef7d7a5bd865c112d112db4320517d3a97fa9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:08 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: EasyEngine v4.6.6
alt-svc: h3=":443"; ma=86400
content-length: 25661
last-modified: Thu, 23 Nov 2023 08:14:24 GMT
server: cloudflare
etag: "655f09e0-643d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSJZy4BIURD01URgAlpDGLC3fYaqzHjKHESMMUZxTC7o2Jd%2F52%2Bx4hGbHM6iqxqIM%2B%2FABN2DXEoLrHnfpTNwqIBuRiUeV5dy6jd4v6KcCC4v8Mt7D%2FGK7JuBSVXS%2BgDiCkVN%2FwEo39Y8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82b2274f9e8e3367-MIA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame B143 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 038cd2991c50ef0fbb2b69c2b0930e8f56d5c7538b6eff90f4120799350e3965

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 unibots.mnewsr.com.1500696.js Show response
jsc.mgid.com/u/n/ 0
455 B 42ms
42ms Script
application/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/u/n/unibots.mnewsr.com.1500696.js

Requested by

Host: cdn.unibots.in
URL: https://cdn.unibots.in/genericcube/common/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:08 GMT
x-amz-version-id: UShXbc7llIP87t75i09oUIo7W7eaaGPj
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: PZSDRP6PY7CN8EE9
age: 1422
cf-polished: origSize=3
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-id-2: quJm5/H+Pe9JkvThc7RyjpujoXZhOx7saW7a6hbASQgZWdSGj905bNuUUa8t/RGyeEIkwC21znM=
cf-bgj: minify
last-modified: Tue, 19 Sep 2023 16:07:03 GMT
server: cloudflare
etag: "cf64b89236d83f0076d28cfa07bc8d51"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 82b2274f99310a0e-MIA
expires: Fri, 24 Nov 2023 16:56:08 GMT

GET
H3 200 unibots.mnewsr.com.1500697.js Show response
jsc.mgid.com/u/n/ 0
456 B 49ms
47ms Script
application/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/u/n/unibots.mnewsr.com.1500697.js

Requested by

Host: cdn.unibots.in
URL: https://cdn.unibots.in/genericcube/common/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:08 GMT
x-amz-version-id: t4WVgxrQl8qO6i.e6XcuJwZdnYVpr_H4
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: PZSAB95MRVDA294P
age: 1421
cf-polished: origSize=3
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-id-2: XNIobRucoGSwtJQ06c+73AIrgX1J7soNVJ/Mys0TN7PAmw5XYlpHh/pShuzS+F6jmKl/rh/4Ck4=
cf-bgj: minify
last-modified: Tue, 19 Sep 2023 16:07:05 GMT
server: cloudflare
etag: "cf64b89236d83f0076d28cfa07bc8d51"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 82b2274f99350a0e-MIA
expires: Fri, 24 Nov 2023 16:56:08 GMT

GET
H3 200 unibots.mnewsr.com.1500698.js Show response
jsc.mgid.com/u/n/ 0
455 B 48ms
48ms Script
application/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/u/n/unibots.mnewsr.com.1500698.js

Requested by

Host: cdn.unibots.in
URL: https://cdn.unibots.in/genericcube/common/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:08 GMT
x-amz-version-id: H6UChQaTBTVrqzdpdCStB7nSjq.hVJWK
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1V5EW0T9RV27QTEJ
age: 1422
cf-polished: origSize=3
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-id-2: 6Ib0enFLnNwxJWzPDmqXHC2pO3CbENaDRi3f6HBEYFSNQsQ1u82AdXKTabxg7xCpXLqubur3oaE=
cf-bgj: minify
last-modified: Tue, 19 Sep 2023 16:07:06 GMT
server: cloudflare
etag: "cf64b89236d83f0076d28cfa07bc8d51"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 82b2274f99380a0e-MIA
expires: Fri, 24 Nov 2023 16:56:08 GMT

GET
H3 200 unibots.mnewsr.com.1500699.js Show response
jsc.mgid.com/u/n/ 0
454 B 47ms
46ms Script
application/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/u/n/unibots.mnewsr.com.1500699.js

Requested by

Host: cdn.unibots.in
URL: https://cdn.unibots.in/genericcube/common/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:08 GMT
x-amz-version-id: 2_5MEAKQnmiTYTZO7_wKzpccPQ6enpa2
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1V521BM5AXHN3DHZ
age: 5114
cf-polished: origSize=3
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-id-2: IQcCNE7k1Sz7jEp5/7IXQKvFGfzpCek8sUJWSS9V7ryGi49a81pmWQvaFzZ0utCKHO+IJEbb1ZU=
cf-bgj: minify
last-modified: Tue, 19 Sep 2023 16:07:07 GMT
server: cloudflare
etag: "cf64b89236d83f0076d28cfa07bc8d51"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 82b2274f993a0a0e-MIA
expires: Fri, 24 Nov 2023 16:56:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
90 KB 77ms
77ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J26BV7FC43

Requested by

Host: cdn.unibots.in
URL: https://cdn.unibots.in/genericcube/common/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c2f22d4dac7b2dd8c2cc23a74e49f829f81620f815903a1a844f26be6335196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92616
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Nov 2023 13:56:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 80ms
79ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J26BV7FC43&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195329056-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1699cca655fb4c3fa3cf7e2cf281fdf40d2a0160c0d8c89b1248fa91bcab477b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92760
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Nov 2023 13:56:08 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 75D0 43 B
215 B 302ms
116ms Image
image/gif 2600:1f13:800:7780:31d4:5bde:3c0c:bb42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1622598&asId=8c773384-a6b1-14eb-e985-e623df2f1265&tv=%7Bc:uQZjIC,pingTime:-2,time:175,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:24,mdZ:412,beA:511,beZ:512,mfA:519,cmA:522,inA:522,inZ:532,prA:532,prZ:552,si:562,poA:563,poZ:588,cmZ:588,mfZ:588,loA:638,loZ:641,ltA:685,ltZ:685%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:50%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:175,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:50,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B159~0%5D,as:%5B159~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWxgPUn+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C1911%7C19121%7C1a11%7C1a121%7C1b1*.1622598-75186829%7C1b11%7C1b121%7C1b13,idMap:1b1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:52,sinceFw:121,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:31d4:5bde:3c0c:bb42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame F632 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 680f1d41a40f812e65e08f8bdd275602670d1aac9ef056c069c76080f7de9c30

