urlscan.io logo urlscan.io
SecurityTrails logo

www.news8000.com Open in urlscan Pro
192.104.183.130  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.news8000.com/
Effective URL: https://www.news8000.com/
Submission: On October 24 via api from QA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 115 IPs in 10 countries across 103 domains to perform 472 HTTP transactions. The main IP is 192.104.183.130, located in United States and belongs to LEE-ASN, US. The main domain is www.news8000.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on October 9th 2021. Valid for: 3 months.
This is the only time www.news8000.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 192.104.183.130 10668 (LEE-ASN)
3 2606:4700::68... 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
85 104.18.211.41 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 18.66.97.88 16509 (AMAZON-02)
3 2.18.234.163 16625 (AKAMAI-AS)
2 2.18.234.190 16625 (AKAMAI-AS)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 52.222.214.22 16509 (AMAZON-02)
2 205.185.216.42 20446 (HIGHWINDS3)
1 1 67.199.248.12 396982 (GOOGLE-PR...)
1 66.155.71.25 13768 (COGECO-PEER1)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 3.124.181.115 16509 (AMAZON-02)
1 52.48.137.92 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 11 172.217.23.98 15169 (GOOGLE)
1 2 151.101.130.137 54113 (FASTLY)
2 2a04:4e42:400... 54113 (FASTLY)
28 2606:4700:303... 13335 (CLOUDFLAR...)
2 54.197.28.239 14618 (AMAZON-AES)
1 18.66.112.89 16509 (AMAZON-02)
1 18.66.112.65 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2.18.232.28 16625 (AKAMAI-AS)
1 3.236.169.96 14618 (AMAZON-AES)
1 2a03:2880:f11... 32934 (FACEBOOK)
6 34.200.155.146 14618 (AMAZON-AES)
1 52.222.236.10 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.243.159.23 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 2 185.94.180.125 35220 (SPOTX-AMS)
4 52.31.202.1 16509 (AMAZON-02)
4 52.222.210.175 16509 (AMAZON-02)
2 4 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a0c:5c81:514... 55081 (24SHELLS)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
13 34.254.122.11 16509 (AMAZON-02)
5 2.18.233.180 16625 (AKAMAI-AS)
3 8 37.252.172.38 29990 (ASN-APPNEX)
1 3.220.82.225 14618 (AMAZON-AES)
2 18.195.155.181 16509 (AMAZON-02)
2 70.42.32.31 22075 (AS-OUTBRAIN)
1 2600:9000:223... 16509 (AMAZON-02)
1 2.16.107.122 20940 (AKAMAI-ASN1)
2 213.174.135.1 39572 (ADVANCEDH...)
2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 185.33.221.50 29990 (ASN-APPNEX)
3 5 18.196.195.54 16509 (AMAZON-02)
1 34.204.22.100 14618 (AMAZON-AES)
1 1 50.31.142.191 23352 (SERVERCEN...)
3 3 213.19.147.45 26120 (RHYTHMONE)
3 8 13.248.242.197 16509 (AMAZON-02)
1 1 198.148.27.140 19189 (PULSEPOINT)
2 12 35.244.159.8 15169 (GOOGLE)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 1 34.232.92.67 14618 (AMAZON-AES)
1 150.136.222.2 31898 (ORACLE-BM...)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 35.156.217.79 16509 (AMAZON-02)
1 1 185.86.137.122 201081 (SMARTADSE...)
1 1 2.19.35.65 16625 (AKAMAI-AS)
4 104.109.78.125 16625 (AKAMAI-AS)
5 5 185.29.132.241 30419 (MEDIAMATH...)
3 3 151.101.66.49 54113 (FASTLY)
10 14 142.250.186.130 15169 (GOOGLE)
2 208.100.17.175 32748 (STEADFAST)
1 1 193.0.160.129 54312 (ROCKETFUEL)
2 3 185.184.8.65 204995 (RTB-HOUSE...)
3 8 8.43.72.98 26667 (RUBICONPR...)
8 2602:803:c003... 26667 (RUBICONPR...)
30 3.124.10.167 16509 (AMAZON-02)
2 216.52.2.19 29791 (VOXEL-DOT...)
2 184.31.84.150 16625 (AKAMAI-AS)
2 185.64.189.112 62713 (AS-PUBMATIC)
4 51.89.9.251 16276 (OVH)
1 8.2.111.126 46636 (NATCOWEB)
2 147.75.38.124 54825 (PACKET)
2 178.162.133.150 60781 (LEASEWEB-...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 18.66.112.63 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
2 151.101.1.194 54113 (FASTLY)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
4 178.250.2.146 44788 (ASN-CRITE...)
8 2a00:1450:400... 15169 (GOOGLE)
1 34.149.20.76 15169 (GOOGLE)
1 213.19.147.42 26120 (RHYTHMONE)
1 ()
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.98 15169 (GOOGLE)
2 51.89.7.110 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
1 2606:4700::68... ()
1 2.18.232.130 16625 (AKAMAI-AS)
2 9 2.18.234.21 16625 (AKAMAI-AS)
2 2 3.124.143.99 ()
2 2 35.210.53.219 ()
4 4 52.16.214.249 ()
1 6 185.64.190.80 ()
1 199.187.193.193 ()
5 6 37.157.4.25 ()
2 2 213.155.156.168 ()
1 178.250.0.163 ()
1 1 85.114.159.118 ()
4 185.64.189.110 ()
3 198.47.127.20 ()
1 1 51.210.112.63 ()
1 2 2606:4700:10:... ()
1 3 159.253.128.183 ()
2 2 18.156.0.31 ()
1 35.244.174.68 ()
1 2 52.46.133.124 ()
1 1 2001:678:cb4:... ()
1 2 54.208.142.27 ()
472 115
16    192.104.183.130 (United States)

ASN10668 (LEE-ASN, US)
PTR: wpapp.us-east-1.vip.tn-cloud.net
www.news8000.com
3    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
7    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
85    104.18.211.41 (United States)

ASN13335 (CLOUDFLARENET, US)
wpcdn.us-east-1.vip.tn-cloud.net
3    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:223d:ce00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
ws.sharethis.com
1    2600:9000:223c:c200:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
tags.crwdcntrl.net
3    2.18.234.163 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com
s.ntv.io
2    2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    2a02:26f0:7100:48d::3282 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
widgets.media.weather.com
1    52.222.214.22 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-22.fra56.r.cloudfront.net
get.s-onetag.com
2    205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
apv-launcher.minute.ly
1    67.199.248.12 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: cname.bitly.com
dlxpix.net
1    66.155.71.25 (Southampton, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:223e:ec00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)
dyv1bugovvq1g.cloudfront.net
1    2600:9000:223e:b400:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
7    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a04:4e42:600::282 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.polyfill.io
4    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
2    3.124.181.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-181-115.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    52.48.137.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
ad.crwdcntrl.net
2    2606:4700:3037::6815:3471 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
11    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
2    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
2    2a04:4e42:400::714 (Ascension Island)

ASN54113 (FASTLY, US)
mab.chartbeat.com
28    2606:4700:3034::ac43:b0e7 (United States)

ASN13335 (CLOUDFLARENET, US)
dgtonline.net
2    54.197.28.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-28-239.compute-1.amazonaws.com
engine.univtec.com
1    18.66.112.89 (United States)

ASN16509 (AMAZON-02, US)
onetag-geo.s-onetag.com
1    18.66.112.65 (United States)

ASN16509 (AMAZON-02, US)
signal-beacon.s-onetag.com
1    2606:4700:20::681a:a06 (United States)

ASN13335 (CLOUDFLARENET, US)
snippet.minute.ly
1    2.18.232.28 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
1    3.236.169.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-96.compute-1.amazonaws.com
sqs.us-east-1.amazonaws.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    34.200.155.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-155-146.compute-1.amazonaws.com
jadserve.postrelease.com
1    52.222.236.10 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-10.fra56.r.cloudfront.net
ob.cheqzone.com
6    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:10::6816:33f0 (United States)

ASN13335 (CLOUDFLARENET, US)
counter.snackly.co
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.243.159.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-159-23.eu-west-1.compute.amazonaws.com
vid.springserve.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a02:26f0:7100::1720:ee33 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
amp.akamaized.net
2    185.94.180.125 (Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    52.31.202.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-202-1.eu-west-1.compute.amazonaws.com
vid-io-dub.springserve.com
sync.springserve.com
4    52.222.210.175 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net
c.amazon-adsystem.com
4    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a0c:5c81:5142::2 (United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.cheqzone.com
13    34.254.122.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
5    2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
8    37.252.172.38 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    3.220.82.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-82-225.compute-1.amazonaws.com
sync.bfmio.com
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
2    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
1    2600:9000:223c:d600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2.16.107.122 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-122.deploy.static.akamaitechnologies.com
ntvcld-a.akamaihd.net
2    213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    185.33.221.50 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
5    18.196.195.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-195-54.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    34.204.22.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-22-100.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    50.31.142.191 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
3    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
8    13.248.242.197 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
12    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
os4m-d.openx.net
eu-u.openx.net
2    2a05:d018:d29:3602:dabc:e8e1:b53a:329 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    34.232.92.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-92-67.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.222.2 (Seattle, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.8 (Albuquerque, United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    35.156.217.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-217-79.eu-central-1.compute.amazonaws.com
ad.360yield.com
1    185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    2.19.35.65 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.109.78.125 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
14    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
2    208.100.17.175 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip175.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
1    193.0.160.129 (Netherlands)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    185.184.8.65 (Poland)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
prebid-eu.creativecdn.com
8    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
8    2602:803:c003:200::21 (None, )

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
30    3.124.10.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    184.31.84.150 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    51.89.9.251 (Germany)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    8.2.111.126 (Clifton, United States)

ASN46636 (NATCOWEB, US)
colossusssp.com
2    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6d737814fd16de3b0a3a7c673cec74ec.safeframe.googlesyndication.com
3    18.66.112.63 (United States)

ASN16509 (AMAZON-02, US)
cdn1.opstag.com
3    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
14    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    151.101.1.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
8    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    34.149.20.76 (United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
1    (None, )

ASN- ()
uuid
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
2    51.89.7.110 (Germany)

ASN16276 (OVH, FR)
PTR: p23.id5-sync.com
id5-sync.com
1    34.120.133.55 (United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    2606:4700::6813:9e13 (None, )

ASN- ()
translator.a-mo.net
1    2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
9    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    3.124.143.99 (None, )

ASN- ()
pm.w55c.net
2    35.210.53.219 (None, )

ASN- ()
pool.admedo.com
4    52.16.214.249 (None, )

ASN- ()
match.prod.bidr.io
6    185.64.190.80 (None, )

ASN- ()
image2.pubmatic.com
1    199.187.193.193 (None, )

ASN- ()
rtb-csync.smartadserver.com
6    37.157.4.25 (None, )

ASN- ()
c1.adform.net
2    213.155.156.168 (None, )

ASN- ()
d5p.de17a.com
1    178.250.0.163 (None, )

ASN- ()
dis.criteo.com
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
4    185.64.189.110 (None, )

ASN- ()
simage2.pubmatic.com
3    198.47.127.20 (None, )

ASN- ()
image4.pubmatic.com
simage4.pubmatic.com
1    51.210.112.63 (None, )

ASN- ()
pixel.onaudience.com
2    2606:4700:10::6816:1857 (None, )

ASN- ()
spl.zeotap.com
mwzeom.zeotap.com
3    159.253.128.183 (None, )

ASN- ()
um.simpli.fi
2    18.156.0.31 (None, )

ASN- ()
ups.analytics.yahoo.com
1    35.244.174.68 (None, )

ASN- ()
id.rlcdn.com
2    52.46.133.124 (None, )

ASN- ()
s.amazon-adsystem.com
1    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
2    54.208.142.27 (None, )

ASN- ()
um2.eqads.com
Apex Domain
Subdomains		 Transfer
85 tn-cloud.net
wpcdn.us-east-1.vip.tn-cloud.net
4 MB
30 sharethrough.com
btlr.sharethrough.com
3 KB
29 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
327 KB
28 dgtonline.net
dgtonline.net
236 KB
23 googlesyndication.com
6d737814fd16de3b0a3a7c673cec74ec.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
122 KB
22 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
hbopenbid.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
92 KB
21 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
33 KB
16 news8000.com
www.news8000.com
179 KB
13 gumgum.com
rtb.gumgum.com
4 KB
12 openx.net
rtb.openx.net Failed
us-u.openx.net
os4m-d.openx.net
eu-u.openx.net
3 KB
11 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
25 KB
9 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
3 KB
9 casalemedia.com
ssum.casalemedia.com Failed
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
9 KB
8 adsrvr.org
match.adsrvr.org
3 KB
7 google.com
www.google.com
adservice.google.com
3 KB
7 googletagmanager.com
www.googletagmanager.com
281 KB
7 cookielaw.org
cdn.cookielaw.org
117 KB
6 adform.net
c1.adform.net
3 KB
6 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
41 KB
6 google-analytics.com
www.google-analytics.com
79 KB
6 postrelease.com
jadserve.postrelease.com
5 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
242 KB
5 mathtag.com
sync.mathtag.com
3 KB
5 bidswitch.net
x.bidswitch.net
2 KB
5 adtelligent.com
ghb.adtelligent.com
player.adtelligent.com
8 KB
5 springserve.com
vid.springserve.com
vid-io-dub.springserve.com
sync.springserve.com
6 KB
5 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
imasdk.googleapis.com Failed
65 KB
4 bidr.io
match.prod.bidr.io
2 KB
4 onetag-sys.com
onetag-sys.com
2 KB
4 yahoo.com
ups.analytics.yahoo.com Failed
pr-bh.ybp.yahoo.com
3 KB
4 quantserve.com
secure.quantserve.com
pixel.quantserve.com
10 KB
3 simpli.fi
um.simpli.fi
1 KB
3 googletagservices.com
www.googletagservices.com
101 KB
3 opstag.com
cdn1.opstag.com
106 KB
3 google.de
adservice.google.de
1 KB
3 a-mo.net
prebid.a-mo.net
translator.a-mo.net
4 KB
3 creativecdn.com
creativecdn.com
prebid-eu.creativecdn.com
873 B
3 33across.com
ssc-cms.33across.com
ssc.33across.com
290 B
3 everesttech.net
sync-tm.everesttech.net
762 B
3 1rx.io
sync.1rx.io
tag.1rx.io
1 KB
3 cheqzone.com
ob.cheqzone.com
obs.cheqzone.com
21 KB
3 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
1 KB
3 facebook.net
connect.facebook.net
80 KB
3 minute.ly
apv-launcher.minute.ly
snippet.minute.ly
142 KB
3 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
signal-beacon.s-onetag.com
22 KB
3 ntv.io
s.ntv.io
116 KB
3 chartbeat.com
static.chartbeat.com
mab.chartbeat.com
10 KB
3 sharethis.com
ws.sharethis.com
l.sharethis.com
8 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com
69 KB
2 eqads.com
um2.eqads.com
563 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
918 B
2 de17a.com
d5p.de17a.com
637 B
2 admedo.com
pool.admedo.com
714 B
2 w55c.net
pm.w55c.net
2 KB
2 indexww.com
js-sec.indexww.com
2 KB
2 rlcdn.com
api.rlcdn.com
id.rlcdn.com
329 B
2 id5-sync.com
id5-sync.com
1 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net
73 KB
2 lijit.com
ap.lijit.com
1 KB
2 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
477 B
2 360yield.com
ad.360yield.com
615 B
2 sonobi.com
sync.go.sonobi.com Failed
apex.go.sonobi.com
2 KB
2 emxdgt.com
cs.emxdgt.com
22 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 cloudflare.com
cdnjs.cloudflare.com
12 KB
2 snackly.co
counter.snackly.co
359 B
2 univtec.com
engine.univtec.com
24 KB
2 connatix.com
cd.connatix.com
cds.connatix.com
235 KB
2 adtcdn.com
player.adtcdn.com
128 KB
2 polyfill.io
cdn.polyfill.io
990 B
2 cloudfront.net
dyv1bugovvq1g.cloudfront.net
d15kdpgjg3unno.cloudfront.net
18 KB
2 outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
sync.outbrain.com Failed
64 KB
2 crwdcntrl.net
tags.crwdcntrl.net
ad.crwdcntrl.net
12 KB
1 turn.com
ad.turn.com
425 B
1 onaudience.com
pixel.onaudience.com
400 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 2mdn.net
s0.2mdn.net
44 KB
1
function sub() { [native code] }.
54 KB
1 colossusssp.com
colossusssp.com
243 B
1 rfihub.com
p.rfihub.com
750 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
469 B
1 zemanta.com
b1sync.zemanta.com
288 B
1 stackadapt.com
sync.srv.stackadapt.com
168 B
1 akamaihd.net
ntvcld-a.akamaihd.net
45 KB
1 quantcount.com
rules.quantcount.com
430 B
1 contextweb.com
bh.contextweb.com Failed
383 B
1 bfmio.com
sync.bfmio.com
78 B
1 akamaized.net
amp.akamaized.net
65 KB
1 jquery.com
code.jquery.com
33 KB
1 jsdelivr.net
cdn.jsdelivr.net
18 KB
1 facebook.com
www.facebook.com
426 B
1 amazonaws.com
sqs.us-east-1.amazonaws.com
658 B
1 sitescout.com
pixel.sitescout.com
267 B
1 dlxpix.net
dlxpix.net
258 B
1 weather.com
widgets.media.weather.com
127 KB
0 socdm.com Failed
tg.socdm.com Failed
0 yieldmo.com Failed
ads.yieldmo.com Failed
0 3lift.com Failed
eb2.3lift.com Failed
0 tremorhub.com Failed
pbs.publishers.tremorhub.com Failed
0 advertising.com Failed
pixel.advertising.com Failed
472 103
Domain Requested by
85 wpcdn.us-east-1.vip.tn-cloud.net www.news8000.com
wpcdn.us-east-1.vip.tn-cloud.net
30 btlr.sharethrough.com player.adtcdn.com
28 dgtonline.net www.news8000.com
dgtonline.net
16 www.news8000.com 1 redirects www.news8000.com
wpcdn.us-east-1.vip.tn-cloud.net
14 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
uuid
www.googletagservices.com
14 cm.g.doubleclick.net 10 redirects rtb.gumgum.com
eu-u.openx.net
13 rtb.gumgum.com vid.springserve.com
rtb.gumgum.com
9 securepubads.g.doubleclick.net www.news8000.com
securepubads.g.doubleclick.net
www.googletagservices.com
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
uuid
8 fastlane.rubiconproject.com player.adtcdn.com
cdn1.opstag.com
8 match.adsrvr.org 3 redirects rtb.gumgum.com
ads.pubmatic.com
eu-u.openx.net
ssum-sec.casalemedia.com
8 ib.adnxs.com 3 redirects player.adtcdn.com
cdn1.opstag.com
acdn.adnxs.com
7 www.googletagmanager.com www.news8000.com
www.googletagmanager.com
7 cdn.cookielaw.org www.news8000.com
cdn.cookielaw.org
6 c1.adform.net 5 redirects ads.pubmatic.com
6 image2.pubmatic.com 1 redirects ads.pubmatic.com
6 www.google-analytics.com www.googletagmanager.com
www.news8000.com
dgtonline.net
engine.univtec.com
6 jadserve.postrelease.com s.ntv.io
www.news8000.com
5 eu-u.openx.net cdn1.opstag.com
eu-u.openx.net
5 sync.mathtag.com 5 redirects
5 us-u.openx.net 2 redirects eu-u.openx.net
5 x.bidswitch.net 3 redirects rtb.gumgum.com
ssum-sec.casalemedia.com
5 ads.pubmatic.com vid.springserve.com
rtb.gumgum.com
www.news8000.com
cdn1.opstag.com
ads.pubmatic.com
5 fonts.gstatic.com fonts.googleapis.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
um2.eqads.com
4 pixel.rubiconproject.com
4 simage2.pubmatic.com ads.pubmatic.com
4 match.prod.bidr.io 4 redirects
4 mug.criteo.com www.news8000.com
4 gum.criteo.com 2 redirects
4 onetag-sys.com player.adtcdn.com
cdn1.opstag.com
4 token.rubiconproject.com 3 redirects eus.rubiconproject.com
4 eus.rubiconproject.com rtb.gumgum.com
eus.rubiconproject.com
cdn1.opstag.com
4 c.amazon-adsystem.com wpcdn.us-east-1.vip.tn-cloud.net
c.amazon-adsystem.com
4 www.google.com www.news8000.com
tpc.googlesyndication.com
uuid
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 um.simpli.fi 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
3 www.googletagservices.com securepubads.g.doubleclick.net
www.news8000.com
uuid
3 cdn1.opstag.com securepubads.g.doubleclick.net
cdn1.opstag.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 sync-tm.everesttech.net 3 redirects
3 pixel.quantserve.com 2 redirects www.news8000.com
3 sync.springserve.com engine.univtec.com
rtb.gumgum.com
code.jquery.com
3 ghb.adtelligent.com player.adtcdn.com
3 connect.facebook.net www.news8000.com
connect.facebook.net
3 s.ntv.io www.news8000.com
s.ntv.io
3 fonts.googleapis.com www.news8000.com
dgtonline.net
3 maxcdn.bootstrapcdn.com www.news8000.com
maxcdn.bootstrapcdn.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 pool.admedo.com 2 redirects
2 pm.w55c.net 2 redirects
2 js-sec.indexww.com cdn1.opstag.com
ssum-sec.casalemedia.com
2 id5-sync.com ads.pubmatic.com
player.adtcdn.com
2 googleads4.g.doubleclick.net uuid
2 pubads.g.doubleclick.net 1 redirects
2 confiant-integrations.global.ssl.fastly.net cdn1.opstag.com
confiant-integrations.global.ssl.fastly.net
2 apex.go.sonobi.com player.adtcdn.com
cdn1.opstag.com
2 prebid.a-mo.net player.adtcdn.com
cdn1.opstag.com
2 hbopenbid.pubmatic.com player.adtcdn.com
cdn1.opstag.com
2 htlb.casalemedia.com player.adtcdn.com
cdn1.opstag.com
2 ap.lijit.com player.adtcdn.com
cdn1.opstag.com
2 os4m-d.openx.net player.adtcdn.com
cdn1.opstag.com
2 creativecdn.com 2 redirects
2 ssc-cms.33across.com rtb.gumgum.com
cdn1.opstag.com
2 ad.360yield.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects rtb.gumgum.com
2 sync.1rx.io 2 redirects
2 secure.adnxs.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 player.adtelligent.com player.adtcdn.com
2 log.outbrainimg.com widgets.outbrain.com
2 ups.analytics.yahoo.com engine.univtec.com
2 cs.emxdgt.com engine.univtec.com
rtb.gumgum.com
2 obs.cheqzone.com ob.cheqzone.com
www.news8000.com
2 sync.search.spotxchange.com 2 redirects
2 ajax.googleapis.com dgtonline.net
2 cdnjs.cloudflare.com dgtonline.net
2 counter.snackly.co snippet.minute.ly
2 engine.univtec.com www.news8000.com
engine.univtec.com
2 mab.chartbeat.com static.chartbeat.com
2 player.adtcdn.com www.news8000.com
2 l.sharethis.com ws.sharethis.com
www.news8000.com
2 cdn.polyfill.io www.news8000.com
2 apv-launcher.minute.ly www.news8000.com
1 simage4.pubmatic.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 id.rlcdn.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 rtb-csync.smartadserver.com eu-u.openx.net
1 acdn.adnxs.com cdn1.opstag.com
1 translator.a-mo.net cdn1.opstag.com
1 api.rlcdn.com ads.pubmatic.com
1 s0.2mdn.net uuid
1 googleads.g.doubleclick.net uuid
1 uuid confiant-integrations.global.ssl.fastly.net
1 tag.1rx.io cdn1.opstag.com
1 ssc.33across.com cdn1.opstag.com
1 6d737814fd16de3b0a3a7c673cec74ec.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 colossusssp.com player.adtcdn.com
1 prebid-eu.creativecdn.com player.adtcdn.com
1 p.rfihub.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 sync.srv.stackadapt.com rtb.gumgum.com
1 ntvcld-a.akamaihd.net www.news8000.com
1 rules.quantcount.com secure.quantserve.com
1 bh.contextweb.com engine.univtec.com
1 sync.bfmio.com engine.univtec.com
1 stats.g.doubleclick.net www.google-analytics.com
1 secure.quantserve.com www.news8000.com
1 www.gstatic.com www.google.com
1 vid-io-dub.springserve.com engine.univtec.com
1 amp.akamaized.net engine.univtec.com
amp.akamaized.net
1 code.jquery.com engine.univtec.com
1 vid.springserve.com engine.univtec.com
1 cdn.jsdelivr.net engine.univtec.com
1 ob.cheqzone.com widgets.outbrain.com
1 www.facebook.com www.news8000.com
1 sqs.us-east-1.amazonaws.com d15kdpgjg3unno.cloudfront.net
1 widget-pixels.outbrain.com www.news8000.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 snippet.minute.ly apv-launcher.minute.ly
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 cds.connatix.com www.news8000.com
1 cd.connatix.com 1 redirects
1 ad.crwdcntrl.net www.news8000.com
1 d15kdpgjg3unno.cloudfront.net www.news8000.com
1 dyv1bugovvq1g.cloudfront.net www.news8000.com
1 pixel.sitescout.com www.news8000.com
1 dlxpix.net 1 redirects
1 get.s-onetag.com www.news8000.com
1 widgets.media.weather.com www.news8000.com
1 widgets.outbrain.com www.news8000.com
1 tags.crwdcntrl.net www.news8000.com
1 static.chartbeat.com www.news8000.com
1 ws.sharethis.com www.news8000.com
0 imasdk.googleapis.com Failed amp.akamaized.net
0 tg.socdm.com Failed rtb.gumgum.com
0 sync.outbrain.com Failed rtb.gumgum.com
0 ads.yieldmo.com Failed engine.univtec.com
0 eb2.3lift.com Failed engine.univtec.com
0 pbs.publishers.tremorhub.com Failed engine.univtec.com
0 sync.go.sonobi.com Failed engine.univtec.com
0 rtb.openx.net Failed engine.univtec.com
0 pixel.advertising.com Failed engine.univtec.com
0 ssum.casalemedia.com Failed engine.univtec.com
472 160