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame B143 0
0 110ms
100ms Fetch
image/gif 142.250.72.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuUHXWK2BlhyWSrSR4qoxIJcHWcm8YqX_NMCyAeZD-Mgt3aIv4xkM0mqNPCmnaCS7gBQwZx2Xpgw32YH6Phb5yUbwfbN6tTN2B4lxJ4-zdoN0LdgbKLPPfJxJQ0WCxSXRwULcgwnm_19a9iMZ7e8QYEdtPLrMPFOpd0bjKY7D3LJPucSocZUzgrIfDh5CztJVZ8Cg0uVBbP04pwS0PMScXCnoxn9-pBCnGKGCqA_FNFG7MxaWG41ngm3o_tmJM55RbzLVNPVDij0Oh3TERVJvGpitt_Ks2h08sA-Li9nT1hfph_RsGXY8G4SEE9O4_bR0Mc64wPHWIEm7Y7pz_a0aBmqRh2Cb-aYitn8fV7rB6BSlwsQm_GFjbKq8_OBXp-3EW4ovaqgjdaqNbhDqoZJsH8o4zGwi-c3jBP_Zj7CQwPl8UzRdtvBPjL3vL4fWg-xvXgR_uQRjcJ2P-U3A7I4JCHhao9TaGpyiuscp2TuoCqhtXDPuYCHF9dkq3qr724ZSlfp5cGb9V8fxOLfJ4PyoLigERo5IxPIl3NN_3q6DiMWg2421ew7jHwsqV6Vh7cqqxdpOFRCo5imlYrYozUwMDax4e_44R6D20dmlmJ4Qqr0_Y2SS6AB3waqs52D1mGFD7F1Ln9eYEtz71zwWSZCbdKRe9KVc7-IaLsftkTPLL7UUt6ponFGwOfjYcqdfk_dElLPLP1mzjht_ruGUGbI3WCn9aLN9th46gDW-_JUuzkD1wuMjhKrG5ApyStdFXllGEgWBqECGiQ7UuYeMc-A4IrDRr6-kcYNw7Vw6PCOxEfntcK4TRi8CT6Axj-44EO-MXWjIiu0s-Mp5Wr1wQ5tgegJOjXtWio1iH8UzrqnkSTTIuck79FvXmn-oU3oSuhb6DwoMU3L5CKa9pgKgpYDcElVg3i-42Bnb95qWaU0SIXWaUNSKG3gHpbifP46kCpYs7cfQojDw8tlhI8NCEtJcnFevWg4fkERf9Mzkitf9h9RaoZDe-gExK2NGx9nubZRyr5vAMRDx9SznH3T8bJ94EezpJ3b3a49Jo8BRC1ynrHoTH7plNhdSyhmYSo6WlHKJoiwo1bnesAJbfGFIhZmJunQ0EW0zibY7-L-EFcLmzSlsqM-myPXoZHw-e8Aj2ed0pNOWibk9I7YIUTeF5_dIFg-oE39XqE8E8lJQ0AShAVTm8Qu0lg37FB01IeMpAtGERJfn4U6VbCamyAUyHV4w2clJ-dW-ddDkcRFcLhzhZz65KdaHlSvSVWjeO5hjP48QM21xKmdBUGV_b8bltWZ-Gxb5XzuPixr-WT2k9h4V8wPR6fgbLsluFt-goW7d7i2rozJ00OVEYxvJ4x6DmQ385Rwgk_LmGM2bW_YazLZpbHH2D3FRLieVuV16vyVPQG855cGWOstRq2kzLK9qbPseRYgWlaPxkT3OGrTKhSvQ&sai=AMfl-YTmfjz_IpTsD46go3nQoCCYvx_IS0giNh9LcAUzUPLd1DchWuNQOfeuzpKtwE47TUjfLTT_0TKIGgklBXhIzvX9n774qUBfrkzpnTpSnhVsBfYXM8zBnAGFdzrLyk4NZYjAW99nSU6XJEEclvYiPxgpEn6FuBp4pS5EzUfhjrHp2cne3beovuuDoRDx0RTXSPYaAghbcol4vcpoB-H2tgrGxAdyNbv1MAbIbqi1Sv7zp0OC5hWus9v9wKcnDBt-Hr0IeY5Q2IzqiUtWx_kKBxVFhdUyBV6n1Pzyzt6J3ZGgBQcn8o2TKAZ9l04nHnl3dWE_EM7OCAkXbsL_OspiCEk4q236CN_OYlPnXcKg2z-axGlnoGEjQBX3MOCblMHzumcvcC1nAYSPv5qdZYF8EhfYkHp3gwFpsNe8SXpC0xB1PjydgYdfMzuJvAad5lrmJXPBfD8PO6oTHgnM15s6kgB5t3cNlmS81VvVa-SgQW29d0bqsIyeZ7cx14bLqK8ewBsqvCaw8fGC&sig=Cg0ArKJSzKYxzrySqNLsEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hcHAubGluaw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=715&cbvp=2&dett=2&cstd=0&cisv=r20231109.16358&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.102 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Nov 2023 13:56:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame F632 0
0 100ms
100ms Fetch
image/gif 142.250.72.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvZ20MYr0coLmfoLHpWpiS_4aOXCa1g8wKCEJHOXBI6aPzL_GpR4Szd9dva7fzMRv8tP4NZ_HbuxavM_y6nNUU1uotOl3n63Lvle2drVfgEYSjnwtM_mXi3i-19p-Ky6w34GGV58h4VeHeI5EAsFgd5zcqJnostr0vZU6qmMhK8uqWqMF4rqZiiYCq9VgAvpiLK4N1V4hZwivk4y04NLaeWrNrM2KGgJMlCLnrqM00oeFHwVeM4lLpGZ5Y6fvJfIyfWBUaKDRfvn4ZPKWFrkU8HUdywTKKOUE3GaGY9F772-efR2pOimQK__jRftEVSzNzDjMnalYqKbAxF-kszNUPJJ3MzyNrLaDlx7smhaqPIVKEjdBpmuY2is-1qL6HsMtQAz29wbbnY24VJX46oGcegp2yeb2YQx3QHAnM5JN5a0luphQzUpSFPOgCtgxAW-_4r7TSfv0G_Ffam4hRIV1iTSWDQN4oZnlvMuPLGxw0gAYnad8QiLjyGNxn_mS6YYbIEByysx3iHeCE79HL2RVGjK0T1he1CcXp0u0DWd1d2TLLLKP8yAM4xIQwAOgb7P49rBszuATrNPQGCLZuB1kVYVQVdFwkO7jpHIpHz9AtIa6caJg9KA8tPJH4xM8Tx9U-lWEdsNfaU1meBvye3jfJ4HQGal2LopKuRl7X1wd76C1UMQtcC4dbfSxB6IluXoA5h1K1wLP88IONdlhKet7k8GUt-UB9VCd5Vf3rhyA23In7gmQ0udfroHdn9X_DApiG1zC72ycJmQ1gsjZK50QyBlR9YWWED6iMwaY4b7-d3Fc2FzPDYd1q6HitAUCXBNOhuhYgb2eaCbk9sw2mnFIXD2BW2xEcszi6eiwwIF5q1hq6l5VHgsGnP3dMgSNh86DlagqDraIe9ILkWJfj_fSo1RuSrb2OOHJj9wbHewDg8IYpqRFmqQVJC2opOdi2hGz1FhSyTWU-R0yBV-fesAfoId7cRMhCGl38cDigksm3k64hZdKwjQMJJKf6X9_J7VnivBeE5UoJJbfnbf_3p6WMCG_f_pBF3GEYPMOkbojT7p82rzRtQmManTTkedYVlcG6-tLcZC6V_BpyHKEj9nq6-E_U39NfaJd7ZJMcVlac78okc9bMFvzwc6-PFwqhqcYHmyuRr8GlT1KJE8O0r36VD8FdJAW3D6uH1kboJ4zMahT8T3ujSvCMrAIzfYx-G7Ws2ULLhJx2BhFUVlYjgRHrqXsvxa7kWc4wuzQE7xV3L6BorEJRCZgbuUg8iAxxO7ktZChW2Ne1r2oaTCY1j1rMF8EM0WvAsckfQ7C3-J1St9JvX4F9XqPbZWnKl-1RMlWpBeTR3Y2L2mocSwMRFdOAiPeFGVH6ZPt_0nYG0kzFJG9asjIOnCQudbxI4Mm6eAyMrJyM7F4Omyp0R6fYs8X61_l6dIBX6xSq8z5rO&sai=AMfl-YQc-BORcQ3sX7j_jEylww5HA1t5WNPSR_qTrfpGre_AYS7S7RfftFufH0BpKJO-hf3_oMvXtXSeQ-lBNMWKDJRj2ms-32N4ne7cWs2-H_JELyjC1XrmSTCAVVTyUg_t94MVRdt88PWyl9NLWTjE16X8xyVxEPtkQe3sTEuDBobsBZRqKAzMNIA40DQhckZgVf6nwzegFFHu_rDwObLsYB-qRUDxezZef5Y5JtJcbb3D5tFz5nzyJRMcJNj7rIIYrdo5ZfUaZWffpu0pXlZGJD968kPtMmXm-QW3nv1yEGMbM3GDpi75fdkaujoUHWeejlNSXmIV4hLWAQPKdERjdJ6M6OMqka5N_73zB66CDpnRDG3WROs9La03QZlxdZ_d1_A0jXbFGp4YB67zB7IfVDfNOa13iA2eQ5oMmCginefsO0x8LwfTh-TZMUYAB5bxpcKy9W-TTUkE0kkzsnmgAEsvJyJdKtIUsQT79u97t9M_sBx7i-DppJpXk6ythzXqL3uyK9zxz-gV&sig=Cg0ArKJSzAmgulPSFJJGEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hcHAubGluaw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=799&cbvp=2&dett=2&cstd=0&cisv=r20231109.00666&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.102 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Nov 2023 13:56:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 331A 3 KB
590 B 79ms
78ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@600;700&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7175492104940212821/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e37c880deb89406fe1df454c2e816cb0cd69110b043f684ef5cd97a187ba2312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Nov 2023 13:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 12:46:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Nov 2023 13:56:08 GMT

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/7175492104940212821/styles/ Frame 331A 4 KB
2 KB 65ms
64ms Stylesheet
text/css 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7175492104940212821/styles/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7175492104940212821/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c55961703b726bb382ec0b9630f0273deb8d7ebe60ed60efd996a466a53fd7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7175492104940212821/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 12:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1539
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 13:42:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 12:46:36 GMT

GET
H3 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 331A 139 KB
48 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7175492104940212821/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7175492104940212821/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:50:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48652
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 14:05:18 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/ Frame 331A 62 KB
23 KB 133ms
55ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7175492104940212821/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 279226
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22641
last-modified: Wed, 29 Sep 2021 08:04:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61541e28-5871"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxQMLuSJ4jM1NHAvYS7pmoxNKw3LgErm%2BxUET1e5ZEzLa9z5A80Ihv6pVg0kA196GSyOZ%2FtkGReAkunhMIjTOhk1n9VN3kVchzLb72PN2EHA3NWyk2ZnJKnplDCeH8Nyz6DYbl870MSOPNa504Gjcp96"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82b22750b9af8dd0-MIA
expires: Wed, 13 Nov 2024 13:56:08 GMT

GET
H3 200 scripts.js Show response
s0.2mdn.net/sadbundle/7175492104940212821/scripts/ Frame 331A 1 KB
575 B 65ms
65ms Script
application/x-javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7175492104940212821/scripts/scripts.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7175492104940212821/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62df9938422d967c44f999a59bf2271cbb0000a89826f6ee8f2b14f9f39ef750

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7175492104940212821/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 546
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 13:42:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 14:50:46 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5B76 0
45 B 59ms
59ms Ping
image/gif 2607:f8b0:400d:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lpcoqzcl&c=8121581961990&slotId=4060790980995&qqid=CNeSzYLl3IIDFYGl0QQdbIQG8g&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 5B76 41 KB
15 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 09:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Nov 2024 09:04:19 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5B76
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

227ms
62ms

Fetch
video/mp4

2607:f8b0:4000:7::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/410CE81DA335192298D5BBE4C95B242576FD6242.5CA052A3BA03B129BB72A8D37AAF2BBEA20A5D69/key/cms1/cms_redirect/yes/mh/p_/mip/2001:550:1d05:1::5/mm/42/mn/sn-q4fl6n66/ms/onc/mt/1700833050/mv/u/mvi/4/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2607:f8b0:4000:7::9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 24 Nov 2023 13:56:08 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 7654419
Last-Modified: Tue, 17 Oct 2023 17:05:23 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 24 Nov 2023 13:56:08 GMT

Redirect headers

date: Fri, 24 Nov 2023 13:56:08 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 648
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/410CE81DA335192298D5BBE4C95B242576FD6242.5CA052A3BA03B129BB72A8D37AAF2BBEA20A5D69/key/cms1/cms_redirect/yes/mh/p_/mip/2001:550:1d05:1::5/mm/42/mn/sn-q4fl6n66/ms/onc/mt/1700833050/mv/u/mvi/4/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D38 0
20 B 125ms
125ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B0ypedqtgZdj_J4HLxtYP7IiakA8AAAAAOAHgBAI&bg=!CQqlCkXNAAZxrfrxUa07ADQBe5WfODHBMGzHLlm0ZxpiCZgMneo0VltYZ06Nsuu2MHc0DW9hmPWzg8eh1RWNlXRLmX8lAgAAAmdSAAAAA2gBBwoABDXDndGZAvernNPubpFKi6EgfrzGWCYq6jTot7-Qsrmrct8LWNB5N54o1QxK_0DqdVPbb_QHU7U1Q4f6AZh7B_gvIWNasyq6-0jwWEJTbFwrA5Uq7hO4Mo7wekPqkqg9P86huoO1792XXQ_2PECVYnBnUB_C_NqCKYkWWLutbhninwag9exfB--iieoLJnVlGUIz9vL-7sDz3urcvRXPxwlrTjsmqreaY6EZUhOkj_BUzEqO39SdgvroHeEl46bCPkH5eVHokM_D5BqkGZlocTl5WF2vCEBIA4WHMtwzqCEkJomOD1Y4uzw65HICks-AU9Si_tTE_Ixkascc959usyKFlstthPKWDebPd5XsHfiBGnMJjZnIlpKHrP51XTNhBMNuln1rN3cazpPf-D1FjedEtnk1Hg3kgFpD4hblfuMnCP68ZC11D1vTGgYbp5jqet5ntTjgW_mlJlPdeH4RaOsC5MrHorB7lt1noxYIMSCgL3FWzXr5JwO0CS0RunCYZ9hrAzrwmsTuNXbjbCSFvZtELwuDYBaQfdSLYDpNxyPHx12iWojsvZQBqLFDAafeQHgSfhSmvcQPNTSnCpM-tiFCeRpRQeBB9dRlkWtiE_YAZoMWklQcQJFvBSHx64HYhlFSA1Rt0wgIe0O5KQSrNnaw7t57pE9GqmKfyQgKKRsW-zuu1poXG2imnTU8x6qgkwoXoDc5GET-PLHnqtkHA4ORttR5n5SDfTUXlOXkLKhpBEANCrw5U8txDhUlWEv--gqS_M1PBcMp_deJ8LGSKatr3ThM7bvT0rWsOy65xK_xPjdjneua4Hicau3gzg5iUTXy-8EnWEnjRXV-SWrOEF5rv33IzzGLGllZfayXtva-VRJ4s7W1jwfXvmMhrHvdEnkYWXEysHWmyKEPrxUK8WEfHVi9S_JwHlbx_eNRNAYSrEugZ-9hcs7tBxJK54sOndXuaLvAZzZx-rWPw8hsFFutNecxQXIYOBMj_2M7-DfW46Fh3lkyryVLpOsyab8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET bg_1.jpg
s0.2mdn.net/sadbundle/7175492104940212821/images/ Frame 331A 0
0