This site contains no links.

Subject Issuer Validity Valid
www.news8000.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-09 -
2022-01-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
cdn.us-midwest-1.vip.tn-cloud.net
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-09 -
2022-04-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
sharethis.com
Amazon		 2021-07-19 -
2022-08-17		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
www.weather.com
DigiCert SHA2 Secure Server CA		 2021-03-08 -
2022-03-16		 a year crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
*.minute.ly
Sectigo RSA Organization Validation Secure Server CA		 2020-05-12 -
2022-05-16		 2 years crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-02 -
2021-10-31		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
*.univtec.com
ZeroSSL RSA Domain Secure Site CA		 2021-06-19 -
2022-06-19		 a year crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
queue.amazonaws.com
Amazon		 2021-10-15 -
2022-10-07		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.cheqzone.com
Amazon		 2021-02-21 -
2022-03-22		 a year crt.sh
*.snackly.co
Sectigo RSA Organization Validation Secure Server CA		 2020-11-30 -
2021-12-31		 a year crt.sh
*.springserve.com
Amazon		 2021-09-27 -
2022-10-26		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-09 -
2022-01-07		 3 months crt.sh
obs.cheqzone.com
R3		 2021-10-06 -
2022-01-04		 3 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.bfmio.com
Amazon		 2021-05-16 -
2022-06-14		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-28 -
2021-11-27		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.srv.stackadapt.com
Amazon		 2020-12-09 -
2022-01-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
onetag-sys.com
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2020-10-06 -
2021-11-07		 a year crt.sh
*.a-mo.net
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.opstag.com
Amazon		 2020-11-29 -
2021-12-28		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
ssc.33across.com
GTS CA 1D4		 2021-09-28 -
2021-12-27		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh

This page contains 40 frames:

Primary Page: https://www.news8000.com/
Frame ID: 7322653982AB0ECE2839AB5F060CCD06
Requests: 257 HTTP requests in this frame

Frame: https://cds.connatix.com/p/134237/connatix.playspace.dc.js
Frame ID: 15CC06A48090E1D44A978B4AAC6E6FA7
Requests: 1 HTTP requests in this frame

Frame: https://dgtonline.net/mini-widget/
Frame ID: BDE3151DD40BAC45477EEF4859148C36
Requests: 18 HTTP requests in this frame

Frame: https://dgtonline.net/mini-widget-mobile/
Frame ID: FE993EFF9485C54C3F237B3226CEC02E
Requests: 18 HTTP requests in this frame

Frame: https://engine.univtec.com/embed-akamai.php?params=dXJsPTc0RDdzcFRhUkV5REU4Q1dLblhkV1EmdWE9VUEtMjMxMDkxNzMtMSZ2YXN0PWh0dHBzJTNBJTJGJTJGcHViYWRzLmcuZG91YmxlY2xpY2submV0JTJGZ2FtcGFkJTJGYWRzJTNGaXUlM0QlMkY0MzQ1OTI3MSUyRmVuZ2luZW1lZGlhbGl2ZSUyRnNzLVdLQlQlMjZkZXNjcmlwdGlvbl91cmwlM0QlMjUlMjVSRUZFUlJFUl9VUkxfRVNDJTI1JTI1JTI2dGZjZCUzRDAlMjZucGElM0QwJTI2c3olM0Q2NDB4NDgwJTI2bWluX2FkX2R1cmF0aW9uJTNEMCUyNm1heF9hZF9kdXJhdGlvbiUzRDYwMDAwJTI2Z2RmcF9yZXElM0QxJTI2b3V0cHV0JTNEdmFzdCUyNnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0JTNEMSUyNmVudiUzRHZwJTI2aW1wbCUzRHMlMjZjb3JyZWxhdG9yJTNEJTI1JTI1Q0FDSEVCVVNURVIlMjUlMjUmdGl0bGVFdmVudD1XS0JUJTJGTmV3czgwMDAuY29tJmNhdGVnb3J5PVZpZGVv%22
Frame ID: DC75160BFC34E313DFCDFCF4E55D47E9
Requests: 31 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: 98EF319260045DC7056FA5A4B22CFB8C
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: BE685A7043ECB84208572F74DB7ED5E3
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: C637FC7583B667679EB23451A921276F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 760C2340DB48ABFAD96D07FE35530146
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 25481454FF346AEB8A1D4E253476D6D1
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=a20c6174-c14a-4500-afae-8d70bd53bbb5&gdpr=1&gdpr_consent=
Frame ID: DC2BA19BDBE5FD1A363F0C3959A7F8D2
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YXTBSgAAAFt7iAAR&gdpr=1&gdpr_consent=&_test=YXTBSgAAAFt7iAAR
Frame ID: CA7D4D5605E95ECC8C26ED9230615D0E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jZTRmYzRkOS1hMmE0LTRiNTgtOTk5MC03NDM3ZTU4OTM3Y2M=&gdpr=1&gdpr_consent=&google_tc=
Frame ID: E511C3A21D1E9C7A91F9DF1254F1D941
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: FF85D4083BB63DC76E6C7721424CD743
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 1473C191A7BC44556ADA1022893B25C8
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 268B295C597C16DAAD09AE0BF8370829
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=5108559721384131550
Frame ID: 7960DB4F509ED6F9EAF5B362BF8D08DE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=PTWMJCKGPxQm6vJ0900O&pi=gumgum&tc=1
Frame ID: 4218D81192B2451289942AAC5204FB6B
Requests: 1 HTTP requests in this frame

Frame: https://6d737814fd16de3b0a3a7c673cec74ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4A20887EC5D873B8C23CA8A66DC6F799
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.opstag.com/13194/prebid.js
Frame ID: DBECCEE5E10B733BD30496087EB77B86
Requests: 31 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 890428F483F923FAF508087BE1C54271
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 20F9E5DB2D6E805701DDE92FD9C9B1C4
Requests: 2 HTTP requests in this frame

Frame: urn://uuid:cdaa73ec-073f-f28c-7d6f-f28c073fcdaa
Frame ID: 6ECDC124B740E8F161EE571B8C5599FD
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNn50QEQxY3WzwIYg6rurAEwAQ&v=APEucNVyC8y0utJRBOAhYy_QmZRXdjmGv4J00Zr8gV0EXn4IdXUXvnrv3VBDcgO7bMuNWzbybrtFq7jNZvAxxOqCVmyZ9qOyYw
Frame ID: 78390392940693F13B305F2AD93D3BD2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1E28C14BE58A6E6D1E6B440718D7B6AC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 800E264F9238DAAA8F6E2351C72157F1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 77EE1C37649595BD7E35F02F29087987
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=akGFn6kr0r64m5aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 58AA581EC34B630E5B1AFDF21F961119
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Frame ID: B6C08ECA690FBEDB38CB3AA7FE9A4720
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F1966C6B5CD5EC4854081EEF1039EBC3
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 80AD693A07FC83DED2250AF4561E9EFC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D9D0E0F9173FF1C3906788B193BD205E
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635041612454
Frame ID: EC1953AC50D8E038A7D18464C6AA6D21
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Frame ID: EF2A147DD8B550B242BD4B221256EA39
Requests: 15 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6
Frame ID: A6C94B6FC6BC289E6E0951A21AF9AD33
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7837863691364352680
Frame ID: E5A1DA10BC6652C2DB1E9B83D38154E9
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D02D04465E5972E8D46B3A0C117892CB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7022450264033785995
Frame ID: A275FE0A97578D11951C8E4B224456CE
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 6EDC565E5CC8C67576730A89B05E86CC
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 7AAE9F3E11D3A720648B1FE3C2646DFA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.news8000.com/ HTTP 301
    https://www.news8000.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • ^https?://cdn\.polyfill\.io/
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
  • /npm/sweetalert2@([\d.]+)
  • sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