GET locator.svg
s0.2mdn.net/sadbundle/7175492104940212821/images/ Frame 331A 0
0

GET footer_bg.svg
s0.2mdn.net/sadbundle/7175492104940212821/images/ Frame 331A 0
0

GET 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ Frame 331A 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3270 0
20 B 126ms
125ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BECnCdqtgZdn_J4HLxtYP7IiakA8AAAAAOAHgBAI&bg=!5-Sl5KvNAAZxrfrxUa07ADQBe5WfOGy0uox9Osd-bJeSh4z8S4yYtkqbte7KxcaLy9qJrczSL5Mrmmvub03y75lQptTKAgAAAj9SAAAAA2gBBwoAd2AzZpW1Xt2u8LSpxuVuZMh8BKsUFl_g0MeO-ieJVDu8yZUoK0ZmV6MZwdVzI3HTctOvHzE3i6axWM_h8omd6YEypI89OfEIA6dPqyR7OPNeP_2SgYUUEVTO0MHBmw_roShmTYyP9K2sNIcrkQnm1ZoKzwc1FNkpmQMAj4RnCZTgRXRGGYLg3e7WccmAeVMcCIni_7zQCKrLNxSzCD6QlonHoF4eNdXHuXkJXO3ibYe2RpCNGwC9fqSzhWXLLOecYU_qfxUW16HG-T4W9ilDAzGPuoFGPdlBzur5CpOSsbGryxsplK1t_F44GuNGK6pPd8Q6fhi8rJ6NVDrAwgl6MVt2dz-f49GlvdmfpcqfWgRt1-YAHBo5yS4hunOX1Q8YVteV3HjubCJzvB78pcmuhV4Angk2YdNY1a1QgvP7EJIeiuuOx-awPQOa8JBX8isbTCd8607KGurcdoRb9Ax-o-ojjOPJ01gVd92SKXMxMyac4A06x6KZ3USOf1HH-FdigrCC3uh2-IdVobe4lyjtaI5Cqmh41ryZtFFceZWb0878Pt9xcCg418EHcfRg4Utn04BRG7V1Mf0yayyKQwnU46xPYWpqDQf8wdOTnjmn3Q_VVgi1IHC-syh5J2mOUcQd0h8Q4CCNWMYC0myTd0c2gusKObFYBc0HR9181M07hCvCjW8PMj9L4tG4dikMNWQAq1JMaYZAUA_yjBCZlNEkHFZZLdHWR_UBLiaAdNLnlNkajZUs3MGl54fV8BVul-atfY8yAOjd1Hc8oXBOPUe-xIVMG8yEUz-ToNrRbmJVCz16Mdq43k2DiNVmQtl2nR8T3EttPo9DPcvERLE6DTSZUoFKK-L8IqQnJh3oq1mrOu-23yq3e3Yp3BltFYBEIxNbYYCT09inXBK5brDkl0UxkjRaqAD7gxO8ZJH8G8BRHx-aVjxIwAH015om_oSJOvahtqezADJa51qzOVDM7PML5A04sJJWKSeiEEE1_wpsatlpDD3pH9JCKxASI2mdnS1XA_VG1slRK2ogGRA7Vqp5rrmZzVsnW0AsiWSBP7UeqJ-G3GiNXe28heTl01hMElhUrc3tjCrynYSRLzfxu0iFwF4-7zO1QSektoGfWc7qsvoscv_A5FIRGRxolv36Y_vjUnxlkor3S3usUr5T2y2qBXjb28WOR9f81aVB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 75D0 0
482 B 228ms
90ms Ping
image/gif 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss7opCoCSiyIEPpQGjCy6MTfaPbNpRuzaeNp28cMQUPGsA5GToTNqNTRXKTYfTAkPaAzAI6Tcih05DON9kE-kCCokFO-yKEhCYK1Z_dnNnfhovnHqwn-OmNbM3BCLuAWC3vrqxTlbCUpgj9KgWFM04YAvnM41kjTqnq2nzUVtHsMk1JcsS8&sai=AMfl-YQ-UpdE6eKayE3YlPf4tX0qgidpJGBZprlPFVpjJSoGbwCvn3Xh26ZBFcybPg6AEbXvjo3SMofBpAmLZ3vW3u4grQONdQSQ3OM6Um_6PdXgeCq2a-Rqt1IFSvK0sIdF1nUAmFf_P81ZqnBqnGrEN9TbK9n7BIE86jDx44z50P4&sig=Cg0ArKJSzJfoLvL3R0YTEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 75D0 0
0 93ms
92ms Fetch
image/gif 142.250.72.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsukSsixZEfaT2sB2DmORzSnvzCYWJFJcXo7IynuzukkGGEXLjE4kXIP8sMTHZoUZbIvStbvsOXFQMa9oyK7ddtgzadlO_d_bxA8nI0csxqQI61pX0KWgvPffDlsXXfNc4ip3SdihOU-Jzyz4txH2-Fnxc_-kDGFdbHn1xjZtjGEbLi1JNYTzUrQdXFPF93-R4JcmVyrftP8mc-M4-uTIjx76KnVR5o-rp1Q6UVFEUS9pYvrU__WAtur_q0EYMBeltJIZXWaLZLVL3L_a9EWb1GLfvRfFLpBqM0ICGgQBH4cKzi_wHZeqP7ATv3Bpnl3k-szNmVjOvpiA4oDws3lcZMyeDp51JkdaiD-RfC4f4pa140c9O2w0s79NM3KJhNdbiAFUXLZl_krVr3DUe215nYXBQG0LHBrxlZ5vxaxxDFXJZ2LqLaBTZGyhXvIqL3x4OC-qcI7SwOzKY9DOyayIrH68J7HZx7xdFepW3UJO_aVjVrgdfHXH1NXuVi9BkE9sFZcPN_DDCqXiwc_i-eNXGZLV7u-ZvoRL8hTxJHHyaSmR1l6VsCoNzzSLAchTcDSPRwkFmVxAAXFZdosXNSQYXweMaXO9tSwH0oSAUbveXVjrx98qD-usra_4t9BznCwSo-93Fhr837vvH9nJ4t1racfFrHnZQSBOwPcLmu4S_NPxbQu7ynTy1M0c4A2uVbxiugLjANVGfbqNXnRU_jhyDByBGyAXD-NHk0eniVSRzoKyza1WYpjJEDOwGOJWbUcAq8JpEm5Fi7C3j4MDAg9u6Kid6MfS6ndPFRnsVOGCFjtz7x3EOWKclq-uWw7ConN8qceV7ODEUXikbL20LIRolHGGqnMwKUgRsN9JPDjKuSsSTLGTSFIEmAYApo_hszB1-XAbOVndmICzwPnBxlhImnWlEzZwj-GzQFZBjwFsdzqt1sR9fgyeBAbTrw7W0TG1dPA38IR2DnMPz3flLvE22LnqrPTZ5NsBFJxM1NSvtpqQhAqbg_OBAuIVhsWphuJMHrIHaxX-_IHrDYAkghKeW5XGXsYyrXde-yIZu-jL1kaMgHds-TlpyXnJEajN2HHLXv2OnIyy5SFx0zRSgJ2IVrXhgUidkuuA5SVH-HWSkL4gAjAM8AkohwJmuT0KzZoQ8Bm1otfdCB3BmWeKyxxQPJrFDmWU1Lg0YrXea4XV0YRqKLnbncBL8cjeezy00tU67xTQAO41721iLbGSmqInAlEBBtQd9r4CKW9uwUP1W9_tdePzy3kHyycigOCwQdI_FlSVhyxE-xe-6QiwoI2n9T48vQ8U4ipZhM7vhE-ULJsOJTDiCqvf-i5SWt2cSTqLXzo93EGZZVXHAfTXNpxBFyuOvQ1KdvKbUYaWwyYFzf4uyMMIhmzJPCFK8rEICRZcQybr0v2wk9kCsMHRvJCVQAAS35iEdo_JPvQ7fVJrt_T&sai=AMfl-YTqqW2KtLYaVKVBN8vWn8XvzltkpoMi0VYIGJEgFt8Wk8cjTEoayeIBppb2jVtjP6QihBlu9rY_JbLzbXpQuoKOLHNzNgGC8Kkxox2-gduQB6oxU39klsNiwAtdEOajebXtQ_SR4-y7Vn0aiDTkq1ppD1g6Zrw7XJAj3qkf6M6ltvI1ZrkUeEgZVVqMeFv30Fjs6w_wWOlZB40ES3ir2mPNFisDhMfkhKXDs2yjjD9jLfuyFcACQF32gKqOxO2nX0-izBSiGj-pUzxFvMbZ0iG-k7M15j3Qbt5i2ko9tZ-0xwvyPTIvgSqShug-5zHoH0NQF8Ew4f0ir4ZVv8TdUZaCJfeRz9K_hYUI-53nL6Dw1daZl08tVEhLfPyrwOvvxP_Kn5ZTVa3YNLd1wuQk5Xp5UwIfyS7SD858jAeR4QbYH9Ea6Xd_jzQzrDoGswBP_68AWQBIj12xJhRMsQZ8YGvReBUExkWOyzTjofTdC1OiEajDZxb8Aif6xujiSYjGlxfRy3rqpQ8cvw&sig=Cg0ArKJSzLhEPljrboa6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly92aXNpdGZvcnRteWVycy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1019&vt=11&dtpt=594&dett=4&cstd=421&cisv=r20231109.55546&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: mnewsr.com