472
Requests

95 %
HTTPS

33 %
IPv6

103
Domains

160
Subdomains

115
IPs

10
Countries

7895 kB
Transfer

15926 kB
Size

74
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.news8000.com/ HTTP 301
    https://www.news8000.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://dlxpix.net/3vg3HWz HTTP 301
  • https://pixel.sitescout.com/up/a5b396670a4ae921
Request Chain 127
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/134237/connatix.playspace.dc.js
Request Chain 199
  • https://sync.search.spotxchange.com/partner?adv_id=8593&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000014%26uuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8593&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000014%26uuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=fb70fb76-346f-11ec-88a7-10b91cd50106 HTTP 302
  • https://vid-io-dub.springserve.com/usersync?aid=1000014&uuid=fb70fb2b-346f-11ec-88a7-10b91cd50106
Request Chain 213
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=8944076163001898924
Request Chain 220
  • https://sync.1rx.io/usersync2/rmphb?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
Request Chain 222
  • https://sync.search.spotxchange.com/partner?gdpr=1&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=fb70fb2b-346f-11ec-88a7-10b91cd50106
Request Chain 245
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=8944076163001898924
Request Chain 248
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_ce4fc4d9-a2a4-4b58-9990-7437e58937cc&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Request Chain 249
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4075171078 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4075171078 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0183d758-ecd7-43a5-871a-56ca543c5b89 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f49fde50-06d2-4f7e-a417-5f70b050a687-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-f49fde50-06d2-4f7e-a417-5f70b050a687-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-f49fde50-06d2-4f7e-a417-5f70b050a687-003
Request Chain 250
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=6PcsG6I8HXrc&ev=1&pid=558355
Request Chain 251
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28bcTWRMJz77I4sCzKh-1bdnSkhjMw_tb8AD_WRpDsFx6AG3M98Mnlou1DawdFEZ1i%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28bcTWRMJz77I4sCzKh-1bdnSkhjMw_tb8AD_WRpDsFx6AG3M98Mnlou1DawdFEZ1i%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_ce4fc4d9-a2a4-4b58-9990-7437e58937cc&obuid=ENC(bcTWRMJz77I4sCzKh-1bdnSkhjMw_tb8AD_WRpDsFx6AG3M98Mnlou1DawdFEZ1i)
Request Chain 252
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=0cb13d46-eafb-4500-89cc-7b4f76ab484e
Request Chain 254
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=fbc15baf-346f-11ec-8b08-495c96b09bc0
Request Chain 257
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=1a8d102a-450f-455d-94c3-ed911bfd902f
Request Chain 258
  • https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
  • https://rtb.gumgum.com/usersync?b=sad&i=43394786434762142&gdpr=1&gdpr_consent=
Request Chain 262
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 263
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=a20c6174-c14a-4500-afae-8d70bd53bbb5&gdpr=1&gdpr_consent=
Request Chain 264
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YXTBSgAAAFt7iAAR HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YXTBSgAAAFt7iAAR&gdpr=1&gdpr_consent=&_test=YXTBSgAAAFt7iAAR
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jZTRmYzRkOS1hMmE0LTRiNTgtOTk5MC03NDM3ZTU4OTM3Y2M=&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jZTRmYzRkOS1hMmE0LTRiNTgtOTk5MC03NDM3ZTU4OTM3Y2M=&gdpr=1&gdpr_consent=&google_tc=
Request Chain 269
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=5108559721384131550
Request Chain 270
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=PTWMJCKGPxQm6vJ0900O&pi=gumgum&tc=1
Request Chain 353
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/morganmurphymedia/news8000-13194-728x90-ads-desktop-pixel&sz=1x1&t=&c=5330796685 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/morganmurphymedia/news8000-13194-728x90-ads-desktop-pixel&sz=1x1&t=&c=5330796685&pre=1
Request Chain 355
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.news8000.com%2F&domain=www.news8000.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=bd7auHxKSzJtVGhRYk5KUWNhc1NmNlI3MnVRcEM0VDkvd2Z2N2JieFUzZk9XeXgxam10ZGpHZ2trdFpIdUN3WDZrUVNtMnc4ajJRQklpYjNLRVpTcC9ma2w4WUpxdnR1b2lsN2t4RkxWckF0VmlVZHVnNVFoK0l2U0ZUeHJRUmxHTlAvNjdwN3I1S3Q5aUh1Mk1iWkVnbVhQS2diN1Bsekp4SWNQT3NsK0JvMnRxT0tISWdDT1dMM2Fzd2ptTUN5Tm44RFN2Q0d0WHVPYmxUd3lyVXJhZXd1QmtXUER6NlJCdWVaQ1dKYkc1TFRWUVduaFp6aHBPV0JXZk0xMkRjaWJka1pnfA&cppv=2
Request Chain 412
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.news8000.com%2F&domain=www.news8000.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=dhZp9nwwNVNBS1JFRmhoTGh6M2xIeW9IMExUTUEwQW44RTFhMFJtbC9ZdG52QXN4amtHRTF0SEdqR1ljR3JPWnIzSFlGUGI3OERSVFFhTWFjMTZOdFRNL2VheTlzSG9RUElidHo1KzFUU3NuL1c3NDlnaG1WcFplaFR3cGRtbDZUT0RwMHRyRktTQ3BENERteGRzMnR2NWJ3K1FyYUd3ZUIvS3RrOU1RV1F6aHJ4V1dkU0YxQ2YzYUg3dDdsTHdWeXFwQ0dSMGpwc0xlR25XUlpKWW5VenlGL1F5ZzlpckFyYzBpdjdGckFwS2N0eDJjPXw&cppv=2
Request Chain 425
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=gWPWxFpN1MEt0X5
Request Chain 426
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=46c992bb-9d21-480c-9f2e-b8c0ebaae9e5 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=46c992bb-9d21-480c-9f2e-b8c0ebaae9e5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ce4d7ff4-5326-4ef7-998a-7d57489e2370&user_group=1&ssp=openx&bsw_param=46c992bb-9d21-480c-9f2e-b8c0ebaae9e5 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=46c992bb-9d21-480c-9f2e-b8c0ebaae9e5
Request Chain 427
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8944076163001898924
Request Chain 428
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBVktrN0M2WU1BQUI2MFBKMmYwUQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAVKk7C6YMAAB60PJ2f0Q&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAVKk7C6YMAAB60PJ2f0Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 429
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a20c6174-c14a-4500-afae-8d70bd53bbb5
Request Chain 430
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Tpb-uBuW_e1Vxau8S5Lk6UmV-L1Vxqu6SZ4-USzj
Request Chain 431
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5428336153863699082
Request Chain 434
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDLSYOwmHOMImqMrE1fWAKg&google_cver=1
Request Chain 436
  • https://c1.adform.net/serving/cookie/match?party=14&cid=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6
Request Chain 437
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7837863691364352680
Request Chain 439
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7022450264033785995
Request Chain 440
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TB4KS7p1Q16qpqjzqxKb5g%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 441
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a20c6174-c14a-4500-afae-8d70bd53bbb5
Request Chain 442
  • https://pixel.onaudience.com/?partner=214&mapped=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=485bd5705c960048 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1c442f0b-76ea-41c7-51ab-3326b1072b08&reqId=e4f4bcd2-c52e-4ead-6709-a64b503739c2&zcluid=485bd5705c960048&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELhQFLwM7aD9P15La6N3lK8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1c442f0b-76ea-41c7-51ab-3326b1072b08&reqId=e4f4bcd2-c52e-4ead-6709-a64b503739c2&zcluid=485bd5705c960048&zdid=1332
Request Chain 443
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEMxRTBBNEItQkE3NS00MzVFLUFBQTYtQThGM0FCMTI5QkU2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 444
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAHO6beFf-_S0NJrbN9SgYI&google_cver=1
Request Chain 446
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a20c6174-c14a-4500-afae-8d70bd53bbb5&gdpr=0&gdpr_consent=
Request Chain 447
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1959269981770323908
Request Chain 448
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0183d758-ecd7-43a5-871a-56ca543c5b89
Request Chain 449
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8944076163001898924&gdpr=0&gdpr_consent=
Request Chain 450
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zqYzHJumMEnV9WYYy6IpTcmlNRnV9mYeya75TG-4
Request Chain 451
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YikQyspE2uUMc3i3gR4za5thmYp79UM-~A&gdpr=0&gdpr_consent=
Request Chain 452
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 454
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVjODkxYzU2OGVmOTE1MDVmZmQzOWYzMDZhNTBhNDkyZmU5ZmVlMQ
Request Chain 455
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ATmsL4Dd7Md60GMJRG83cw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4814267418406014771
Request Chain 456
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TEs1TE8tMy1DMUc0
Request Chain 457
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a20c6174-c14a-4500-afae-8d70bd53bbb5&expires=28
Request Chain 459
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YXTBSgAAAFt7iAAR
Request Chain 460
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGwuY2z1EOU0PEi0UIF-eOs&google_cver=1
Request Chain 463
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXTBTy5df63NKLeLY0HE8gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdr47lff6GWiqlzPJpeYWo&google_cver=1&gdpr=1
Request Chain 464
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXTBTy5df63NKLeLY0HE8gAABGsAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXTBTy5df63NKLeLY0HE8gAABGsAAAAB&dcc=t
Request Chain 465
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXTBTy5df63NKLeLY0HE8gAABGsAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAx0PNde_-GLlOkMEkWdgNA&google_cver=1
Request Chain 466
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4061321676367055149
Request Chain 467
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 470
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1

472 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.news8000.com/
Redirect Chain
  • http://www.news8000.com/
  • https://www.news8000.com/
282 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.130 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
wpapp.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
0f7e7c1e557d4db0925b3381a9eb74b4578f79457cb2b52e0414dc08ef7c1df4

Request headers

:method
GET
:authority
www.news8000.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 24 Oct 2021 02:09:17 GMT
content-type
text/html; charset=UTF-8
x-loop
1
cache-control
public, max-age=300
link
<https://www.news8000.com/wp-json/>; rel="https://api.w.org/" <https://www.news8000.com/>; rel=shortlink
content-encoding
gzip
vary
Accept-Encoding
age
251
x-vcache
HIT
accept-ranges
bytes
content-length
47123

Redirect headers

date
Sun, 24 Oct 2021 02:13:28 GMT
location
https://www.news8000.com/
cache-control
public, max-age=600
content-length
0
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
15905191
cdn-cachedat
2021-04-23 02:06:15
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
f07a6a1e3a2be9775bad960520140228
cf-ray
6a2fafa83e230f72-MXP
cdn-requestcountrycode
IT
cdn-requestpullsuccess
True
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Oct 2021 02:13:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OPcq+YIYFFKAyM1Ar0weOg==
age
439687
vary
Accept-Encoding
content-length
6350
x-ms-lease-status
unlocked
last-modified
Thu, 14 Oct 2021 05:25:41 GMT
server
cloudflare
etag
0x8D98ED3103C1468
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f5303d73-101e-000d-116c-c437ea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a2fafa81b37d6d9-FRA
expires
Mon, 01 Nov 2021 02:13:28 GMT
bootstrap-gtx.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/css/bootstrap/ 		112 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/css/bootstrap/bootstrap-gtx.css
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d6af2406ecbb1b8c3f01f5c27275e2904f702122dc6c694b589bf35d141b15
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e2b54d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-1c195"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:15:46 GMT
style.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/css/ 		41 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/css/style.css?ver=1634869223
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61209518abc8cefccbcb0c3d116807e8e8de7dd7dffb28f1052fc9b01ce40ce3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e2c54d0-MAN
last-modified
Fri, 22 Oct 2021 02:20:23 GMT
x-vcache
MISS
server
cloudflare
etag
W/"61721fe7-a3e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:17:37 GMT
style.min.css
www.news8000.com/wp-includes/css/dist/block-library/ 		52 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.news8000.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.130 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
wpapp.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.news8000.com
referer
https://www.news8000.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:11:20 GMT
content-encoding
gzip
last-modified
Fri, 24 Apr 2020 15:32:14 GMT
age
128
etag
W/"5ea3067e-d159"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
9195
posts-slider.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/gtxcel-plugin/vc_posts_slider/ 		152 B
217 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/gtxcel-plugin/vc_posts_slider/posts-slider.css
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0af8a96bdafac836eb0b60e58e3344589ad0ecce793c781ae0ae9206d7de94c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e2d54d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-98"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:15:46 GMT
flexslider.min.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/lib/bower/flexslider/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/lib/bower/flexslider/flexslider.min.css?ver=6.2.0
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f802791ac8bc03092e1bfed70c327230798e4688f0631b0a01740c8dfaf71e2a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e2e54d0-MAN
last-modified
Mon, 20 Apr 2020 12:46:05 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5e9d998d-d29"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:15:46 GMT
prettyPhoto.min.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/lib/prettyphoto/css/ 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/lib/prettyphoto/css/prettyPhoto.min.css?ver=6.2.0
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b99c4a34042b7bca706d57bb324b3e22985e479f18099283829a50a6121e9491
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e2f54d0-MAN
last-modified
Mon, 20 Apr 2020 12:46:05 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5e9d998d-524a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:17:37 GMT
css
fonts.googleapis.com/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700|Roboto+Condensed:400,700|Open+Sans:400,700&subset=latin
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fc0ed772252f1b7c745827b54ea5f6f2f080af8fdd673909f7758328b08e2753
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 02:13:29 GMT
server
ESF
date
Sun, 24 Oct 2021 02:13:29 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sun, 24 Oct 2021 02:13:29 GMT
blox-syndication.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/blox-syndication/assets/css/ 		690 B
499 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/blox-syndication/assets/css/blox-syndication.css
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194a24f0310167ad53e1e7ae75df64d0755ca36fe5d9c38726f60e6c0e0be2d8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e3154d0-MAN
last-modified
Tue, 10 Dec 2019 16:04:13 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5defc1fd-2b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:17:31 GMT
fmgc-pro-public.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/footer-mega-grid-columns-pro/assets/css/ 		1 KB
548 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/footer-mega-grid-columns-pro/assets/css/fmgc-pro-public.css?ver=1.2
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dfeeb1325e270b9a3b973089676783c06596554abc9e0939a66cc416c1b19b4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e3554d0-MAN
last-modified
Tue, 10 Dec 2019 21:49:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5df012d4-5be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:17:31 GMT
wpfc-public.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gs-facebook-comments/public/css/ 		98 B
163 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gs-facebook-comments/public/css/wpfc-public.css?ver=1.6
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e3754d0-MAN
last-modified
Sat, 17 Aug 2019 10:49:28 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d57dbb8-62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:17:56 GMT
custom-templates.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gt-custom-templates/ 		37 B
116 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gt-custom-templates/custom-templates.css
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a889b5b51282b57fa01601833ce1cdacfad915bc014ff1719cd495fcbce75aa
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e3854d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:50 GMT
ad-manager.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-ad-manager/ 		398 B
291 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-ad-manager/ad-manager.css?ver=2019.11.19
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6fa07f2bd5937a2358b0f8f0d8bf39accbd8d520fbbcb486dd0346f7d372e87
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e3454d0-MAN
last-modified
Fri, 20 Dec 2019 19:54:56 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5dfd2710-18e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:17:31 GMT
bylines.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-author-bios/css/ 		64 B
139 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-author-bios/css/bylines.css
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db03f62ed2a1019b994d6183b704759d62e5396be34ec96bc703afb80b86ea4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e3a54d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:17:31 GMT
all.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-fimages/css/ 		531 B
337 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-fimages/css/all.css
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6672d33b6e9fd814d134854ba139fa0a5f88c8d88bdb7a3e15c0884f0147f8c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e4954d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-213"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:44 GMT
gtx-lightbox.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/css/ 		212 B
234 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/css/gtx-lightbox.css?ver=2018.3.20
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0317d183fdb3ea1c52d86476dfa25bc46f785c442dd372c655fdbfbae52c8246
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e3d54d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:44 GMT
gtx-oembed.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-oembed-extension/ 		490 B
317 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-oembed-extension/gtx-oembed.css?ver=42b0bdb2a502b2c0112dcd8afbb86c5c
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6a96615312cc82965aa7fcd41ed4094e0fee514a2be9e3efec908178be6d833
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e3b54d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-1ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:17:06 GMT
rayos-trending-topics.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/rayos-trending-topics/ 		793 B
625 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/rayos-trending-topics/rayos-trending-topics.css?ver=15637bbbc1027011afff7d9760a89fff
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5118b9ee8055eef8c16bdecb643b8b1565c4f05cbc7013943ecde9ef561d7f6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e3254d0-MAN
last-modified
Tue, 25 May 2021 13:41:20 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60acfe80-319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:15:46 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617, 617
age
15905180
cdn-cachedat
2021-04-23 01:23:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e76b2f1e0c4a53e86906cdcf905e6fc4
cf-ray
6a2fafa83e240f72-MXP
cdn-requestcountrycode
IT
cdn-requestpullsuccess
True
author-bios.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-author-bios/css/ 		278 B
204 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-author-bios/css/author-bios.css
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9910dd3a7c6d979d1d4b496161542773b952b0f5b738e24bd329f2b21657389e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e3654d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:15:46 GMT
style.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/ 		776 B
540 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/style.css
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b70d7038b66c759d8e5cbdaa205cf6979594aeff80de1181f5d0fca6d491b119
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e4054d0-MAN
last-modified
Thu, 22 Jul 2021 14:00:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60f979e8-308"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:44 GMT
style.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/wkbt/ 		197 B
266 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/wkbt/style.css
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35aa4fbe16db5a71427a08ad78f27d18295895bd78009653839a497ba91753f7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e4154d0-MAN
last-modified
Tue, 10 Dec 2019 17:39:38 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5defd85a-c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:17:41 GMT
/
www.news8000.com/style/6f9d2826bd1d08cc5ed71d11fd93cf38/election-teaser-widgets/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.news8000.com/style/6f9d2826bd1d08cc5ed71d11fd93cf38/election-teaser-widgets/
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.130 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
wpapp.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
3504f24cd0137e3918b062e68fc848ad8df7ad94d16a3a54ea9ba9fb525031b8

Request headers

:path
/style/6f9d2826bd1d08cc5ed71d11fd93cf38/election-teaser-widgets/
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.news8000.com
referer
https://www.news8000.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 17:46:05 GMT
content-encoding
gzip
x-vcache
HIT
age
30443
etag
W/6f9d2826bd1d08cc5ed71d11fd93cf38
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=2592000
accept-ranges
bytes
link
<https://www.news8000.com/wp-json/>; rel="https://api.w.org/"
content-length
1886
x-loop
1
expires
Mon, 22 Nov 2021 17:46:05 GMT
/
www.news8000.com/style/c14d3ff0cc1148989ea4aebf9b313201/alert-banner-css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.news8000.com/style/c14d3ff0cc1148989ea4aebf9b313201/alert-banner-css/
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.130 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
wpapp.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
8a92f941d2c2a0e89955207d6bd80ceee23714643f5f1484154a2547517d5c1d

Request headers

:path
/style/c14d3ff0cc1148989ea4aebf9b313201/alert-banner-css/
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.news8000.com
referer
https://www.news8000.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:50:20 GMT
content-encoding
gzip
x-vcache
HIT
age
33788
etag
W/c14d3ff0cc1148989ea4aebf9b313201
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=2592000
accept-ranges
bytes
link
<https://www.news8000.com/wp-json/>; rel="https://api.w.org/"
content-length
1651
x-loop
1
expires
Mon, 22 Nov 2021 16:50:20 GMT
/
www.news8000.com/style/7a74076445f012ad85b9c66c032d2b1a/custom_css_post/ 		42 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.news8000.com/style/7a74076445f012ad85b9c66c032d2b1a/custom_css_post/
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.130 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
wpapp.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
ecf83cf0d8f693beb5b55a233f85293f21fc9ba35465bf21598da6c918051fe5

Request headers

:path
/style/7a74076445f012ad85b9c66c032d2b1a/custom_css_post/
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.news8000.com
referer
https://www.news8000.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 00:31:03 GMT
content-encoding
gzip
x-vcache
HIT
age
6144
etag
W/7a74076445f012ad85b9c66c032d2b1a
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=2592000
accept-ranges
bytes
link
<https://www.news8000.com/wp-json/>; rel="https://api.w.org/"
content-length
11009
x-loop
1
expires
Tue, 23 Nov 2021 00:31:03 GMT
acf_repeater_shortcode.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/includes/acf_repeater_shortcode/ 		363 B
253 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/includes/acf_repeater_shortcode/acf_repeater_shortcode.css
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b341bd21487195da5ac2e172c28f837780a21a9397d43e2a1bc6236c6270a4e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e4654d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5d9cb345-16b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:44 GMT
js_composer.min.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/css/ 		474 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/css/js_composer.min.css?ver=6.2.0
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1dbbc4be8d88ae17466b1d7a8fd7bf4f9d9b5ab492719cdea721d82cecb738d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
cf-ray
6a2fafa87e4254d0-MAN
last-modified
Mon, 20 Apr 2020 12:46:05 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5e9d998d-76828"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:18:29 GMT
scheduled-elements.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-scheduled-elements/ 		102 B
141 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-scheduled-elements/scheduled-elements.css?ver=2018.08.10
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
189e83fee12e251b88b39293c7404b1d97151a06e03d592ff769f64dcf58ecd1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e4454d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:44 GMT
rayos_alerts.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/rayos-alerts/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/rayos-alerts/css/rayos_alerts.css?ver=fffd0e151a1bff6ded5efb47b4f516a2
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c62d5fc0754bfd17baff17811525072f2c625dbdc43e7f0e3e924afed4ba2949
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e4354d0-MAN
last-modified
Tue, 15 Sep 2020 18:21:24 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5f610624-1506"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:17:06 GMT
style.min.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/assets/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/assets/css/style.min.css?ver=1.2.2
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
100bfeb6d7dcf82121307e32a1885cda01d7758d0e0b1974dba5e9b4ddbb6f06
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e4854d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-1364"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:44 GMT
photoswipe.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/includes/Lightbox/Photoswipe/assets/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/includes/Lightbox/Photoswipe/assets/photoswipe.css?ver=1.2.2
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e238f7a3c4b938a20f19c208f38ea3d8e8a3d3fca5e1b824963cf04151667d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e3f54d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-10dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:50 GMT
default-skin.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/includes/Lightbox/Photoswipe/assets/default-skin/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/includes/Lightbox/Photoswipe/assets/default-skin/default-skin.css?ver=1.2.2
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe37b6902f282b8a2b238de024f319a95da2d87f38309ea014bbdc310ac2e097
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e4554d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-335c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:44 GMT
jquery.js
www.news8000.com/wp-includes/js/jquery/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.news8000.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.130 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
wpapp.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.news8000.com
referer
https://www.news8000.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:08:59 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 04:25:54 GMT
age
269
etag
W/"5cde37d2-17a69"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
37990
jquery-migrate.min.js
www.news8000.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.news8000.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.130 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
wpapp.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.news8000.com
referer
https://www.news8000.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:08:59 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 06:11:28 GMT
age
269
etag
W/"573eaa90-2748"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
4235
rayos-tracking.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/rayos-tracking// 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/rayos-tracking//rayos-tracking.js?ver=787430dd007e3eaa5a3c8077862c07e9
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f8d1b64af4570eb22e5e5d4973055c60739d743a75c7b8f9fbe114813397ca1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e4a54d0-MAN
last-modified
Thu, 25 Feb 2021 20:33:14 GMT
x-vcache
HIT
server
cloudflare
etag
W/"6038098a-21eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:28 GMT
modernizr.custom.min.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/js/libs/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/js/libs/modernizr.custom.min.js?ver=2.5.3
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5498eab9ddd9c6790d3e401556c0daaa159bcf36708cb89fee8184bf38e4b7aa
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e4d54d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-3b16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:17:31 GMT
isotope.pkgd.min.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/lib/bower/isotope/dist/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.2.0
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
322bf3797b194ae22aafa05a366471210116b26feeef7ea074752efff0b7f061
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e5054d0-MAN
last-modified
Mon, 20 Apr 2020 12:46:06 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5e9d998e-8b8a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:15:48 GMT
gtxcel.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/js/ 		2 KB
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/js/gtxcel.js?ver=0.1
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
618df22bb0f56120f08ed1351ff2efbf892c20ffd66bdef5f4ba6a21ec24055e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e4b54d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-6e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:28 GMT
mobile-nav.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/js/mobile-nav.js?ver=0.1
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a88b5cb0367a570872d01efc22e9d4b51f7fc9525557bcd7e4bb8271a082fe
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e5154d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-beb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:17:56 GMT
imagesloaded.min.js
www.news8000.com/wp-includes/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.news8000.com/wp-includes/js/imagesloaded.min.js?ver=3.2.0
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.130 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
wpapp.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
afbd6d3dbf677900ec3d80e8057a7b9f93f72e5971494ed7ce7a4be1cb7c9ae8

Request headers

:path
/wp-includes/js/imagesloaded.min.js?ver=3.2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.news8000.com
referer
https://www.news8000.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:08:59 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 2019 00:17:07 GMT
age
269
etag
W/"5db39083-1fd4"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
2819
masonry.min.js
www.news8000.com/wp-includes/js/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.news8000.com/wp-includes/js/masonry.min.js?ver=3.3.2
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.130 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
wpapp.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
047ff7cfd5956ecf06bd9fc9fd123772f2c5825cce3d124418ba418d540a5b98

Request headers

:path
/wp-includes/js/masonry.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.news8000.com
referer
https://www.news8000.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:08:59 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 2019 00:17:07 GMT
age
269
etag
W/"5db39083-713c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
9652
grid.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/js/ 		2 KB
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/js/grid.js?ver=0.1
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ba52d83e23a4721cdea517d8bfe028d87739a620b2095ffd1feaf9d56c309a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e4e54d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-77c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:28 GMT
wpfc-public.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gs-facebook-comments/public/js/ 		838 B
582 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gs-facebook-comments/public/js/wpfc-public.js?ver=1.6
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e5354d0-MAN
last-modified
Sat, 17 Aug 2019 10:49:28 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d57dbb8-346"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:17:56 GMT
gtx-elections.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-elections/js/ 		1 KB
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-elections/js/gtx-elections.js?ver=2020.05.18
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00bdab76d1f7cd9f9f7a418c27ba6de8384c7b0fa8dfbbef923a8eaffe507071
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e4c54d0-MAN
last-modified
Tue, 09 Jun 2020 19:45:50 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5edfe6ee-465"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:28 GMT
gtx-lightbox.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/js/gtx-lightbox.js?ver=2018.3.20
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5caf34a4fcaf7f30ee8ace6738a8ca4b37990511e39772e7fe2ebb19c649cb49
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e4f54d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-24b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:15:48 GMT
st_insights.js
ws.sharethis.com/button/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ce00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
5c8bd0c2f891239145b9a187e6490a89c8af9f6b5224cea83884f6c5662d1b48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 21:20:54 GMT
content-encoding
gzip
server
nginx/1.20.1
age
190354
etag
W/"612ef1c2-63db"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA56-P3
x-robots-tag
noindex, nofollow
content-length
7318
x-amz-cf-id
95t6WsZAdL9yFILvV7rqPKS6BFDMyAMMWcUxL-mFY8fzRZrNqanDig==
expires
Sun, 24 Oct 2021 21:20:54 GMT
acf_repeater_shortcode.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/includes/acf_repeater_shortcode/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/includes/acf_repeater_shortcode/acf_repeater_shortcode.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01c3cd75ff91106691294753337537fea1c5ecd6ef1487e9af7a6defc329206
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e5454d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-c25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:28 GMT
rayos_alerts.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/rayos-alerts/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/rayos-alerts/js/rayos_alerts.js?ver=5252dad307bb7abf65545a0c3ae4b286
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ed1d3b2ece2129c825899e0e7c4f74305539db3dfd183ab56b8f38bb618886
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafa87e5254d0-MAN
last-modified
Mon, 17 Aug 2020 19:48:33 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5f3adf11-1878"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:44 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c200:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:59:39 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 15:47:37 GMT
server
nginx
age
830
etag
W/"60e71e19-5a0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 11e35514d631a9a9566fd489de935c07.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
k1rmKd-lZejyPBZDQXLcnmKBwbJUOu4cCmsaw6Uq3VO_-DlDPvbz-w==
expires
Sun, 24 Oct 2021 03:59:39 GMT
cc.js
tags.crwdcntrl.net/c/15032/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15032/cc.js?ns=_cc15032
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10aa42531ac9ce46c8a113133eb2a9ece9e537215cdf258fe65c4d2eb4662343

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 23 Oct 2021 03:14:57 GMT
content-encoding
gzip
last-modified
Tue, 10 Nov 2020 15:45:14 GMT
server
AmazonS3
age
82713
etag
W/"1cd0606cfd821139018d58863d9498dc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
bxB7lwg3hazAP4jGscHk4wdhvbG3fBjxrMHUeyrelamliCnIPzTYfg==
load.js
s.ntv.io/serve/ 		387 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f4b3853b7e792cec8a88f9da8a31d2b29ee09d6a77aabc45979c9ab2937f0962

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:29 GMT
Content-Encoding
gzip
x-amz-request-id
895P7GZMS448PBGC
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
E1f3G4zwvNTivmbsjwi9gTDTblbRbtJyRdbl9CMpQza/SzA88yTu1Zx0HeDBqc0Pyxav9taZuIY=
Last-Modified
Fri, 08 Oct 2021 20:59:32 GMT
Server
AmazonS3
ETag
"5cac4cabadee93ec669a5ded971f5756"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
outbrain.js
widgets.outbrain.com/ 		189 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d30a4052a504ef2a2ef54f763c90d6dc6a303ed966a09941b62d707eed090c08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 13:48:26 GMT
etag
W/"2f334-FQ2PDaYFOAmt9fK7FXzWMZLXhUg"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
d9bb6b4ff177d2d8ffbdc18587f9550c
timing-allow-origin
*, *
content-length
64168
expires
Sun, 24 Oct 2021 06:13:29 GMT
wxwidget.loader.js
widgets.media.weather.com/ 		528 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.media.weather.com/wxwidget.loader.js?cid=646962668
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:48d::3282 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.20.0 / Express
Resource Hash
b42c2a0907347e161dee8a76dd6340359c3c620acde68b8e45cf8d2b1d302b70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
etag
W/"840b6-Zl5du4CZLAEED6yx6Tvy1VU+0gs"
server
nginx/1.20.0
x-powered-by
Express
x-cache-status
MISS
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=71483
date
Sun, 24 Oct 2021 02:13:29 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
129254
expires
Sun, 24 Oct 2021 22:04:52 GMT
tag.min.js
get.s-onetag.com/8d82e390-3000-4a25-a0bc-905bfb2d8f14/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/8d82e390-3000-4a25-a0bc-905bfb2d8f14/tag.min.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.22 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-22.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95ce087c9b606c0e90075ac6c21aac9d1ff7936dbde9375a2416f31ca7c0e4fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 03:13:01 GMT
content-encoding
gzip
last-modified
Fri, 08 Oct 2021 09:28:37 GMT
server
AmazonS3
age
82829
etag
W/"72a4d3cdf48d31f7ee47471f83be698c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
IiLRFDtix2kB460PUqlu7Iat8x_w14p6
via
1.1 5626bf35345f32d3e58fb8d33ec4d967.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P3
content-type
text/javascript
x-amz-cf-id
feSRdsdQH-F_i26XBZonIFrcXzmnHYQ--zAN9XahANSRlXTOwcKGKg==
MIN-10730.js
apv-launcher.minute.ly/api/launcher/ 		234 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apv-launcher.minute.ly/api/launcher/MIN-10730.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
3708acc719d54dc2c2ebca2a7a0b82f0f1dd15c63dc1b91588a728e6b153c995

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:29 GMT
Content-Encoding
gzip
X-HW
1635041609.dop213.fr8.t,1635041609.cds154.fr8.shn,1635041609.dop213.fr8.t,1635041609.cds148.fr8.c
Content-Type
text/javascript; charset=utf-8; charset=utf-8
Cache-Control
max-age=30
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
92771
MIN-10731.js
apv-launcher.minute.ly/api/launcher/ 		0
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apv-launcher.minute.ly/api/launcher/MIN-10731.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:29 GMT
Content-Encoding
gzip
X-HW
1635041609.dop213.fr8.t,1635041609.cds154.fr8.shn,1635041609.dop213.fr8.t,1635041609.cds148.fr8.c
Content-Type
text/javascript; charset=utf-8; charset=utf-8
Cache-Control
max-age=30
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
20
a5b396670a4ae921
pixel.sitescout.com/up/
Redirect Chain
  • https://dlxpix.net/3vg3HWz
  • https://pixel.sitescout.com/up/a5b396670a4ae921
43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/up/a5b396670a4ae921
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:30 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control
max-age=0,no-cache,no-store
content-type
image/gif
content-length
43
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

content-security-policy
referrer always;
referrer-policy
unsafe-url
server
nginx
date
Sun, 24 Oct 2021 02:13:29 GMT
strict-transport-security
max-age=1209600
content-type
text/html; charset=utf-8
location
https://pixel.sitescout.com/up/a5b396670a4ae921
cache-control
private, max-age=90
content-length
134
tracker.js
www.news8000.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.news8000.com/shared-content/art/stats/common/tracker.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.130 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
wpapp.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

:path
/shared-content/art/stats/common/tracker.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.news8000.com
referer
https://www.news8000.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:12:31 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 19:09:11 GMT
age
58
etag
W/"60b928d7-2200"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
3224
2020-weekend-1024x576.png
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/p/a/ 		521 KB
522 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/p/a/2020-weekend-1024x576.png
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d8bc910787f53dcb6d618ba42ef9cd2bc3b42ca6733ed995e17beecf477fbac
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=870767
last-modified
Fri, 22 Oct 2021 20:26:16 GMT
content-disposition
inline; filename="2020-weekend-1024x576.webp"
content-length
533596
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"61731e68-d496f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 23 Oct 2022 10:03:01 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef4254d0-MAN
cf-bgj
imgq:85,h2pri
sparta-police-dept-jpg_4873013_ver1-0.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2019/12/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2019/12/sparta-police-dept-jpg_4873013_ver1-0.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8251f50f242f2786e1ac081a125f329811b44d37442fa1f3b5fb71974fd6f716
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
age
21777
cf-polished
qual=85, origFmt=jpeg, origSize=81040
last-modified
Thu, 26 Dec 2019 18:58:17 GMT
content-disposition
inline; filename="sparta-police-dept-jpg_4873013_ver1-0.webp"
content-length
45718
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5e0502c9-13c90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 23 Oct 2022 19:44:39 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef4354d0-MAN
cf-bgj
imgq:85,h2pri
de1966a6eaf6add8867cc5295cef40dff6ababc0-640x360.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/a/t/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/a/t/de1966a6eaf6add8867cc5295cef40dff6ababc0-640x360.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e2ba8bafa05f6e59b34b8a904bd0caa012a84e4c3afbc64080e846e0c0d0053
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=37080
last-modified
Sat, 23 Oct 2021 16:49:37 GMT
content-disposition
inline; filename="de1966a6eaf6add8867cc5295cef40dff6ababc0-640x360.webp"
content-length
18028
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"61743d21-90d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 23 Oct 2022 17:00:27 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef4454d0-MAN
cf-bgj
imgq:85,h2pri
02ad8b1b00cdfe122a26050bb5dc67e35250783a-640x360.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/h/p/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/h/p/02ad8b1b00cdfe122a26050bb5dc67e35250783a-640x360.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d70e55623e1898d04bb52babb16f05437b2eb5e20889b0b07cea6e6053ca377
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=90301
last-modified
Sat, 23 Oct 2021 03:07:09 GMT
content-disposition
inline; filename="02ad8b1b00cdfe122a26050bb5dc67e35250783a-640x360.webp"
content-length
66282
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"61737c5d-160bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 23 Oct 2022 03:08:56 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef4554d0-MAN
cf-bgj
imgq:85,h2pri
pic-suicide-hotline-number-change-640x360.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/w/i/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/w/i/pic-suicide-hotline-number-change-640x360.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f21a17a963e88c0a1f960ee24a1a3dd1802cf1e2c6232077276f99c9f3bcdb4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
age
93720
cf-polished
qual=85, origFmt=jpeg, origSize=34912
last-modified
Fri, 22 Oct 2021 23:17:08 GMT
content-disposition
inline; filename="pic-suicide-hotline-number-change-640x360.webp"
content-length
15172
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"61734674-8860"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Oct 2022 23:23:11 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef4654d0-MAN
cf-bgj
imgq:85,h2pri
fall-harvest-640x360.png
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/x/i/ 		271 KB
272 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/x/i/fall-harvest-640x360.png
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b8ba6975979319331b20da4cb9f293c0309b65f8331236922f2323418578da0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=421533
last-modified
Fri, 22 Oct 2021 23:22:25 GMT
content-disposition
inline; filename="fall-harvest-640x360.webp"
content-length
277704
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"617347b1-66e9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 23 Oct 2022 00:24:20 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef4754d0-MAN
cf-bgj
imgq:85,h2pri
mueller-square-640x360.png
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/s/k/ 		189 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/s/k/mueller-square-640x360.png
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9796a117818a21b8f6d298cc042f7c2c737dd5d4d9fae8c8878a603d28201ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=288132
last-modified
Sun, 24 Oct 2021 00:59:27 GMT
content-disposition
inline; filename="mueller-square-640x360.webp"
content-length
194024
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"6174afef-46584"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 24 Oct 2022 01:02:52 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef4854d0-MAN
cf-bgj
imgq:85,h2pri
spooktacular.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/o/g/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/o/g/spooktacular.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e8e149566a2334254e847e91735fdfe5ab28008eaf4d437a732c211a3dd845
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=253978
last-modified
Fri, 15 Oct 2021 13:35:31 GMT
content-disposition
inline; filename="spooktacular.webp"
content-length
125666
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
"616983a3-3e01a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 15 Oct 2022 13:41:13 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef4a54d0-MAN
cf-bgj
imgq:85,h2pri
March-8-2020-1024x768.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2020/01/ 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2020/01/March-8-2020-1024x768.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8936f01ec6473de761c0063a29e01afc43680ef0811084cbc67bfcffc7f409f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
age
373004
cf-polished
qual=85, origFmt=jpeg, origSize=215663
last-modified
Mon, 09 Mar 2020 12:52:57 GMT
content-disposition
inline; filename="March-8-2020-1024x768.webp"
content-length
148526
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5e663c29-34a6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 29 Sep 2022 21:23:50 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef4b54d0-MAN
cf-bgj
imgq:85,h2pri
02ad8b1b00cdfe122a26050bb5dc67e35250783a-1024x576.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/h/p/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/h/p/02ad8b1b00cdfe122a26050bb5dc67e35250783a-1024x576.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0fc4fc124399d25ecf7ea03ea01d46cae5da401629413685473c0db995ac46f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=184304
last-modified
Sat, 23 Oct 2021 03:07:09 GMT
content-disposition
inline; filename="02ad8b1b00cdfe122a26050bb5dc67e35250783a-1024x576.webp"
content-length
126268
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"61737c5d-2cff0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 23 Oct 2022 03:08:59 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef4c54d0-MAN
cf-bgj
imgq:85,h2pri
94604a39421cf319c02d23ab6fe74be17ee91a63-1024x682.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/e/j/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/e/j/94604a39421cf319c02d23ab6fe74be17ee91a63-1024x682.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69886bc0ae8bae5ca533ed82d7fa3feec2f90439c182935a4c6fcb04eeb992a3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=87296
last-modified
Mon, 18 Oct 2021 16:33:05 GMT
content-disposition
inline; filename="94604a39421cf319c02d23ab6fe74be17ee91a63-1024x682.webp"
content-length
38290
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"616da1c1-15500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 20 Oct 2022 18:38:45 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef4d54d0-MAN
cf-bgj
imgq:85,h2pri
3a779a119620c8752fb22b085584d8bfc2be63c2-1024x709.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/k/d/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/k/d/3a779a119620c8752fb22b085584d8bfc2be63c2-1024x709.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1271b77745fede3f551183c51c2464cd76864c092d484e829c560be053d08cde
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=106689
last-modified
Fri, 22 Oct 2021 16:01:38 GMT
content-disposition
inline; filename="3a779a119620c8752fb22b085584d8bfc2be63c2-1024x709.webp"
content-length
45388
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"6172e062-1a0c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Oct 2022 16:15:33 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef4e54d0-MAN
cf-bgj
imgq:85,h2pri
mayo-clinic-1024x576.png
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/09/q/b/ 		524 KB
525 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/09/q/b/mayo-clinic-1024x576.png
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b99d42f862eeec467ae36592bc18992a5ff87d4c9ea915a4908291e854385fc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=831319
last-modified
Sun, 12 Sep 2021 22:30:18 GMT
content-disposition
inline; filename="mayo-clinic-1024x576.webp"
content-length
536502
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
"613e7f7a-caf57"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 23 Oct 2022 23:46:39 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef4f54d0-MAN
cf-bgj
imgq:85,h2pri
4c94fbe4d92f18659a31760987065ff361c1c245-1024x576.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/n/j/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/n/j/4c94fbe4d92f18659a31760987065ff361c1c245-1024x576.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
381a311f0bf7b9c5638965d8287ce4ebe7e38c64e139d73a2861226b275cca57
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=88128
last-modified
Sat, 23 Oct 2021 07:26:33 GMT
content-disposition
inline; filename="4c94fbe4d92f18659a31760987065ff361c1c245-1024x576.webp"
content-length
44492
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"6173b929-15840"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 23 Oct 2022 07:30:46 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef5054d0-MAN
cf-bgj
imgq:85,h2pri
67163c5e5b9f3a31a9a951cfbf2055720ca771db-1024x682.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/w/l/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/w/l/67163c5e5b9f3a31a9a951cfbf2055720ca771db-1024x682.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c07aa45cd9ee10800a0d609f576679017535d93fbe6fb875cd8d368afe2b9e55
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=101956
last-modified
Fri, 22 Oct 2021 16:17:00 GMT
content-disposition
inline; filename="67163c5e5b9f3a31a9a951cfbf2055720ca771db-1024x682.webp"
content-length
44680
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"6172e3fc-18e44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Oct 2022 17:26:00 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef5154d0-MAN
cf-bgj
imgq:85,h2pri
18afa64395791721ae31f3571b9b77b4320b23f3.png
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/08/s/c/ 		1013 KB
1015 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/08/s/c/18afa64395791721ae31f3571b9b77b4320b23f3.png
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d2ba6384feb8da12cdb77b1b1ff511c5a7ed249db5375d1812597891e02ab9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1591448
last-modified
Fri, 06 Aug 2021 17:51:57 GMT
content-disposition
inline; filename="18afa64395791721ae31f3571b9b77b4320b23f3.webp"
content-length
1037550
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"610d76bd-184898"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 23 Oct 2022 23:30:35 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef5254d0-MAN
cf-bgj
imgq:85,h2pri
haunted-mile-1024x576.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/d/r/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/d/r/haunted-mile-1024x576.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15b8a699fb10b062f1d7ae5386082ec49295e013c64964eb8218b6e5ae48c130
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=164733
last-modified
Fri, 22 Oct 2021 23:05:33 GMT
content-disposition
inline; filename="haunted-mile-1024x576.webp"
content-length
106852
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"617343bd-2837d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Oct 2022 23:06:47 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef5354d0-MAN
cf-bgj
imgq:85,h2pri
official-contest-rules-graphic_1519309708983-jpg_10456371_ver1-0.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2019/12/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2019/12/official-contest-rules-graphic_1519309708983-jpg_10456371_ver1-0.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d01b4ab00c5e8435e816af1d0e0c5a4cb9a9028cc843ad8a477485d0dc9acb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
age
93715
cf-polished
qual=85, origFmt=jpeg, origSize=200477
last-modified
Thu, 26 Dec 2019 18:54:33 GMT
content-disposition
inline; filename="official-contest-rules-graphic_1519309708983-jpg_10456371_ver1-0.webp"
content-length
58230
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5e0501e9-30f1d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 04 Oct 2022 11:05:51 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef5454d0-MAN
cf-bgj
imgq:85,h2pri
20d5d2a3391e022555b4312ea82b9e2fd7ca834d-1024x576.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/z/r/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/z/r/20d5d2a3391e022555b4312ea82b9e2fd7ca834d-1024x576.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c8774ee00be3a278770921351e0e9f55f681a1e79b5bf961f06bdbf1ea22ed1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=92129
last-modified
Wed, 20 Oct 2021 11:19:27 GMT
content-disposition
inline; filename="20d5d2a3391e022555b4312ea82b9e2fd7ca834d-1024x576.webp"
content-length
40542
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"616ffb3f-167e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 20 Oct 2022 18:27:02 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef5554d0-MAN
cf-bgj
imgq:85,h2pri
vaccine-information-hq.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/05/a/c/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/05/a/c/vaccine-information-hq.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
900e38ec18d499f254299ca7bbd59e95f8ea503b836b83c86b81978c55a17326
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=49693
last-modified
Tue, 11 May 2021 13:35:41 GMT
content-disposition
inline; filename="vaccine-information-hq.webp"
content-length
17912
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"609a882d-c21d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 04 Jun 2022 05:35:03 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef5654d0-MAN
cf-bgj
imgq:85,h2pri
1920x1080-Latest-Newscast-1024x576.png
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2020/01/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2020/01/1920x1080-Latest-Newscast-1024x576.png
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a8a81dddbbf7047b08929c8b45235916fe75f45fff369691db784596575e690
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=233715
last-modified
Mon, 06 Jan 2020 13:12:07 GMT
content-disposition
inline; filename="1920x1080-Latest-Newscast-1024x576.webp"
content-length
150560
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5e133227-390f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 20 Oct 2022 18:28:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef5754d0-MAN
cf-bgj
imgq:85,h2pri
1920x1080-mobile-apps-app-store-1024x576.png
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2020/01/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2020/01/1920x1080-mobile-apps-app-store-1024x576.png
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f9bcab78ea4d984bb956c70fb66ed055d47051f262d6e15ae5c11fb8093e916
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=199604
last-modified
Mon, 06 Jan 2020 13:12:14 GMT
content-disposition
inline; filename="1920x1080-mobile-apps-app-store-1024x576.webp"
content-length
122506
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5e13322e-30bb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 20 Oct 2022 17:55:37 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef5854d0-MAN
cf-bgj
imgq:85,h2pri
1920x1080-First-Alert-1024x576.png
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2020/01/ 		208 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2020/01/1920x1080-First-Alert-1024x576.png
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eacb58d751682d6d566f8c07557b7a197f91487142cd2d312c91ef1f51af0469
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=330318
last-modified
Mon, 06 Jan 2020 13:12:04 GMT
content-disposition
inline; filename="1920x1080-First-Alert-1024x576.webp"
content-length
213118
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5e133224-50a4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 25 May 2022 15:44:55 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef5954d0-MAN
cf-bgj
imgq:85,h2pri
v-frost-advisory-plants-1024x576.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/g/p/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/g/p/v-frost-advisory-plants-1024x576.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03069108742c10840597955cf7bcff3b34e71f5e800cd2b32a3aea1723a2a59
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
age
373004
cf-polished
qual=85, origFmt=jpeg, origSize=138627
last-modified
Mon, 18 Oct 2021 22:44:52 GMT
content-disposition
inline; filename="v-frost-advisory-plants-1024x576.webp"
content-length
83542
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"616df8e4-21d83"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 18 Oct 2022 22:49:12 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef5a54d0-MAN
cf-bgj
imgq:85,h2pri
de1966a6eaf6add8867cc5295cef40dff6ababc0-1024x576.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/a/t/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/a/t/de1966a6eaf6add8867cc5295cef40dff6ababc0-1024x576.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200963ab4a498d1553cfca2e0b92a4ba127453c1e06f05fb92eb4d78decf2374
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=71240
last-modified
Sat, 23 Oct 2021 16:49:36 GMT
content-disposition
inline; filename="de1966a6eaf6add8867cc5295cef40dff6ababc0-1024x576.webp"
content-length
30450
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"61743d20-11648"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 23 Oct 2022 17:03:23 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef5b54d0-MAN
cf-bgj
imgq:85,h2pri
pic-hunger-in-monroe-county-1024x576.jpg
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/p/p/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/uploads/2021/10/p/p/pic-hunger-in-monroe-county-1024x576.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
196d453bda8e93c87f7b5e535df26dcbd0cf1c8a13c72e946386617bd6d1e2b5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=168527
last-modified
Thu, 21 Oct 2021 23:27:39 GMT
content-disposition
inline; filename="pic-hunger-in-monroe-county-1024x576.webp"
content-length
107768
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"6171f76b-2924f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 21 Oct 2022 23:31:21 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef5c54d0-MAN
cf-bgj
imgq:85,h2pri
1195x339-transparency.png
www.news8000.com/content/uploads/2020/01/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.news8000.com/content/uploads/2020/01/1195x339-transparency.png
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.130 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
wpapp.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
79b54723fb2d66d1e944e6d3dd08e2f7541976d0b476d62162432e7915bb09d3