URL: https://mnewsr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.102 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:56:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 76ms
76ms Ping
text/plain 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-J26BV7FC43&gtm=45je3b81v9137699570&_p=1700834165076&gcd=11l1l1l1l1&dma=0&cid=354402961.1700834167&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700834168&sct=1&seg=0&dl=https%3A%2F%2Fmnewsr.com%2F&dt=mnewsr&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3787
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J26BV7FC43
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mnewsr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame E10B 23 KB
8 KB 65ms
63ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 91532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 12:30:36 GMT
expires: Fri, 22 Nov 2024 12:30:36 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 126ms
125ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3258155344124022&bg=!5-Sl5KvNAAZxrfrxUa07ADQBe5WfODUPbPfT7fnJmp0R0UmVmCADzTNAQjV0dI-qdBFwQGQSRuMdITlppzBEZD5aaZvyAgAAAQJSAAAAA2gBBwoArIAsRuOQPU29KSv508GdOJd5QuR3QzclXpq644QQf3KNbBlpKs3JuUTTm5ult9A_Yr_tgB-sEKFtSrchIVzqzg8Q_iyEKRC5kqUq4SO41NZltMkKMcpw5zbsFK7vOLWwUEwSLVaTs6Mtt4pGyILGZE67dIGZGzPruw3OL2_WRpU5tL9SpSGMIMA9YVc78uGPlfvdyKVssQ9CHcVCZUwUFfOGVdMPLAKS7Jts5TOZAr2F2OcWHwB8faAOVB1EVVFdZzMj7o0wjkDFKOxDCE7fu7z5NWGaeGKlLp3PalmveMks_0b4aG1iAcCLvzvqrpDfymeP8Q5HiK9C8LfGGov6P4vw3i09QfPQYi2mj2xRcgm4qS0wK18kZMTukOuiUko_RyY4kjey46CQRgOCZDOVD6qMNJp5E8VZSWud7Nk5hWLX_X1jqrhjCPod84oFbh2Bdtxncwzf7FKWQlvRVlV-i7n49VErfVgjkSEXUwZdXHak8LdVdjKej506T4s3vB0NKt4rB88baEWZdc6xHE_QyPKgeh9f-sH9k94hs8oam9aUqa5WMu4z1hQjY0KQ193s3mHUoE9KI9dgKQC_CFrrgWqh4H5cxyvHMNiEIQiSljovHLv1NtD1ww738YzcFnu3jozXopp62C3OncWXKmHe3W3Tq8xZ4C1tumGh1kivHkrZoPL5mwijf7PydflwmAQp6NqNoqiWRGDOrMuVNNPZC1FUec4S8cjeShwVAvgXsfZ1poA9ecWzLFbXOKqtpCCetHNdZLjXeaIPYlqn7FQd44CepsY7U65Q-xvLCKKE-NhhNx_Y7QUvMXOZOwb7s0t5NDYtL9qSHzo8MlVUphopp4r3mNaCTB3n_jBrwClYtnD_FUThlTX92xRJUangiDP-ZKXcc5_twnKTVwV42PHEFDWHmUf7bXmrcshIgcOOeYlQksIJIoR4k9rA_3gvhUEty7QlJEK26_UKcpqpy1hqbTw8T5YqNq8oq6-YJie8Vx2oL8s7fvSbzEemKye55Ijzb7lrQg8ZxB9x57sHzVWo_r7umNdO9YT-3fQA177Y_dOksWCPKJdKMBkgw5MxkE3-hWR9ycPAZL5WcrYdVd8Jpx8-yU6DTOWYNtX6PgyVj11bt6zcx2MBZes8RmjSV4FAWbFRt0ABzHdULTSo7w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mnewsr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB6A 0
20 B 127ms
126ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BiFtcdqtgZdr_J4HLxtYP7IiakA8AAAAAOAHgBAI&bg=!c3ClcD_NAAZxrfrxUa07ADQBe5WfONtVHR1hNjDMy62kUK-AhGM-oYp3q-Zyjc-zeCnI-j00NotKZeQ4v2-P0sb75uPuAgAAAiZSAAAABGgBB5kDDmiCg79-VyDa0ZaiwLILyBQwArdDwfKsxuqnaI3MSOvwuAxY3JzHt73t6IJlJ6_gXRnlg3uuVpVBw8m1lu775yL12epOrgKvbcSCuVmLSHZ7kw_jdpRTfvQtnpUywerIHj0OdveEi4IUn9arg1Q6gm6o8inwKpBk6UciP_RRS_Na4TUY28Pn_mpA8JrtohpA2HxJlFEeiC0e71Ow259_oavqVaAHHXAcwgY5d2mGA4_Ixnn-lWkNUU289ubRO_yE3fUwO2BK4fRwuUSSgSeLMHmm0R_aw8s5i0gcvKP9lQYmOCE6g43UcqvqRxXJD6AS8jLdKHEl7u75MijtuzYcDHmaNG86aPafuciFz3mukOc-otsJCtP74TWZ0gzHM1Ei0JKHGK8CSwn82flwz9pOweE9E9K0-0JPw8VIJGWQEqAYZ05WS9p8CtJnhRtRjMjmGGA3f6r1-Lg3yr7w521-TSdLkzg6580Y-g-v_aZpA4dJNMd2yyFK0KxfjdOVfoWn2jO31lucTBa0bMZ-0lGAj8SEcTOzbZ0NYXwuBgmAUt92hnAXxSWSIR9WYlMqmmiZMH9qon7sKZhmbOdAXe7aVQpAtaTYwudnM_YBML6zs_-rYQjkUijexdF2_D1AurMw0CfaujWmcLMcV1Scu6WQSgmREGqS5iX82x-ADAyK84Qjl7RcfYzh-HE3SpBNH3QFyTSsz7j3cFJngOFB9ISlpY5kRqYs_FGKtVzoHhqYbnnOlVdogOaEwlmRjV_1EZgCA3YHSDlkTYn-LsbcUIyRzjLDfzX272qbNgQ9IZIZ0TT4WP0hdbHnQkUxBejjJT2Xun9Mek19q_3ltK-dL3eBq92vu9OZCmVKywBihVGaH0ErSTZomyck3tgUPChfbDA_gIdpppPvRgEcZqLz57nTU8-ww_ox1_I2KthMfGodc13syEBYUyWf9-9PhSzdTW2-psQo5ZFdVq9_1M1kqIASetjkRBN9UAym_40oUURIneuTSCt_6_ruWCyZ5AnUhsuCafFF92yWmFxBfHjueHzF