Request headers

:path
/content/uploads/2020/01/1195x339-transparency.png
pragma
no-cache
cookie
_cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.news8000.com
referer
https://www.news8000.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:09:38 GMT
last-modified
Mon, 06 Jan 2020 15:07:35 GMT
age
231
etag
"5e134d37-b143"
x-vcache
HIT
content-type
image/png
cache-control
public, max-age=600
accept-ranges
bytes
content-length
45379
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c69f07bbe87bdd03b774a4069f22acb6d89e79799483f5dc091ebd3e83247c18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
4+w86fqzdfdtXMpuDx7LJA==
cross-origin-resource-policy
cross-origin
expires
Sun, 24 Oct 2021 02:17:31 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
xHuILNqzrgpXpBxImZFBQAyHNPUw98nIIpSG4ZnEDw9mhiBTB/s8JqbplZhrZhPIkr1UGxINWJgOvfSAPQ0UeQ==
x-fb-trip-id
686109401
x-fb-content-md5
4dd035e456936fec5abed06994750b03
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 24 Oct 2021 02:13:29 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"75c76a8e0622957966bf7f3eb8a901d6"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
.js
dyv1bugovvq1g.cloudfront.net/71/www.news8000.com/ 		2 KB
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dyv1bugovvq1g.cloudfront.net/71/www.news8000.com/.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:ec00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
165b76be3d695c12e2791b47346f4267fb885d8c9d1adc308e8e0130d985b7fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
gzip
last-modified
Sun, 24 Oct 2021 01:04:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
"ff0bae9b4d58b1c769b692d8a7dd63fb"
x-cache
RefreshHit from cloudfront
content-type
application/json; charset=utf-8
via
1.1 3431ec594cac61983aae2d9ffaf23981.cloudfront.net (CloudFront)
cache-control
max-age=300
accept-ranges
bytes
content-length
425
x-amz-cf-id
BXXz0b8iNrEFlNms1rmi4iWIKeQsoUtbKyU4-rcanKO6DP6VT8mdXg==
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		82 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=71
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:b400:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d65865c1d7cd1bbf96d797f0eda4e094bf5c46a3879526c7a01cc3d0badeb98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
DxudlD8cHuCDKyXEUE9s3ytbQ7ahbDDb
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 20:41:16 GMT
server
AmazonS3
age
21728
etag
W/"ef75b1a558164288ccb7d14743bbf4f9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
cache-control
max-age=84600
date
Sat, 23 Oct 2021 20:11:21 GMT
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
JWsfoXLarjzYm5aL2j1f803yL7zIYe362QKEsB4S1mp0MGDtdirTPA==
gtm.js
www.googletagmanager.com/ 		177 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc3480e320023f8a8ee0c23f3f6dc29953f9422bbad79fbae43ac18ddaf3931d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60375
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Oct 2021 02:13:29 GMT
gtm.js
www.googletagmanager.com/ 		111 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K8H6L3P
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb8fd3ee596308ac7f4a78b69962bada72aafdac94a40f17e1fc9aad43b25b0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42111
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Oct 2021 02:13:29 GMT
b011c176-ac22-4932-ac01-18c7db9a815a.json
cdn.cookielaw.org/consent/b011c176-ac22-4932-ac01-18c7db9a815a/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/b011c176-ac22-4932-ac01-18c7db9a815a/b011c176-ac22-4932-ac01-18c7db9a815a.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c02ab04166fd2c0a5aa6bb7e60b7a6f72c4f2652101d9c60c71e41497af879f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XWP0OFLasWmDl6yQFNlz2g==
age
14222
vary
Accept-Encoding
content-length
1140
x-ms-lease-status
unlocked
last-modified
Wed, 12 May 2021 14:28:44 GMT
server
cloudflare
etag
0x8D915523FA6F669
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7e3eaf9d-701e-017f-6a9f-b50081000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a2fafa9faa659b3-MXP
expires
Sun, 24 Oct 2021 06:13:29 GMT
wp-emoji-release.min.js
www.news8000.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.news8000.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.130 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
wpapp.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js
pragma
no-cache
cookie
_cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.news8000.com
referer
https://www.news8000.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:10:36 GMT
content-encoding
gzip
last-modified
Tue, 05 Nov 2019 22:04:02 GMT
age
173
etag
W/"5dc1f1d2-364d"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
5120
poweredby-townnews.png
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/images/poweredby-townnews.png
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5cd451f1e51e0cfb1e3120c2721a8036dea1d319846cf793b0b1d958474594b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=3347
last-modified
Thu, 02 Jan 2020 15:06:12 GMT
content-disposition
inline; filename="poweredby-townnews.webp"
content-length
1878
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5e0e06e4-d13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 07 Oct 2022 18:45:51 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafabef5d54d0-MAN
cf-bgj
imgq:85,h2pri
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c69f07bbe87bdd03b774a4069f22acb6d89e79799483f5dc091ebd3e83247c18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.news8000.com/
Origin
https://www.news8000.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
4+w86fqzdfdtXMpuDx7LJA==
cross-origin-resource-policy
cross-origin
expires
Sun, 24 Oct 2021 02:17:31 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
xHuILNqzrgpXpBxImZFBQAyHNPUw98nIIpSG4ZnEDw9mhiBTB/s8JqbplZhrZhPIkr1UGxINWJgOvfSAPQ0UeQ==
x-fb-trip-id
686109401
x-fb-content-md5
4dd035e456936fec5abed06994750b03
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 24 Oct 2021 02:13:29 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"75c76a8e0622957966bf7f3eb8a901d6"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
rayos_alerts_severe_weather.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/rayos-alerts/css/ 		2 KB
765 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/rayos-alerts/css/rayos_alerts_severe_weather.css?ver=357468151ff62331a0d803834e80d76c
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8370e4d308f9ad450bb279a602fe082fd1e66a46122ce3559b18620ecdf96f42
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafab3f0e54d0-MAN
last-modified
Tue, 06 Oct 2020 00:31:51 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5f7bbaf7-917"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:14:33 GMT
front_style.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/templatera/assets/css/ 		164 B
226 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/templatera/assets/css/front_style.css?ver=2.1
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6224660b34bbaf4612921643c84a10f5f09423edbc20b97e57540010e5d18625
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafabdf2c54d0-MAN
last-modified
Tue, 07 Apr 2020 09:40:21 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5e8c4a85-a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:14:59 GMT
js_composer_tta.min.css
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/css/ 		312 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/css/js_composer_tta.min.css?ver=6.2.0
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
019fe96d013011d279e6f2f51924633e5119fef76b0a8527fce8e3d8b3dc13fc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafabef2f54d0-MAN
last-modified
Mon, 20 Apr 2020 12:46:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5e9d998d-4e1d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:14:33 GMT
bootstrap.min.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/js/bootstrap/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/js/bootstrap/bootstrap.min.js?ver=3.0.0
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafabef3054d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-9004"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:28 GMT
scripts.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/js/scripts.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a8ca47ac3c92cb4d3d92304df69d325788ef9c1d71e56db99be448c9203c6b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafabef3154d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-1093"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:18:24 GMT
jquery.flexslider-min.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/lib/bower/flexslider/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/lib/bower/flexslider/jquery.flexslider-min.js?ver=6.2.0
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88aaecda68b50302ff3e9ac1876e6febf68f59e3dd26a46ff7076d4c297c8b66
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafabef3254d0-MAN
last-modified
Mon, 20 Apr 2020 12:46:07 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5e9d998f-5561"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:17:13 GMT
jquery.prettyPhoto.min.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/lib/prettyphoto/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/lib/prettyphoto/js/jquery.prettyPhoto.min.js?ver=6.2.0
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
798d62ba5e0d79c78e9ec2ca02c704a640bd8fb0294a5c7e2ee1a4df10311306
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafabef3354d0-MAN
last-modified
Mon, 20 Apr 2020 12:46:06 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5e9d998e-5db3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:18:24 GMT
script.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/automatic-copyright-year/ 		336 B
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/automatic-copyright-year/script.js?ver=1.0
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7b6b36454670404310a2bce33511aa9295576c528b24be0b937e9f7b40cf80f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
cf-ray
6a2fafabef3454d0-MAN
last-modified
Sun, 12 Jul 2015 17:01:50 GMT
x-vcache
HIT
server
cloudflare
etag
W/"55a29d7e-150"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:18:29 GMT
polyfill.js
cdn.polyfill.io/v2/ 		420 B
676 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.js?features=IntersectionObserver&ver=2019.11.19
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::282 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c068d2ebef10d7d53bb79442b12c6fcb754a6bf9a005bc1e5f9dd5a553e081c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
2073232
detected-user-agent
Chrome Mobile/93.0.4577
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
213
referrer-policy
origin-when-cross-origin
last-modified
Wed, 29 Sep 2021 18:29:17 GMT
date
Sun, 24 Oct 2021 02:13:29 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/93.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
ad-manager-aps.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-ad-manager/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-ad-manager/ad-manager-aps.js?ver=2019.11.19
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c914329f4907e4dd5399763e54f095a97b1c5e3e1c8d3b00fafa84887e97361e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
cf-ray
6a2fafabef3554d0-MAN
last-modified
Wed, 14 Jul 2021 18:49:39 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60ef31c3-1b78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:18:29 GMT
gtx-ugc.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/js/ 		470 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/js/gtx-ugc.js?ver=2018.04.17
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c15ddba3505cd530e7dc9f39c664503260907acfd546e6ca2e522d6a7a19ec82
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafabef3654d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-1d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:28 GMT
jquery.justifiedGallery.min.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/assets/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/assets/js/jquery.justifiedGallery.min.js?ver=1.2.2
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4380407c0d68da81b547384db263414e78e2a34e171ca7cc5220b9d86507b85
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafabef3754d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-46fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:28 GMT
jquery.mousewheel.min.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/includes/Lightbox/Photoswipe/assets/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/includes/Lightbox/Photoswipe/assets/jquery.mousewheel.min.js?ver=1.2.2
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a80f860251402c6bd55adaa519fe7260a90e6257d4255d5652b734df3f38f39f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafabef3854d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-ae0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:18:24 GMT
photoswipe-ui-default.min.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/includes/Lightbox/Photoswipe/assets/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/includes/Lightbox/Photoswipe/assets/photoswipe-ui-default.min.js?ver=1.2.2
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4059dc11e73e02d4cb2dd7987b457813d685577b5e5ea4c383cc18e0bf569d02
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafabef3954d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-2699"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:28 GMT
photoswipe.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/includes/Lightbox/Photoswipe/assets/ 		96 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/includes/Lightbox/Photoswipe/assets/photoswipe.js?ver=1.2.2
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74cd9730bce2a622d14ada07f55b72a2b054702bcd8584b4749a970e8808fa06
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafabef3a54d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-17e6d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:18:04 GMT
jquery.photoswipe.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/includes/Lightbox/Photoswipe/assets/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-gallery/justified-gallery/includes/Lightbox/Photoswipe/assets/jquery.photoswipe.js?ver=1.2.2
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b800c07b7cbb51b1b594e4e80f5d464e8f274ed26a216ca8571c8de6959d9e66
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
cf-ray
6a2fafabef3b54d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-d46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:18:29 GMT
ssba.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/simple-share-buttons-adder/js/ 		2 KB
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/simple-share-buttons-adder/js/ssba.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafabef3c54d0-MAN
last-modified
Thu, 22 Feb 2018 18:17:48 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5a8f094c-792"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:28 GMT
api.js
www.google.com/recaptcha/ 		919 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1f823651e175cd56323817a2b359056762a44341b91e03bfb2877bcf89d31403
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
583
x-xss-protection
1; mode=block
expires
Sun, 24 Oct 2021 02:13:29 GMT
scheduled-elements.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-scheduled-elements/ 		454 B
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-scheduled-elements/scheduled-elements.js?ver=2018.08.10
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38f17877b3d9614c4a1a37b257a64c7b759cae9eed1fe27747670d001206c4be
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
cf-ray
6a2fafabef3d54d0-MAN
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5d9cb345-1c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:18:29 GMT
wp-embed.min.js
www.news8000.com/wp-includes/js/ 		1 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.news8000.com/wp-includes/js/wp-embed.min.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.130 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
wpapp.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

:path
/wp-includes/js/wp-embed.min.js
pragma
no-cache
cookie
_cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.news8000.com
referer
https://www.news8000.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:09:38 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 2019 00:17:07 GMT
age
231
etag
W/"5db39083-59a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
783
js_composer_front.min.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/js/dist/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.2.0
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9be6923457d76debf4c512fac0a2173aaa94748868d26566515ce2a4156d083d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
cf-ray
6a2fafabef3e54d0-MAN
last-modified
Mon, 20 Apr 2020 12:46:06 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5e9d998e-5075"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:18:29 GMT
rayos_alerts_VC.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/rayos-alerts/js/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/rayos-alerts/js/rayos_alerts_VC.js?ver=6043e1f967d1690a01428bfdfa35af88
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1eed7f8af9c0f129c29dc882519132ed76ef66e707afe5c0864ac42e2352cc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafabef3f54d0-MAN
last-modified
Fri, 22 Jan 2021 20:14:40 GMT
x-vcache
HIT
server
cloudflare
etag
W/"600b3230-2a79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:16:28 GMT
vc-accordion.min.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/lib/vc_accordion/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/lib/vc_accordion/vc-accordion.min.js?ver=6.2.0
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c364fa179e5fdc4c250f2575d8854fd835049ef55e9efda77b7675f751a11c2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafabef4054d0-MAN
last-modified
Mon, 20 Apr 2020 12:46:06 GMT
x-vcache
HIT
server
cloudflare
etag
W/"5e9d998e-2c8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:14:33 GMT
vc-tta-autoplay.min.js
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/lib/vc-tta-autoplay/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/js_composer/assets/lib/vc-tta-autoplay/vc-tta-autoplay.min.js?ver=6.2.0
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0190073142437593f69fcf93088148239125f1a6c368df01614304170d8892d8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
6a2fafabef4154d0-MAN
last-modified
Mon, 20 Apr 2020 12:46:06 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5e9d998e-9fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-robots-tag
noarchive
expires
Sun, 24 Oct 2021 02:14:33 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.17.0/ 		377 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
66Z8bY5FXXAAikIS37tpYA==
age
446727
vary
Accept-Encoding
content-length
85833
x-ms-lease-status
unlocked
last-modified
Thu, 29 Apr 2021 01:57:14 GMT
server
cloudflare
etag
0x8D90AB21C520644
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
aa621fa8-901e-00bd-0b6c-c4ce6a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a2fafabdd58d6d9-FRA
expires
Mon, 01 Nov 2021 02:13:29 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700|Roboto+Condensed:400,700|Open+Sans:400,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.news8000.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 17:04:31 GMT
x-content-type-options
nosniff
age
205738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 17:04:31 GMT
pview
l.sharethis.com/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1635041609508.11317&hostname=www.news8000.com&location=%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=https%3A%2F%2Fwww.news8000.com%2F&title=News8000.com%20-%20WKBT&sop=false&description=La%20Crosse%20Wisconsin%20News%2C%20La%20Crosse%20Weather%20and%20Wisconsin%20Sports%20-%20WKBT-TV%2C%20News%208%20Now
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.181.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-181-115.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:29 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://www.news8000.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
b011c176-ac22-4932-ac01-18c7db9a815a.json
cdn.cookielaw.org/consent/b011c176-ac22-4932-ac01-18c7db9a815a/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/b011c176-ac22-4932-ac01-18c7db9a815a/b011c176-ac22-4932-ac01-18c7db9a815a.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c02ab04166fd2c0a5aa6bb7e60b7a6f72c4f2652101d9c60c71e41497af879f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XWP0OFLasWmDl6yQFNlz2g==
age
14222
vary
Accept-Encoding
content-length
1140
x-ms-lease-status
unlocked
last-modified
Wed, 12 May 2021 14:28:44 GMT
server
cloudflare
etag
0x8D915523FA6F669
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7e3eaf9d-701e-017f-6a9f-b50081000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a2fafab8bad59b3-MXP
expires
Sun, 24 Oct 2021 06:13:29 GMT
var=rayos_siteaud
ad.crwdcntrl.net/5/c=15032/pe=y/ 		92 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.crwdcntrl.net/5/c=15032/pe=y/var=rayos_siteaud
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
54170c0cebcb833af46abaeecb5c2ce8f53f972ffee8bb1c5a4b2e54e775184d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:29 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.50
content-type
application/javascript;charset=utf-8
content-length
92
expires
0
hb_450266_11887.js
player.adtcdn.com/prebidlink/454178/ 		354 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26b2c76d113c605500a8de27913a7194faf50f61f0a3673be152ed1d6dbd6400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 Oct 2021 16:44:16 GMT
server
cloudflare
etag
W/"61704760-586a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvVc7rnIBDLT14EHuwdPtR9AeOBvM4pOpjqPg%2F2J0gdbJs9QAU4VfEwYZE6Xfkl%2FzMckIxM8G783hGbJkC5qYaBZnyGHFgfbWQejZHiTQQWlkA%2BFo%2F%2Bz7vxJp4y7fu1iBU8xzBNc18NgQPnnOTF51g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafad4b71375f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 24 Oct 2021 02:28:29 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
8ade00ef9b3c7f137dfe82dd11ed970b47ece19df2e6014b9abce76bc91a1b3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1023 / 685 of 1000 / last-modified: 1634854038"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27192
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Oct 2021 02:13:29 GMT
wrapper_hb_450266_11887.js
player.adtcdn.com/prebidlink/454178/ 		86 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/454178/wrapper_hb_450266_11887.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92789dd382650fd94ee8ab2545ec0e06f42264c9cdb2f6fe9c3b998a100f65fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 Oct 2021 16:42:44 GMT
server
cloudflare
etag
W/"61704704-15873"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yR8p2leJOlQyKf59RXF9C4GkZT4ZUfvNJ33ijwkcYeYqjguG3MLH%2BhUu8ZDoNY1i42wldMfoPDqj67%2Fcpeu8vRuaClokX0Fcg5i418CXRsKp0n62Rkw%2FIQBz%2FiqPh3YHudKVIy3z7%2Bn62ZkvxAlCSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafad4b72375f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 24 Oct 2021 02:28:29 GMT
connatix.playspace.dc.js
cds.connatix.com/p/134237/ Frame 15CC
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/134237/connatix.playspace.dc.js
1 MB
235 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/134237/connatix.playspace.dc.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
43b2c605cdfcbf45584e7ccc2c14a1723fcdb93e055b2da97cbbc6f1d45d70f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
last-modified
Fri, 22 Oct 2021 14:58:30 GMT
age
126786
etag
"40cfd723f2691e9de195a31895be369e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
240331

Redirect headers

location
https://cds.connatix.com/p/134237/connatix.playspace.dc.js
date
Sun, 24 Oct 2021 02:13:29 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
pview
l.sharethis.com/ 		0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1635041609508.11317&hostname=www.news8000.com&location=%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=https%3A%2F%2Fwww.news8000.com%2F&title=News8000.com%20-%20WKBT&sop=false&description=La%20Crosse%20Wisconsin%20News%2C%20La%20Crosse%20Weather%20and%20Wisconsin%20Sports%20-%20WKBT-TV%2C%20News%208%20Now&description=La%20Crosse%20Wisconsin%20News%2C%20La%20Crosse%20Weather%20and%20Wisconsin%20Sports%20-%20WKBT-TV%2C%20News%208%20Now&img_pview=true
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.181.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-181-115.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:29 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		155 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=news8000.com&domain=news8000.com&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0cb5fa14f9ce2d712b463e11e13f635a0ff48ca6354fd10650b3fcf36566c471

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
gzip
x-cache-hits
0
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
124
x-served-by
cache-mxp6941-MXP
access-control-allow-origin
*
x-timer
S1635041610.659288,VS0,VE103
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Fri, 22 Oct 2021 02:13:29 GMT
tracker.gif
www.news8000.com/shared-content/art/stats/common/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.news8000.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=163504160957916001200480647595847&tnms_dt=News8000.com%20-%20WKBT&tnms_upage=1&tnms_do=www.news8000.com&tnms_uri=/&tnms_ref=&rt=1635041609581
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.130 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
wpapp.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=163504160957916001200480647595847&tnms_dt=News8000.com%20-%20WKBT&tnms_upage=1&tnms_do=www.news8000.com&tnms_uri=/&tnms_ref=&rt=1635041609581
pragma
no-cache
cookie
_cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.news8000.com
referer
https://www.news8000.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
age
0
etag
"48f79fed-0"
x-vcache
MISS
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
/
dgtonline.net/mini-widget/ Frame BDE3 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/mini-widget/
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc198a760173ed46364de628b404758e087443bea0bb0e45ab82b5ebd81534a

Request headers

:method
GET
:authority
dgtonline.net
:scheme
https
:path
/mini-widget/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.news8000.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-type
text/html; charset=UTF-8
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
cache-control
max-age=0
expires
Sun, 24 Oct 2021 02:13:29 GMT
set-cookie
X-Mapping-knikccmo=6C87D404C86397675DC7F0383AD938FD; path=/
last-modified
Sat, 23 Oct 2021 15:10:23 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qSMJW63ojepz8MP%2FSLfOo8s9A2xvF6UTuqKsmy8PxvCG%2F%2FD8qSvsuSKj3pd8Uy4nTcNMV0HzKQXXuZeMKQ0nAKRxF5LOShBcquGX5e%2FmuH94hCWvdP4rG5qUdoA%2FlZJyWOwcKxYjQXr0Spr"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a2fafac2ebf6927-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
dgtonline.net/mini-widget-mobile/ Frame FE99 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/mini-widget-mobile/
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c32ded4289d4594932e1ad845389cfa3f0ddfb72dfbf2173166ce243e3e6afb4

Request headers

:method
GET
:authority
dgtonline.net
:scheme
https
:path
/mini-widget-mobile/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.news8000.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-type
text/html; charset=UTF-8
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
cache-control
max-age=0
expires
Sun, 24 Oct 2021 02:13:29 GMT
set-cookie
X-Mapping-knikccmo=BC018885C7CDDA18979DC7EC92CC35D9; path=/
last-modified
Sat, 23 Oct 2021 15:10:18 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Am%2FDLqgGRpaWRxdVsW9DP%2BJrLPfcx57oxuS19PgZAA9GA8OO5LGBaRlgGukyG6SmlNKEpFlfot7RzNIfTw9tXEannkgIB%2F6SQLaQ4vTkw23202ODq8QUwmB4LdDBVg1uhfPrEjNCyySLVNQ%2F"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a2fafac2ec26927-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Origin
https://www.news8000.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
779328
cdn-cachedat
2021-04-21 05:21:27
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
56780
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5a8d0170e8720a740466bb4ed32586b7
accept-ranges
bytes
cf-ray
6a2fafac3a4759cb-MXP
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		155 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=news8000.com&domain=news8000.com&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0cb5fa14f9ce2d712b463e11e13f635a0ff48ca6354fd10650b3fcf36566c471

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
gzip
x-cache-hits
1
age
0
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
124
x-served-by
cache-mxp6941-MXP
access-control-allow-origin
*
x-timer
S1635041610.659354,VS0,VE103
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Fri, 22 Oct 2021 02:13:29 GMT
video-play-icon.png
wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/images/video-play-icon.png
Requested by
Host: wpcdn.us-east-1.vip.tn-cloud.net
URL: https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/css/style.css?ver=1634869223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6c4265633449503c1aaf2d1883bbec2bbbd22efa16d0570686ad7853a38b84
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/themes/gtxcel/library/css/style.css?ver=1634869223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
vary
Accept
cf-cache-status
HIT
age
93705
cf-polished
origFmt=png, origSize=8549
last-modified
Tue, 08 Oct 2019 16:03:17 GMT
content-disposition
inline; filename="video-play-icon.webp"
content-length
3434
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5d9cb345-2165"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 22 Oct 2022 14:04:46 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a2fafac3f6d54d0-MAN
cf-bgj
imgq:85,h2pri
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700|Roboto+Condensed:400,700|Open+Sans:400,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.news8000.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options
nosniff
age
463552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 18 Oct 2022 17:27:37 GMT
embed-akamai.php
engine.univtec.com/ Frame DC75 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://engine.univtec.com/embed-akamai.php?params=dXJsPTc0RDdzcFRhUkV5REU4Q1dLblhkV1EmdWE9VUEtMjMxMDkxNzMtMSZ2YXN0PWh0dHBzJTNBJTJGJTJGcHViYWRzLmcuZG91YmxlY2xpY2submV0JTJGZ2FtcGFkJTJGYWRzJTNGaXUlM0QlMkY0MzQ1OTI3MSUyRmVuZ2luZW1lZGlhbGl2ZSUyRnNzLVdLQlQlMjZkZXNjcmlwdGlvbl91cmwlM0QlMjUlMjVSRUZFUlJFUl9VUkxfRVNDJTI1JTI1JTI2dGZjZCUzRDAlMjZucGElM0QwJTI2c3olM0Q2NDB4NDgwJTI2bWluX2FkX2R1cmF0aW9uJTNEMCUyNm1heF9hZF9kdXJhdGlvbiUzRDYwMDAwJTI2Z2RmcF9yZXElM0QxJTI2b3V0cHV0JTNEdmFzdCUyNnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0JTNEMSUyNmVudiUzRHZwJTI2aW1wbCUzRHMlMjZjb3JyZWxhdG9yJTNEJTI1JTI1Q0FDSEVCVVNURVIlMjUlMjUmdGl0bGVFdmVudD1XS0JUJTJGTmV3czgwMDAuY29tJmNhdGVnb3J5PVZpZGVv%22
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.197.28.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-28-239.compute-1.amazonaws.com
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
e3cc31d1dd4a86f84ce96fbbec379b67fac15f5855c25c47ee210349b5268d65

Request headers

Host
engine.univtec.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.news8000.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/

Response headers

Date
Sun, 24 Oct 2021 02:13:29 GMT
Server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38
X-Powered-By
PHP/5.5.38
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
sdk.js
connect.facebook.net/en_US/ 		265 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=164f2df1fd6b59d82d940f92c0b8da3f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d0453cf4c77ab597ba01b1fd26e2876fb8cd5697446cb8379f7546cf0e80977f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.news8000.com/
Origin
https://www.news8000.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
xN9Hqzg8YqSvFdcXONSrqw==
cross-origin-resource-policy
cross-origin
expires
Mon, 24 Oct 2022 00:30:04 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76540
x-fb-rlafr
0
x-fb-debug
XTJjuvMYjLxluS/uHGLnhSCdlckqSEsVgzx1yXhbECfvCU0rCP/dJ/urKbbIPFek8VHtdI000tCrxRDkcx/Shw==
x-fb-trip-id
686109401
x-fb-content-md5
385609e52460c02295d95aa5cd28d662
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 24 Oct 2021 02:13:29 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"9d5080c2875e06241e367c977bce91ab"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
en.json
cdn.cookielaw.org/consent/b011c176-ac22-4932-ac01-18c7db9a815a/4a373f7e-6573-40f3-9361-518243a9dc90/ 		15 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/b011c176-ac22-4932-ac01-18c7db9a815a/4a373f7e-6573-40f3-9361-518243a9dc90/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cdc019231ff1951cbaf8cce84ae8304d124c229143a3bd8e8a4e2f7af4322e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
honelEBv2A6PY3jHFiRttw==
age
14219
vary
Accept-Encoding
content-length
4887
x-ms-lease-status
unlocked
last-modified
Wed, 12 May 2021 14:28:58 GMT
server
cloudflare
etag
0x8D9155247CDC7D3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
13450770-201e-016c-638c-9d3560000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a2fafac6c4a59b3-MXP
expires
Sun, 24 Oct 2021 06:13:29 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700|Roboto+Condensed:400,700|Open+Sans:400,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.news8000.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 08:58:25 GMT
x-content-type-options
nosniff
age
148504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 08:58:25 GMT
/
onetag-geo.s-onetag.com/ 		555 B
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/8d82e390-3000-4a25-a0bc-905bfb2d8f14/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 13:43:42 GMT
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d9.cloudfront.net (CloudFront), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
age
44987
x-amzn-requestid
6a483d84-8341-4c31-ae70-82105c2537f5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P3, FRA56-P5
x-amz-apigw-id
HqeuVEFZiYcFYDQ=
content-length
555
x-amz-cf-id
kAilIB7Ie3vfGE8M9_od1HOrLcWNrCGw2xpWDwCQPncucAJddiBSLg==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/8d82e390-3000-4a25-a0bc-905bfb2d8f14/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
099d5a93d27e43c40b29b9f45a57492ca8d87ee45d14d7a83d0ff39735822b3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
x0gR.yq1o4oS4jq28J7nG9U0MFiLgIQ.
content-encoding
gzip
etag
W/"5c1dcd62582070cb2352f625af50ce57"
last-modified
Thu, 21 Oct 2021 09:51:00 GMT
server
AmazonS3
age
58945
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sat, 23 Oct 2021 09:51:05 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
YsZNSWPi9ASJIuBYPDfwJNXnzkdy47WrL9rnsf8bKz7etflknguN5Q==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700|Roboto+Condensed:400,700|Open+Sans:400,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.news8000.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 17:36:17 GMT
x-content-type-options
nosniff
age
203832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 17:36:17 GMT
mi-1.13.7.12.js
snippet.minute.ly/publishers/10730/ 		185 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.minute.ly/publishers/10730/mi-1.13.7.12.js
Requested by
Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-10730.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b663ec8d2d4c48019fb994fc2b053605887ff6657a88c22d4e3b8c3d31b71203

Request headers

Referer
https://www.news8000.com/
Origin
https://www.news8000.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hw
1635041604.dop041.fr8.t,1635041609.cds291.fr8.c
last-modified
Sun, 01 Mar 2020 09:42:24 GMT
server
cloudflare
etag
W/"1583055744"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnImAE3p7HOC0oDwVuE7b6ckiuTXBv9BzEb%2BTh%2FUbllP7v5uEK3cbVuN4J9FYCekxWSAesz8pZmt1Jy6M5sMshWU%2Bao2MNNdY6Ov3rcc9aqS8eMK23iv8Hkp8NIIIOhWpUEIcGuaPHaTxpKQESqD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=29384926
access-control-allow-credentials
true
cf-ray
6a2fafadec8f691f-FRA
access-control-allow-headers
Content-Type
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700|Roboto+Condensed:400,700|Open+Sans:400,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.news8000.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 17:36:08 GMT
x-content-type-options
nosniff
age
203841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15640
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 17:36:08 GMT
d3d3Lm5ld3M4MDAwLmNvbQ==
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3Lm5ld3M4MDAwLmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:29 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=22986
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
2a48f032276080ddaef6b99c8efbc558
Content-Length
15
Expires
Sun, 24 Oct 2021 08:36:35 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=4.309980651715329
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Tue, 23 Nov 2021 02:13:29 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.17.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.17.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
iBHq0PTHfG30UZUmEXHGnw==
age
431296
vary
Accept-Encoding
content-length
2938
x-ms-lease-status
unlocked
last-modified
Thu, 29 Apr 2021 01:57:06 GMT
server
cloudflare
etag
0x8D90AB2173E15E6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6ad696ec-901e-007a-2e90-c4b2ab000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a2fafad4ceb59b3-MXP
expires
Mon, 01 Nov 2021 02:13:29 GMT
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.17.0/assets/ 		62 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.17.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b70dbbd3110e9643943cf22014e280cf8ae7e01d2e0165ad09bdb988fc79efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
r/nm/Kt9tdjXHtMK2zGH9Q==
age
431296
vary
Accept-Encoding
content-length
14755
x-ms-lease-status
unlocked
last-modified
Thu, 29 Apr 2021 01:57:06 GMT
server
cloudflare
etag
0x8D90AB217A74BD0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
728a5d58-a01e-0097-1c90-c4bb2f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a2fafad4cec59b3-MXP
expires
Mon, 01 Nov 2021 02:13:29 GMT
gtm.js
www.googletagmanager.com/ 		74 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5FZ4Q5Q&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf92e49b7ff06f53dbcf42538e8c8013d45ef02bc000dd88a407aefe2ae13f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29939
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Oct 2021 02:13:29 GMT
gtm.js
www.googletagmanager.com/ 		103 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-56H64NZ&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21f0406a0bb2c1dc5967c28387a41308852f78913d4ca3962e7110b09c062d62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39705
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Oct 2021 02:13:29 GMT
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/ 		378 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D71%26bt%3Dnull
Requested by
Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=71
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.236.169.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-236-169-96.compute-1.amazonaws.com
Software
/
Resource Hash
d43b7b365c95c246a59b3c313f581b6a152619978af90cdaa91f0c4a1b192a4a