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 75D0 43 B
215 B 114ms
113ms Image
image/gif 2600:1f13:800:7780:31d4:5bde:3c0c:bb42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1622598&asId=8c773384-a6b1-14eb-e985-e623df2f1265&tv=%7Bc:uQZjQ2,time:635,type:e,im:%7Bimprf:%7Bttecl:1015,ecd:353,tsecr:124%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:635,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:50,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B619~0%5D,as:%5B619~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:350,fm:tWxgPUn+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C1911%7C19121%7C1a11%7C1a121%7C1b1*.1622598-75186829%7C1b11%7C1b121%7C1b13,idMap:1b1*,rmeas:1,rend:0,renddet:DIV,siq:52,sis:528%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:31d4:5bde:3c0c:bb42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame E10B 39 KB
15 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 12:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 12:02:13 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 75D0 43 B
215 B 114ms
114ms Image
image/gif 2600:1f13:800:7780:31d4:5bde:3c0c:bb42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1622598&asId=8c773384-a6b1-14eb-e985-e623df2f1265&tv=%7Bc:uQZjRZ,pingTime:-10,time:756,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700834168823%7C%7C0dfdc37c92214772baf6069bdc7f04a9%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C3d1654ccb35a3660e43e52d6f05e31aa%7C%7C8891c814a874f31ae4047097aa5890cd%7C%7C093db0a809ce811e4493a32b3dfd7f11%7C%7Ce5eee58487d719a294852f01b05e58ca%7C%7C7e0b53955c9c087d35648060308941bc%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:31d4:5bde:3c0c:bb42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:08 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 206 file.mp4
r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5B76 261 KB
0 127ms
62ms Media
video/mp4 2607:f8b0:4000:7::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4000:7::9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 24 Nov 2023 13:56:09 GMT
date: Fri, 24 Nov 2023 13:56:09 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-7654418/7654419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 7654419
last-modified: Tue, 17 Oct 2023 17:05:23 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E10B 0
20 B 125ms
125ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BtQlteKtgZdC3F43TogaDpLaIDgAAAAA4AeAEAg&bg=!ubqluvXNAAZxrfrxUa07ADQBe5WfOLYCtJV5nXGabFFrql9jhAWzOxHRFdhs7WoMpEOOQdu1cXykIJSA0pHod88PVXDOAgAAAG9SAAAABGgBBwoABII5oOqZAwl99FyEdhVG-QxEbqz1oxEbEO7wsiHR4UPR8_P9P7KAZSeC5SivfMFJHGL3ZcA-pZVN7OObiA22ESh92ixpN1nawhDInhv8BljZhG7DtqGhNAL9ajf7R5m8ys_-Yqx3R5kLu6BUlM1COm1C4sdHKjFBZ8gbnZ0YeH9vnybKw64mVhdZVM9GP6lRD86mlaoUsmALi0Bo0v_YTSUWz1c9CrUhl2qk4G80QJJ-96qagIAw_Ixequv9b_3c8h7mXosKH9TAKlFuUYU3P9Zsrm-dG-CtzYuCBlGGJonPXFr6KvFwdpgQxfeaei7ElcgcvIMrqXwwIvRALXWDjRSoA_1wdZycY2wfPAh48wO9fB6P0tzRp6TQaCD80QrUXEiYYftL4AxNeaRRV1BDiEXyxln2cSoazKsMmmj9Q0s770oGDCO_DiLkQNYmlQed6hpqS1tQN3IMflbV-0ULpijxQ25gg6K2dZ3GYT_qCcBQ1I7YO03yU8FAzSRJl6zPuPSrn-be-KRyUTNA9x-j21N_C9XgPqu3WyhbwpktnO0DP5djurGTT4ABX9aYL6JGhcKa1HOBt7sZg3mw4lE18S3wF9NGt2DTfwAeThCDFQlS76KPSO1GYoF8SGjbbjRXYZau9frArxC-MPvYE1Od3HyDhn6iKQ0DUTId5AqVFqSzh6yF7HIIt36mGttaflyf2jQyNktzNkI12RCQhqpYXq96EtSO1QvQNCCbo0aKv3yeycOiiUu4-DxDkRMGTKaxBh4ADtmZFTcuWJbzn5kBOobWtA0TMrdg1XE7EJxxWg7qIngRGNfL0dn6pRXImCwb-ZBXdRmuWNcDYTB9Jty_yhdDoACJeRRrK3L8Y4A_gDmFaOgPwl7ZRw9Fqe342sFFVEFVVeQ4UoVNVvBY4gbuN5m0QbSsd1gL_zfDZtVA1Zqgf7YNFqeSO_VXYBTilslXKfs8YrIsVpesrxUuK86plR3Jx1pI3-9b4-5L6WFls91mIcRXAQWgFEEKqfztVAWAQkCJ0i0HdC0VFr8z1pirnF8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B143 42 B
64 B 125ms
125ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvV-LELv8bs85uut2aqeyV3lug8pdlwor9okwBCvkCvzU-5OVA_NZ5RiMBv8Hnvqfa1_THeZ29dGNJ-iJWwMG65HVRVLIuC3MUiTeEwPX2Tcg6hvzkocybb_tsALiAELZM_QLhHP-qc6Q&sai=AMfl-YTN5a6m7idia1H_O9SqrXr0gZMVvzUPW9koKqEwisMeGRULuQXDKD8aSo9f1ovdJmq97FjY4eXOtDHjULAU5BMNvfm08Sl8FciRo7NUt4wu1SBP7PPFTz1r4R3rgtzI2xEWuh8sXvLAVBDkZi3ahg&sig=Cg0ArKJSzOxxBxTFh-C5EAE&cid=CAQSTwDICaaN76rcZSIhILXhXaaAtiCtG3RR8O4Yepnycv2udHzem9TZdFdbE3qpsFZOCZCHx74cyyhADHwd4PpZSw-cyWl8ooVfIhOU7G8fJmwYAQ&id=lidar2&mcvt=1003&p=0,0,600,160&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700834167519&rpt=630&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F632 42 B
64 B 125ms
124ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviW6sIPoYlyVpsrjSt2gUoWDZ-6LP29a5aUb5GXPpO5Q2hYuH4o1MHMDM6w81FWxld-5RaYi0mLWOTpJSMI9RTQIqKgv3vif5jgm_TAVsnChbQJNUZFVvMf1kKkfIfbBl0i2I7bsub2A&sai=AMfl-YQqbMvFu4JQ_k3EDN8INhNUjLVx1TjyaHu17eG8C2virYtnbpcu-KHp7_t0tvfCLhs4Bk2XPQ9QsfXRxD3J02vdAHfvwxbaPlLp4JtQ1SSPOGieltgxe8PvlOhTUFgh-Gw94Fo_59kYN2PMKVthTw&sig=Cg0ArKJSzE6-CoBlzcU-EAE&cid=CAQSTwDICaaN76rcZSIhILXhXaaAtiCtG3RR8O4Yepnycv2udHzem9TZdFdbE3qpsFZOCZCHx74cyyhADHwd4PpZSw-cyWl8ooVfIhOU7G8fJmwYAQ&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700834167481&rpt=734&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 5B76 0
17 B 59ms
59ms Ping
image/gif 2607:f8b0:400d:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lpcoqzkr&c=8121581961990&slotId=4060790980995&qqid=CNeSzYLl3IIDFYGl0QQdbIQG8g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1841&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1hq~vil.23t&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 13:56:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGYn9xO1fxErC7xzZy3a9WQ&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7175492104940212821/images/bg_1.jpg