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 24 Oct 2021 02:13:30 GMT
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId
ac4c7dd0-a8ef-5360-b8cb-243e6b6560c7
Content-Length
378
Content-Type
text/xml
/
www.facebook.com/tr/ 		44 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=131443486424&ev=fb_page_view&dl=https%3A%2F%2Fwww.news8000.com%2F&rl=&if=false&ts=1635041609978&sw=1600&sh=1200&at=
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 24 Oct 2021 02:13:30 GMT
t
jadserve.postrelease.com/ 		18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.news8000.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
78ad6b3da7f5453b1da747273df5ba6daa1418bf866f37cc9ca4e044e7621528

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
3025
expires
Mon, 1 Jan 1990 12:00:00 GMT
placement_invocation
ob.cheqzone.com/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-10.fra56.r.cloudfront.net
Software
/
Resource Hash
c76853b9b64b3fb4b4cfbd22885e4cc2e3f14918020efb69a1df8eaeeb2a3b8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 21:11:19 GMT
content-encoding
gzip
cheq_headers_order
Content-Type Cache-Control Expires Etag Content-Length Content-Encoding Date Connection
age
18131
etag
"c6e6-H+PLdQz0EEd97ZlT78HNXlxTPcM"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 3431ec594cac61983aae2d9ffaf23981.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
FRA56-P4
content-length
19276
x-amz-cf-id
5-HrjKww98DodTPggoXk2aRgYjVcwmaBcFWeh9tuNTigcH0UOhApIA==
expires
Sun, 24 Oct 2021 09:11:19 GMT
pubads_impl_2021101401.js
securepubads.g.doubleclick.net/gpt/ 		361 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
50f06fa6a4a36d9702745dec58ef82ea73b36cc8e2636504a85f65207904322d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125076
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 17:37:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Oct 2021 02:13:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		150 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.news8000.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
0e2a6e9c68e094040d0225fa290823792af66f313ac3625fafff49d9038dc823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
103
x-xss-protection
0
expires
Sun, 24 Oct 2021 02:13:30 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8H6L3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
776
date
Sun, 24 Oct 2021 02:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sun, 24 Oct 2021 04:00:34 GMT
_.gif
counter.snackly.co/ 		0
320 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/10730/mi-1.13.7.12.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:33f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
access-control-allow-origin
https://www.news8000.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6a2fafaff9270e06-MXP
access-control-allow-headers
Content-Type
content-length
0
expires
Sun, 24 Oct 2021 02:13:30 GMT
_.gif
counter.snackly.co/ 		0
39 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/10730/mi-1.13.7.12.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:33f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
access-control-allow-origin
https://www.news8000.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6a2fafaff9280e06-MXP
access-control-allow-headers
Content-Type
content-length
0
expires
Sun, 24 Oct 2021 02:13:30 GMT
js
www.googletagmanager.com/gtag/ 		124 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7L9520XTNE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FZ4Q5Q&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ccf9aa4385c97f9258ff3ee7da754958c5639e08b3f03fb460dbcdee0a676fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
49474
x-xss-protection
0
expires
Sun, 24 Oct 2021 02:13:30 GMT
css
fonts.googleapis.com/ Frame FE99 		31 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&display=swap
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e9c2df2904ee0ac9a0dcc01dbb90666d1c1fd659891fcecba4aa7f64ee0406c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 01:21:14 GMT
server
ESF
date
Sun, 24 Oct 2021 02:13:30 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sun, 24 Oct 2021 02:13:30 GMT
css
fonts.googleapis.com/ Frame BDE3 		31 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&display=swap
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e9c2df2904ee0ac9a0dcc01dbb90666d1c1fd659891fcecba4aa7f64ee0406c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 02:07:38 GMT
server
ESF
date
Sun, 24 Oct 2021 02:13:30 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sun, 24 Oct 2021 02:13:30 GMT
style.min.css
dgtonline.net/wp-includes/css/dist/block-library/ Frame FE99 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget-mobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 16:16:14 GMT
server
cloudflare
age
3837016
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sr9s38org98qptyBkYf8a2dcYcvEjZlOabS2S7RnKP1Wkn0Y%2BfNL0iHWoDzRiAz9679O2nEFcuk6n82QxmOjUscEsAmfn2etfnC3rmvi1795bOHp4HIk9sZj8kfVHaADSiL2IYfSd6nMkff"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb16ba86927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 09 Sep 2022 16:23:13 GMT
normalize.css
dgtonline.net/wp-content/themes/html5blank-stable/ Frame FE99 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-content/themes/html5blank-stable/normalize.css?ver=1.0
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a10844d60cd0fd12d194780a7d5521ac07b4dc525b40b9938d8e6780424f85d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget-mobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Dec 2019 05:43:37 GMT
server
cloudflare
age
4567655
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykhU1XxwCdsGV3KtL4zMYhFpJbO7fwBrHzvWGvMIm%2BcHxsT78LgmBIjU8wBbLPrVOlTPWtSlPSCq7fNY2X8UACrW2snTNFdsExPtSDX4CtW0mOsFINu3gcTpM6Uj3hhpkPz%2FfFfe%2B0rlh4yT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb16ba96927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Sep 2022 05:25:55 GMT
style.css
dgtonline.net/wp-content/themes/html5blank-stable/ Frame FE99 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-content/themes/html5blank-stable/style.css?ver=1.0
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a9eafc49a373ef94089adbadee8123beaeec6f910ef9f574566e3888d2ab3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget-mobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Dec 2019 05:43:37 GMT
server
cloudflare
age
5373023
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htl6iv8TnurfEzcaI9gzztBSGgWmd4LduffsphKRW6p1VYs6owbUKJqizx%2BmDZuR3nHubdGjed2wP8IEHGgbk1fgSMBkJ6fiDRo45aLf9PkV0FaivX7FZvUATLeFd9L3U%2FBxjXayfus%2F2XVw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb16baa6927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 22 Aug 2022 21:43:07 GMT
conditionizr-4.3.0.min.js
dgtonline.net/wp-content/themes/html5blank-stable/js/lib/ Frame FE99 		1 KB
893 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-content/themes/html5blank-stable/js/lib/conditionizr-4.3.0.min.js?ver=4.3.0
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ef7d832fabc0394a37115aca932aeeacc791cca46bdc6503e4cf8e07911ca90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget-mobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Dec 2019 05:43:37 GMT
server
cloudflare
age
5373023
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ki8KkbXBbP%2BvsKdohbbS6G6iAQZ7CUO0RDIlQT1Az5Yw7qEmeD5oyvre3%2FfHZTkNyToiOX7L4owRMlWlNvcAHcthh6XbRcT5Y0yLwJVVu2DpaVmbmsM3z2Fka4hbPVoymKIimq9Azfx7bFwC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb16bb06927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 22 Aug 2022 21:43:07 GMT
modernizr-2.7.1.min.js
dgtonline.net/wp-content/themes/html5blank-stable/js/lib/ Frame FE99 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-content/themes/html5blank-stable/js/lib/modernizr-2.7.1.min.js?ver=2.7.1
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b2a741489fb323cd96e2b546693ca1fc7151cfa0f2111eee4dd512e6b359941

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget-mobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Dec 2019 05:43:37 GMT
server
cloudflare
age
5373023
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fs6LwP00ed24f9BxI1TJMm5Bva22jdMVBJWExnYmWLq2AV5i0XLpbrMbOjj7WWPOzU3x24bEgjNABwb7BdDvtCLvmos3qZNhJ81SuNKwq7IxoI4jNoEbsc6NVaqrdWe5uSXzDmIPLSRS2rMO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb17bbe6927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 22 Aug 2022 21:43:07 GMT
jquery.min.js
dgtonline.net/wp-includes/js/jquery/ Frame FE99 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget-mobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 16:17:27 GMT
server
cloudflare
age
4817650
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMP2ZXInNWeiWT7n%2BV9PpRvqO0DUMBamujlaPXMtMx3FegwHkh1jHNt05ndRuMUag3vbS969peLbFf%2Be%2FJBR5fWEE2n6qfwsaNIO5wdfNzlHsiX%2B2q10ZgjMBTG6VnCEJSSVBKK3MZJrZKRo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb17bb96927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 29 Aug 2022 07:59:20 GMT
jquery-migrate.min.js
dgtonline.net/wp-includes/js/jquery/ Frame FE99 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget-mobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 16:17:27 GMT
server
cloudflare
age
4817650
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnGgQwfppCZxaJzPOQLJLxTt8Y%2FO2gn0oJei1nDH8yDFeixzWOge7wdfxaS50RMZvNWu4kj6ImxeRZs2Bv5OyGHiN7XkRpomWErnDaL8Itt6wzzeWxH6gVIVHw0vWhIFGk%2BGEFUb3QIWEsU%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb16bb46927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 29 Aug 2022 07:59:20 GMT
scripts.js
dgtonline.net/wp-content/themes/html5blank-stable/js/ Frame FE99 		131 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-content/themes/html5blank-stable/js/scripts.js?ver=1.0.0
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b1e89b0313b3bfa1ab3c7a637515144dd9cc3cbf8fd56d053cf3e26cfec578

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget-mobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Dec 2019 05:43:37 GMT
server
cloudflare
age
5373023
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKAngAxNCJB78m%2Bpv20jfXvpSqCH0Bv0oPSdAXGP1ZGxks%2FHK9F2drUxOhuObRrVe2RvLfvqWPOP5PwNoxeQxJE4E3iC6f52uX47B9jB0h6kU03MjYuYN4hIjxqaX70vPhxpzvaTnp4qREeL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb17bc06927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 22 Aug 2022 21:43:07 GMT
logo.svg
dgtonline.net/wp-content/themes/html5blank-stable/img/ Frame FE99 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dgtonline.net/wp-content/themes/html5blank-stable/img/logo.svg
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20da0f3025718c756c87eeff8a425b5dc8463a48850b3333f1ab5a83e2da45b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget-mobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Dec 2019 05:43:37 GMT
server
cloudflare
age
177993
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4qrH%2BMztLK9I%2F6rAb%2FcNUh0jzBx8HXpd%2FOomedF7TFx6XRmkMmydSt06UgRqRoNGnR2EIVLxTXmGygpavOp5%2FdYGTF%2BwF1hDUzTB6okbnwLndwHj%2Fw3kOcus%2Bj7yL49JXcl0ftAlRppRQxo"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=2628000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb24cb86927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 21 Nov 2021 00:46:57 GMT
style.css
dgtonline.net/wp-content/plugins/weatherservice/css/ Frame FE99 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-content/plugins/weatherservice/css/style.css?ver=031020
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
746f73b7567b31378fda3e0dc0495aaa2ab6577dbdcbe65c55dc0959073f7739

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget-mobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Jun 2021 18:28:52 GMT
server
cloudflare
age
5365678
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsPEyyMTdFo1CazXe8KUtvJHwbZlwIr2DnkoL4GxtNarbqOgU9wMbQcIs7atiKIryaDxU5rhRFJwhTQvFd5%2Fw%2FAiTjbAoCL93co1ZznaIuaFDA2X3zxATR%2FCYdKZHbiaE2cxewCC06ZL8Nko"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb23c9e6927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 22 Aug 2022 23:45:32 GMT
media.css
dgtonline.net/wp-content/plugins/weatherservice/css/ Frame FE99 		4 KB
890 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-content/plugins/weatherservice/css/media.css?ver=031020
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96be461bff843e754832eb42870dc20c918467823e87ed9b5d9cabaf103e850c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget-mobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2020 21:39:54 GMT
server
cloudflare
age
5373019
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCJbuMFwdo0U5OZ10WyTVONE3BDxt10f6ewYC8UzY%2BI4UFz0dTsS6nFv4MNydfZx9u5j3%2BqgbE2BrvmZy5aIbTgzvpAyejdB6rwi%2F721C4Vnp7YxEymmnmfcGoZN%2B0Uvvv%2B4T9T%2F2j9LpV2p"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb23ca66927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 22 Aug 2022 21:43:11 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame FE99 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5272827
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNECeHx1fW%2FtRlDkVZCwCZXmJdJgS6DGn4pf14MKs%2BYlsl7Z0ObLbSuLn9A3ILzNWUdOfpYHsuMMCGhmRZgCEr2CUE%2BnW2Bfe4V9UwgeJnE%2Bsemzw6AhQaFmKHxts8RArcwoe4durJrM3mfy0B8CniHP"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a2fafb26d045c98-FRA
expires
Fri, 14 Oct 2022 02:13:30 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame FE99 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 14:33:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sun, 23 Oct 2022 14:33:03 GMT
34.png
dgtonline.net/wp-content/plugins/weatherservice/images/ Frame FE99 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dgtonline.net/wp-content/plugins/weatherservice/images/34.png
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f877bcb1ee7aeab0f595f46dc0f9ad358f5d39ac81b4ca8e5f46838a053dbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget-mobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
826967
x-cache-info
cached
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
48538
last-modified
Tue, 21 Apr 2020 21:39:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qf8IEAYtKtZ1JpZiU4ixCTnwiPul10et1aC9VQRgyLrg6D%2FrHjJpHu6tV4XD4O70dfjpgvwxecnzuJnoEC0hQkaKKfJswG9kseAn61g%2Fb%2BPiId6xRzeySf3LdERSCXh%2FTpeV9WwB2deApTm5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
6a2fafb24cb96927-FRA
expires
Fri, 11 Feb 2022 12:30:43 GMT
wp-embed.min.js
dgtonline.net/wp-includes/js/ Frame FE99 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget-mobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 16:18:09 GMT
server
cloudflare
age
3837016
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zCHSWC%2BbQ6nXP3YEAkti98UhUot3UGY899FCwKFCdb4rFvzowhiChOFKvIC0YBiEVi2g7GFL6au7CNandVTXqBM9XzixmDWFH9fNHgoYv53h7f%2FGE4OjssAOHHgftu6FFjgEy5T70xor86j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb24cb66927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 09 Sep 2022 16:23:13 GMT
style.min.css
dgtonline.net/wp-includes/css/dist/block-library/ Frame BDE3 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 16:16:14 GMT
server
cloudflare
age
3837016
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMrefdNJt4ZWKTGvllrDLjFxbvL51C9UbF8ghWXyLYhR9dUS0CDIC7CVMFdiiQ8rvJjKznTplwKyU0nMxiG4O8rpTopf8Rdc6Uv204D4uZlJQ4C0GoK27dNyoLSBYdiNjx4cVMTO3kqlH6%2Fk"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb16bad6927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 09 Sep 2022 16:23:13 GMT
normalize.css
dgtonline.net/wp-content/themes/html5blank-stable/ Frame BDE3 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-content/themes/html5blank-stable/normalize.css?ver=1.0
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a10844d60cd0fd12d194780a7d5521ac07b4dc525b40b9938d8e6780424f85d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Dec 2019 05:43:37 GMT
server
cloudflare
age
4567655
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbzhpdGcKQwBhOfFgWmodlIgTceuepFIor%2Bjc1GcD70EbGV8WKHwAhZTEImlIfmyTOxZ0TE77x9lhLj8ZAm1Fdf7APe2ETcF%2BxMn76JH%2B8fbz8S4eL9okXsgGJCnOotwtcTUdSRnbKKLPGYX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb16bae6927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Sep 2022 05:25:55 GMT
style.css
dgtonline.net/wp-content/themes/html5blank-stable/ Frame BDE3 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-content/themes/html5blank-stable/style.css?ver=1.0
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a9eafc49a373ef94089adbadee8123beaeec6f910ef9f574566e3888d2ab3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Dec 2019 05:43:37 GMT
server
cloudflare
age
5373023
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgzxySWZj%2BcPQHVj2MNS8MkuHpDihSlacerlFURSlEML2vQtOu%2F3u50fX7YDEil2KnsyiGr9N9TBxGwha0rLtlVb%2FmP63p1SWr71ztvKuDYPN6q4DEzeOyKVapZ1no35x6VV5HzOboUcGBeY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb16bac6927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 22 Aug 2022 21:43:07 GMT
conditionizr-4.3.0.min.js
dgtonline.net/wp-content/themes/html5blank-stable/js/lib/ Frame BDE3 		1 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-content/themes/html5blank-stable/js/lib/conditionizr-4.3.0.min.js?ver=4.3.0
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ef7d832fabc0394a37115aca932aeeacc791cca46bdc6503e4cf8e07911ca90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Dec 2019 05:43:37 GMT
server
cloudflare
age
5373023
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCstBKPdmYGuF1Mkwv5x2vnW0S6itEGECJY3pPiAHSue8Bj7OpRMoXR3AEv5JMKbdNNAshWCejjmPX%2BLSQVAF%2FNGj2bCTq2UIxAW1uBLT%2BuC0TuB5jO4Z4613Q4AZbt8096kFZf98ibPT%2Fte"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb17bb76927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 22 Aug 2022 21:43:07 GMT
modernizr-2.7.1.min.js
dgtonline.net/wp-content/themes/html5blank-stable/js/lib/ Frame BDE3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-content/themes/html5blank-stable/js/lib/modernizr-2.7.1.min.js?ver=2.7.1
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b2a741489fb323cd96e2b546693ca1fc7151cfa0f2111eee4dd512e6b359941

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Dec 2019 05:43:37 GMT
server
cloudflare
age
5373023
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B38MkSiEJe8JKpNfVVuPVsDWIHAeXnuvT0Z4EgYC4tNl3Lit2y9IiqmoNHLThoAmtz9YOtWUt9Odw%2F%2FOLASkxJ%2Bp6UHKRoP1%2FhL9WM5S5hlnVw71IbdX3N9sG6JD%2F%2B1vHvqYeXxiSLWznTlu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb16bb36927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 22 Aug 2022 21:43:07 GMT
jquery.min.js
dgtonline.net/wp-includes/js/jquery/ Frame BDE3 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 16:17:27 GMT
server
cloudflare
age
4817650
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWSfvds0dkpvw2OqpTfLY4wVfBTuGvOtA7ijp4o7LCX0a7l45yI9WRc28uYksI98ZhUsfEahvRjqNixRFIqdSP8QDdgqzyREXEFOAGMALgq%2FUits%2FOuDNnADcmJT0J8tgFBemyeg4NlykZ7s"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb17bba6927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 29 Aug 2022 07:59:20 GMT
jquery-migrate.min.js
dgtonline.net/wp-includes/js/jquery/ Frame BDE3 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 16:17:27 GMT
server
cloudflare
age
4817650
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuQ%2B8n67OTbLLTmriLR%2FVz2Yo%2BOdGURvIW4qg9%2BHb4tdMvPlEQnfsJBY57j8U0UqpXklBXc22stByZl8PU8Uu3POrzeKGIPaEJBIHzpOa9RWdnGFqP5yvLp%2FxBE2Sp1chLZakFRwsBrxTodZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb17bbc6927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 29 Aug 2022 07:59:20 GMT
scripts.js
dgtonline.net/wp-content/themes/html5blank-stable/js/ Frame BDE3 		131 B
404 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-content/themes/html5blank-stable/js/scripts.js?ver=1.0.0
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b1e89b0313b3bfa1ab3c7a637515144dd9cc3cbf8fd56d053cf3e26cfec578