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7175492104940212821/images/locator.svg

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7175492104940212821/images/footer_bg.svg

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 16:27:15	Name: __cf_bm Value: xUq7Imb_zYhIVxTedD.dnfVSRW1XgVo3ADlmAXOu.14-1700834165-0-AZ+NDARNEIXEsoesbQXPrtXa5yp3gVYwOhGiOUwPZTyxHttqRoREOjzyFET3hbKSuqCbn8+Hr2qS+85pjhLncWk=
.mnewsr.com/	1970-01-21 02:03:14	Name: _ga_YKGS7VWZ4Y Value: GS1.1.1700834166.1.0.1700834166.0.0.0
.mnewsr.com/	1970-01-20 16:28:40	Name: _gid Value: GA1.2.1540180477.1700834167
.mnewsr.com/	1970-01-20 16:27:14	Name: _gat_gtag_UA_195329056_1 Value: 1
.mnewsr.com/	1970-01-21 01:48:50	Name: __gads Value: ID=3141a54009e53ac8:T=1700834166:RT=1700834166:S=ALNI_MYJ8_Zyz7oDxBI7tELQcGaKcFqMFQ
.mnewsr.com/	1970-01-21 01:48:50	Name: __gpi Value: UID=00000da39f07fb1c:T=1700834166:RT=1700834166:S=ALNI_MbDWwJvq5njbEiwz2l9Bt2wbRTUFA
.doubleclick.net/	1970-01-21 02:03:14	Name: IDE Value: AHWqTUmTNOhuys_sLEKOW5oFV-_7NbIa48NijC6TEApih70fk6z9QvOoSCoiRZmWMUk
.casalemedia.com/	1970-01-21 01:12:50	Name: CMID Value: ZWCrdxOhWOFgKfSr9uV1BAAA
.casalemedia.com/	1970-01-20 18:36:50	Name: CMPS Value: 2880
.casalemedia.com/	1970-01-20 18:36:50	Name: CMPRO Value: 2880
.openx.net/	1970-01-21 01:12:50	Name: i Value: 37296856-a9b0-48d8-8202-b90953bbe3d0\|1700834167
.adnxs.com/	1970-01-20 18:36:50	Name: uuid2 Value: 4314762837066949107
.adnxs.com/	1970-01-20 18:36:50	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlkH@o($!@wnfH8K6pQK`!5=E<L5?%M18><<H_UcsHkw_fYiqJb_mc6>@<i^bZYbNv%nugO%v4VB%no@A*GG0F
.teads.tv/	1970-01-21 01:11:23	Name: tt_viewer Value: 354ec352-80a1-4076-9a72-ff3d80dc5e11
.doubleclick.net/	1970-01-20 20:46:26	Name: APC Value: AfxxVi5TskIsQbO2viQ2iO7Na9IzHC7aBnr2wHfT3Sfd_CTMbEZw5g
.mnewsr.com/	1970-01-21 02:03:14	Name: _ga_J26BV7FC43 Value: GS1.1.1700834168.1.0.1700834168.0.0.0
.mnewsr.com/	1970-01-21 02:03:14	Name: _ga Value: GA1.1.354402961.1700834167

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGYn9xO1fxErC7xzZy3a9WQ&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
bid.g.doubleclick.net
c.mgid.com
cdn.unibots.in
cdnjs.cloudflare.com
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
jsc.mgid.com
mnewsr.com
pagead2.googlesyndication.com
partners.tremorhub.com
pixel.zprk.io
pro.ip-api.com
r4---sn-q4fl6n66.c.2mdn.net
s0.2mdn.net
static.adsafeprotected.com
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
fonts.gstatic.com
s0.2mdn.net
sync.search.spotxchange.com
104.18.36.155
142.250.72.102
142.251.35.162
142.251.40.226
172.253.62.154
23.200.197.46
2400:52e0:1a00::940:1
2600:1f13:800:7780:31d4:5bde:3c0c:bb42
2600:1f18:612b:4264:a025:b051:5a6f:e1dc
2600:9000:24f4:6c00:8:48e:53c0:93a1
2606:4700:1::6813:824c
2606:4700:3031::6815:1237
2606:4700::6811:180e
2607:f8b0:4000:7::9
2607:f8b0:4006:806::200e
2607:f8b0:4006:80b::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::200a
2607:f8b0:4006:820::2008
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::2004
2607:f8b0:4006:824::2001
2607:f8b0:4006:824::2006
2607:f8b0:4006:824::200e
2607:f8b0:400d:c09::5e
3.82.68.216
34.197.147.140
34.98.64.218
38.91.101.241
68.67.160.137
000d8950448207e7805a6719271a6ee6356d351b000b9a0c3fc933111c58f2f0
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
038cd2991c50ef0fbb2b69c2b0930e8f56d5c7538b6eff90f4120799350e3965
0849b6022f32c7011656d629110e5ddcb19ba534f3246005bff3b0b904abb375
087940b1223c7253cf05afb213b620a962397e2221591a092131941f36dc1986
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c76b4f8350c71a968962afc27ca3909b725c320e1117826fa180730a3dac4b0
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
168ab4741477866c5bcf4e5bd8c973ed7ec2415288f2b24e144385ac19b6d35e
1699cca655fb4c3fa3cf7e2cf281fdf40d2a0160c0d8c89b1248fa91bcab477b
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1d5e39635cf673f2c362e2cb6015719e3a2816d47e9e5a5c9684b7cb053be824
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
201460ee33628025b07c9ec4ba9d2da4f3ccb00baef0d944afadcc07c5e074be
2536af08fb7243970f65af73d4bd4a68d6dd8bafd8e38e9fd5baf4a59f03392d
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
339500954c8a669a086d31393e545d9e4dd8174db33f081e10e14fad847937a1
3433edbe5d836918661f011eda3ae77ff74e7b12a07861fa1976c12e363caaff
34547fe18f978e6854aed0b1844c4ae25d8d9b12365743d0ba97fb71c8ea04c6
3c2f22d4dac7b2dd8c2cc23a74e49f829f81620f815903a1a844f26be6335196
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
42a72effd58384af1e9fe38912380f336abb4e30ebde6c9f37d3a38609f1d323
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4b09b895a8433cbd3d56cb57c967eda87acfa2c6d9934381e9c238054c1e0214
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
62df9938422d967c44f999a59bf2271cbb0000a89826f6ee8f2b14f9f39ef750
64c7b8d79d1308bd2e6344366cae553c763af0455056adf0352e405722f6efd1
67be0ee4c8160e697ae47d94523981784569e814df2e8f206d784e563c2023cc
680f1d41a40f812e65e08f8bdd275602670d1aac9ef056c069c76080f7de9c30
692c077e466841114827ba25a7023e1bf0f84757ffc15443a75c4f1d6d193db1
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
732b75262f6c9b6d5a61da968e653880646b58cc1b25387b32badbe03881dfe1
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
7b090f178a2e108037231074fdfce6ecd08b0243db23bf2e2e56e8aa54ea3e0b
7b31db30080e2c6e8aa4ca9b620079e602e4f744b59ed970513076619336b222
7c55961703b726bb382ec0b9630f0273deb8d7ebe60ed60efd996a466a53fd7f
80d7dffbf6c66e244f4eb2e6d8d6b983e015a5e2b6e2069dcd5977f3afe297a0
88eece529b81941f34c359e48850de59f92bcca9d2c951ca328a97cce7e72cdf
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
a5688cb5035a5e247c39b9771383af9768ddec790cb17e386864acb20eae2bef
a5ed8cefa2d0d0db794cbfa1c0fb8587d0eaaad6fc9185efce8d5a34a502ed60
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac1f206b82887d56ec7299d5ffd19aeceb34c5d9d4cab52be9d4fd0b422c21aa
ad3d228de9f119943d0e2c5d41ef7d7a5bd865c112d112db4320517d3a97fa9c
af765103e9142a4cd701898bca57e0faf9147cec946d5fcf5ce5ae4312c49683
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba8d31566a51d54a72a2014a586184dabe9cff8a98e087db5a629ca7eff4b187
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
be9e9b319fe9c2fd4cfa7fb372bba3a64f2bc2c4e4df9d1b997f25fe74aa0e02
c2a7ee2fa0e3321a443c4ed8de0a4b519f4e047585845372550d269997ab8684
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
cf5da9ac90fdb2d1a9d232e7f7c6082fb71dce0eab5c4624e9ee5313c3480ef2
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d209f24ea54d5ff757a413f87f52f0f15056327bae9214d9f31aa2f33eade964
d5d766bd7edde4dc4bdddeab46caea776d9025562cd1e70c8a30b4d228ae86c8
dd8e4d5bec25873e4263a25a948a3ce48a416ced4dceaed3eb3450a7c529bc0e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e005ae227e7f23773b07f93b4b512a1b777b5eab0bf3d933a34dd346d9797e20
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e37c880deb89406fe1df454c2e816cb0cd69110b043f684ef5cd97a187ba2312
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed308f4edf54d6d2513a7a6773d3b405ae09b2a109131c1e7a6036ce88645b4f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27f1d5be01ca24a83580db45e6eb7d85b21fb20698afc3bbd8ac4f178bde69b
f8f69294cb3228695da3ba9b677db613089da1f680cc7daba635881b6e6554af

mnewsr.com Open in urlscan Pro 2606:4700:3031::6815:1237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

154 Requests

85 %HTTPS

65 %IPv6

22 Domains

34 Subdomains

31 IPs

2 Countries

2279 kBTransfer

6739 kBSize

17 Cookies

2 Outgoing links

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mnewsr.com Open in urlscan Pro
2606:4700:3031::6815:1237 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

85 %
HTTPS

65 %
IPv6

22
Domains

34
Subdomains

31
IPs

2
Countries

2279 kB
Transfer

6739 kB
Size

17
Cookies

154 HTTP transactions
4 data transactions