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Dec 2019 05:43:37 GMT
server
cloudflare
age
5373023
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDb83vD42YEpOOwjm4Wms1agVzKK0IwapJaiYtevR5yrapbu%2FkZqv1AYa9dBA79WYh8d2yrcjE4Kem%2BFzlZ3yO0lbsc%2B0cJRiuQu5H%2FwyXC%2FWpixcolxQb66Ty7N5zFqmZX%2FHA3VB790MK3a"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2628000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb16bb16927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 22 Aug 2022 21:43:07 GMT
logo.svg
dgtonline.net/wp-content/themes/html5blank-stable/img/ Frame BDE3 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dgtonline.net/wp-content/themes/html5blank-stable/img/logo.svg
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20da0f3025718c756c87eeff8a425b5dc8463a48850b3333f1ab5a83e2da45b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Dec 2019 05:43:37 GMT
server
cloudflare
age
177993
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvWdTwpHwn5bYCG3KPoMox7ttkJQMwA7n62f1FtvCiIS9dH0USRKONDsg5FeNfW5cc5B7UBhKp7OreT%2BsrZ5g54s1t9ot8or0kBiBsTA6amgjKitXg6Qt2OY9uQvf9rMYyy3Bm6OgsyOhXtn"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=2628000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb24cbd6927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 21 Nov 2021 00:46:57 GMT
style.css
dgtonline.net/wp-content/plugins/weatherservice/css/ Frame BDE3 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-content/plugins/weatherservice/css/style.css?ver=031020
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
746f73b7567b31378fda3e0dc0495aaa2ab6577dbdcbe65c55dc0959073f7739

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Jun 2021 18:28:52 GMT
server
cloudflare
age
5365678
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VIcM7DNq%2BVQY9moMZhW51nJScoe40DamruVjKKEeDHbrNNBvHTKqbdUur0Zwz%2BLHa7n%2Bg%2Bu0L4YTjWrNd%2BzuRrTfxvXjR2t9TsswaDq1bAubZJ4b%2FzVozDdAQRv1R2h0J9WGEs738DPvRmy"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb21c806927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 22 Aug 2022 23:45:32 GMT
media.css
dgtonline.net/wp-content/plugins/weatherservice/css/ Frame BDE3 		4 KB
835 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-content/plugins/weatherservice/css/media.css?ver=031020
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96be461bff843e754832eb42870dc20c918467823e87ed9b5d9cabaf103e850c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2020 21:39:54 GMT
server
cloudflare
age
5373019
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXgB3QezF%2F97d2WMSZh5h8h8fahH90zLH463P2gR2cUZz1aOK65V3fb8hOJ9IrzAmgOb0XTDfrFmNDLHuiy30sXcXFfd4hSjVbTwFfauV6ytwnX4jVgDvTmnZFtGRSZXXx8zL9JgtlnzvSGV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2628000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb24cb76927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 22 Aug 2022 21:43:11 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame BDE3 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5272827
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cs9IZ6%2FMM8wYlcC0LmaOprRU3lWEbW6i98xozed3KRRcFGFvBEhJijNwW23zD31%2FD9UrnWtiPI3UdAjHgrejIXqVSqo2cvPAqdKrIBNAG7r%2FVjvr1AhH46OmeFLeTcBIvDww%2F7NzsLUB1MzF9Ix2XtJU"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a2fafb26d055c98-FRA
expires
Fri, 14 Oct 2022 02:13:30 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame BDE3 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 14:33:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sun, 23 Oct 2022 14:33:03 GMT
34.png
dgtonline.net/wp-content/plugins/weatherservice/images/ Frame BDE3 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dgtonline.net/wp-content/plugins/weatherservice/images/34.png
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f877bcb1ee7aeab0f595f46dc0f9ad358f5d39ac81b4ca8e5f46838a053dbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
826967
x-cache-info
cached
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
48538
last-modified
Tue, 21 Apr 2020 21:39:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEvKrPIfTNBWfZFe2EFHYqc%2FXcbiehs3x78H6TO6NmKsP37SZTLDx4HAvR4ZWrnlAaMm38hI7fLDNYJzFiWpWF7IsaLsviKLt5xaInjZLzmLn0Bymu2gAxc6lZtwyvTDQt8Gh064H7FA5le%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
6a2fafb24cbe6927-FRA
expires
Fri, 11 Feb 2022 12:30:43 GMT
wp-embed.min.js
dgtonline.net/wp-includes/js/ Frame BDE3 		1 KB
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dgtonline.net/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/mini-widget/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 16:18:09 GMT
server
cloudflare
age
3837016
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C99KBu1wMOZft%2BSCq7NI9SvANX6E2UDoMj8x6kjvX3iPbUcO1gzGln3fFkERbDIEXi%2FHB%2BgEsHy0iQB5Q9jov7gheizsrTPxq8o%2BJX1yq6GMyMG8fux4UzcBcU9Ln9kaFGjWV4kc1BTr2Qo%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fafb24cbb6927-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 09 Sep 2022 16:23:13 GMT
sweetalert2.all.min.js
cdn.jsdelivr.net/npm/sweetalert2@10.0.2/dist/ Frame DC75 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@10.0.2/dist/sweetalert2.all.min.js
Requested by
Host: engine.univtec.com
URL: https://engine.univtec.com/embed-akamai.php?params=dXJsPTc0RDdzcFRhUkV5REU4Q1dLblhkV1EmdWE9VUEtMjMxMDkxNzMtMSZ2YXN0PWh0dHBzJTNBJTJGJTJGcHViYWRzLmcuZG91YmxlY2xpY2submV0JTJGZ2FtcGFkJTJGYWRzJTNGaXUlM0QlMkY0MzQ1OTI3MSUyRmVuZ2luZW1lZGlhbGl2ZSUyRnNzLVdLQlQlMjZkZXNjcmlwdGlvbl91cmwlM0QlMjUlMjVSRUZFUlJFUl9VUkxfRVNDJTI1JTI1JTI2dGZjZCUzRDAlMjZucGElM0QwJTI2c3olM0Q2NDB4NDgwJTI2bWluX2FkX2R1cmF0aW9uJTNEMCUyNm1heF9hZF9kdXJhdGlvbiUzRDYwMDAwJTI2Z2RmcF9yZXElM0QxJTI2b3V0cHV0JTNEdmFzdCUyNnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0JTNEMSUyNmVudiUzRHZwJTI2aW1wbCUzRHMlMjZjb3JyZWxhdG9yJTNEJTI1JTI1Q0FDSEVCVVNURVIlMjUlMjUmdGl0bGVFdmVudD1XS0JUJTJGTmV3czgwMDAuY29tJmNhdGVnb3J5PVZpZGVv%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28cbc62defd6b0e423b7cb16098a18861300be5117f487445671c70f7f1d81b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://engine.univtec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3839217
x-jsd-version
10.0.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19173-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1082d-6F9SFnLnoodi62kt2SBwb5LFivM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6a2fafafdcb90625-FRA
adblockDetector.js
engine.univtec.com/ Frame DC75 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engine.univtec.com/adblockDetector.js
Requested by
Host: engine.univtec.com
URL: https://engine.univtec.com/embed-akamai.php?params=dXJsPTc0RDdzcFRhUkV5REU4Q1dLblhkV1EmdWE9VUEtMjMxMDkxNzMtMSZ2YXN0PWh0dHBzJTNBJTJGJTJGcHViYWRzLmcuZG91YmxlY2xpY2submV0JTJGZ2FtcGFkJTJGYWRzJTNGaXUlM0QlMkY0MzQ1OTI3MSUyRmVuZ2luZW1lZGlhbGl2ZSUyRnNzLVdLQlQlMjZkZXNjcmlwdGlvbl91cmwlM0QlMjUlMjVSRUZFUlJFUl9VUkxfRVNDJTI1JTI1JTI2dGZjZCUzRDAlMjZucGElM0QwJTI2c3olM0Q2NDB4NDgwJTI2bWluX2FkX2R1cmF0aW9uJTNEMCUyNm1heF9hZF9kdXJhdGlvbiUzRDYwMDAwJTI2Z2RmcF9yZXElM0QxJTI2b3V0cHV0JTNEdmFzdCUyNnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0JTNEMSUyNmVudiUzRHZwJTI2aW1wbCUzRHMlMjZjb3JyZWxhdG9yJTNEJTI1JTI1Q0FDSEVCVVNURVIlMjUlMjUmdGl0bGVFdmVudD1XS0JUJTJGTmV3czgwMDAuY29tJmNhdGVnb3J5PVZpZGVv%22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.197.28.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-28-239.compute-1.amazonaws.com
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38 /
Resource Hash
b93423f18ba63f3282ce4969c0703d17e870a3ece31aab2fe5df224a44912d72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://engine.univtec.com/embed-akamai.php?params=dXJsPTc0RDdzcFRhUkV5REU4Q1dLblhkV1EmdWE9VUEtMjMxMDkxNzMtMSZ2YXN0PWh0dHBzJTNBJTJGJTJGcHViYWRzLmcuZG91YmxlY2xpY2submV0JTJGZ2FtcGFkJTJGYWRzJTNGaXUlM0QlMkY0MzQ1OTI3MSUyRmVuZ2luZW1lZGlhbGl2ZSUyRnNzLVdLQlQlMjZkZXNjcmlwdGlvbl91cmwlM0QlMjUlMjVSRUZFUlJFUl9VUkxfRVNDJTI1JTI1JTI2dGZjZCUzRDAlMjZucGElM0QwJTI2c3olM0Q2NDB4NDgwJTI2bWluX2FkX2R1cmF0aW9uJTNEMCUyNm1heF9hZF9kdXJhdGlvbiUzRDYwMDAwJTI2Z2RmcF9yZXElM0QxJTI2b3V0cHV0JTNEdmFzdCUyNnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0JTNEMSUyNmVudiUzRHZwJTI2aW1wbCUzRHMlMjZjb3JyZWxhdG9yJTNEJTI1JTI1Q0FDSEVCVVNURVIlMjUlMjUmdGl0bGVFdmVudD1XS0JUJTJGTmV3czgwMDAuY29tJmNhdGVnb3J5PVZpZGVv%22
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:30 GMT
Last-Modified
Tue, 15 Sep 2020 19:36:52 GMT
Server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/5.5.38
ETag
"35b9-5af5f45e05c50"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
13753
ssusersync
vid.springserve.com/ Frame DC75 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/ssusersync
Requested by
Host: engine.univtec.com
URL: https://engine.univtec.com/embed-akamai.php?params=dXJsPTc0RDdzcFRhUkV5REU4Q1dLblhkV1EmdWE9VUEtMjMxMDkxNzMtMSZ2YXN0PWh0dHBzJTNBJTJGJTJGcHViYWRzLmcuZG91YmxlY2xpY2submV0JTJGZ2FtcGFkJTJGYWRzJTNGaXUlM0QlMkY0MzQ1OTI3MSUyRmVuZ2luZW1lZGlhbGl2ZSUyRnNzLVdLQlQlMjZkZXNjcmlwdGlvbl91cmwlM0QlMjUlMjVSRUZFUlJFUl9VUkxfRVNDJTI1JTI1JTI2dGZjZCUzRDAlMjZucGElM0QwJTI2c3olM0Q2NDB4NDgwJTI2bWluX2FkX2R1cmF0aW9uJTNEMCUyNm1heF9hZF9kdXJhdGlvbiUzRDYwMDAwJTI2Z2RmcF9yZXElM0QxJTI2b3V0cHV0JTNEdmFzdCUyNnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0JTNEMSUyNmVudiUzRHZwJTI2aW1wbCUzRHMlMjZjb3JyZWxhdG9yJTNEJTI1JTI1Q0FDSEVCVVNURVIlMjUlMjUmdGl0bGVFdmVudD1XS0JUJTJGTmV3czgwMDAuY29tJmNhdGVnb3J5PVZpZGVv%22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.159.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-159-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8f57c27c59dd99a164f294f700e0bb210f118b46190fba22c7c96b4b41ec5f90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://engine.univtec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Oct 2021 02:13:30 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
4651
content-type
application/javascript
jquery-1.12.4.min.js
code.jquery.com/ Frame DC75 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: engine.univtec.com
URL: https://engine.univtec.com/embed-akamai.php?params=dXJsPTc0RDdzcFRhUkV5REU4Q1dLblhkV1EmdWE9VUEtMjMxMDkxNzMtMSZ2YXN0PWh0dHBzJTNBJTJGJTJGcHViYWRzLmcuZG91YmxlY2xpY2submV0JTJGZ2FtcGFkJTJGYWRzJTNGaXUlM0QlMkY0MzQ1OTI3MSUyRmVuZ2luZW1lZGlhbGl2ZSUyRnNzLVdLQlQlMjZkZXNjcmlwdGlvbl91cmwlM0QlMjUlMjVSRUZFUlJFUl9VUkxfRVNDJTI1JTI1JTI2dGZjZCUzRDAlMjZucGElM0QwJTI2c3olM0Q2NDB4NDgwJTI2bWluX2FkX2R1cmF0aW9uJTNEMCUyNm1heF9hZF9kdXJhdGlvbiUzRDYwMDAwJTI2Z2RmcF9yZXElM0QxJTI2b3V0cHV0JTNEdmFzdCUyNnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0JTNEMSUyNmVudiUzRHZwJTI2aW1wbCUzRHMlMjZjb3JyZWxhdG9yJTNEJTI1JTI1Q0FDSEVCVVNURVIlMjUlMjUmdGl0bGVFdmVudD1XS0JUJTJGTmV3czgwMDAuY29tJmNhdGVnb3J5PVZpZGVv%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://engine.univtec.com/
Origin
https://engine.univtec.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 17:18:54 GMT
server
nginx
etag
"573f46fe-17b8b"
vary
Accept-Encoding
x-hw
1635041610.dop206.ml1.t,1635041610.cds009.ml1.hn,1635041610.cds214.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33738
player.esi
amp.akamaized.net/hosted/1.1/ Frame DC75 		271 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/hosted/1.1/player.esi?apikey=univtec.trial&version=9.1.1
Requested by
Host: engine.univtec.com
URL: https://engine.univtec.com/embed-akamai.php?params=dXJsPTc0RDdzcFRhUkV5REU4Q1dLblhkV1EmdWE9VUEtMjMxMDkxNzMtMSZ2YXN0PWh0dHBzJTNBJTJGJTJGcHViYWRzLmcuZG91YmxlY2xpY2submV0JTJGZ2FtcGFkJTJGYWRzJTNGaXUlM0QlMkY0MzQ1OTI3MSUyRmVuZ2luZW1lZGlhbGl2ZSUyRnNzLVdLQlQlMjZkZXNjcmlwdGlvbl91cmwlM0QlMjUlMjVSRUZFUlJFUl9VUkxfRVNDJTI1JTI1JTI2dGZjZCUzRDAlMjZucGElM0QwJTI2c3olM0Q2NDB4NDgwJTI2bWluX2FkX2R1cmF0aW9uJTNEMCUyNm1heF9hZF9kdXJhdGlvbiUzRDYwMDAwJTI2Z2RmcF9yZXElM0QxJTI2b3V0cHV0JTNEdmFzdCUyNnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0JTNEMSUyNmVudiUzRHZwJTI2aW1wbCUzRHMlMjZjb3JyZWxhdG9yJTNEJTI1JTI1Q0FDSEVCVVNURVIlMjUlMjUmdGl0bGVFdmVudD1XS0JUJTJGTmV3czgwMDAuY29tJmNhdGVnb3J5PVZpZGVv%22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:7100::1720:ee33 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c59d4419f3446bf2a79524e54a076f29bbad72a689374cc2737b71b865f23c93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://engine.univtec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:31 GMT
Content-Encoding
gzip
PROTO
https
Server
AkamaiNetStorage
ETag
"22c8e983ad99cc0570d21c8e586cb8e9:1597899815"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
usersync
vid-io-dub.springserve.com/ Frame DC75
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8593&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000014%26uuid%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8593&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000014%26uuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=fb70fb76-346f-11...
  • https://vid-io-dub.springserve.com/usersync?aid=1000014&uuid=fb70fb2b-346f-11ec-88a7-10b91cd50106
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/usersync?aid=1000014&uuid=fb70fb2b-346f-11ec-88a7-10b91cd50106
Requested by
Host: engine.univtec.com
URL: https://engine.univtec.com/embed-akamai.php?params=dXJsPTc0RDdzcFRhUkV5REU4Q1dLblhkV1EmdWE9VUEtMjMxMDkxNzMtMSZ2YXN0PWh0dHBzJTNBJTJGJTJGcHViYWRzLmcuZG91YmxlY2xpY2submV0JTJGZ2FtcGFkJTJGYWRzJTNGaXUlM0QlMkY0MzQ1OTI3MSUyRmVuZ2luZW1lZGlhbGl2ZSUyRnNzLVdLQlQlMjZkZXNjcmlwdGlvbl91cmwlM0QlMjUlMjVSRUZFUlJFUl9VUkxfRVNDJTI1JTI1JTI2dGZjZCUzRDAlMjZucGElM0QwJTI2c3olM0Q2NDB4NDgwJTI2bWluX2FkX2R1cmF0aW9uJTNEMCUyNm1heF9hZF9kdXJhdGlvbiUzRDYwMDAwJTI2Z2RmcF9yZXElM0QxJTI2b3V0cHV0JTNEdmFzdCUyNnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0JTNEMSUyNmVudiUzRHZwJTI2aW1wbCUzRHMlMjZjb3JyZWxhdG9yJTNEJTI1JTI1Q0FDSEVCVVNURVIlMjUlMjUmdGl0bGVFdmVudD1XS0JUJTJGTmV3czgwMDAuY29tJmNhdGVnb3J5PVZpZGVv%22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.202.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-202-1.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://engine.univtec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Oct 2021 02:13:30 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
content-type
image/gif

Redirect headers

Date
Sun, 24 Oct 2021 02:13:30 GMT
Server
nginx
Location
https://vid-io-dub.springserve.com/usersync?aid=1000014&uuid=fb70fb2b-346f-11ec-88a7-10b91cd50106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
52
Connection
keep-alive
Content-Length
0
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: wpcdn.us-east-1.vip.tn-cloud.net
URL: https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/plugins/gtx-ad-manager/ad-manager-aps.js?ver=2019.11.19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi
content-encoding
gzip
etag
e2b905aea413c4d7479fb2bb9cbc6c65
age
759
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1CVP4K4VTF7ZGNX1GMS1
date
Sun, 24 Oct 2021 02:03:24 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
isDKMQhMmDehIZY_Fpg4boXIFrC7dn_PgfxBO9Wy_5NvefCyTDj_-Q==
polyfill.js
cdn.polyfill.io/v2/ 		420 B
314 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.js?features=IntersectionObserver&ver=2019.11.19
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::282 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c068d2ebef10d7d53bb79442b12c6fcb754a6bf9a005bc1e5f9dd5a553e081c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
2073233
detected-user-agent
Chrome Mobile/93.0.4577
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=0
content-length
213
referrer-policy
origin-when-cross-origin
last-modified
Wed, 29 Sep 2021 18:29:17 GMT
date
Sun, 24 Oct 2021 02:13:30 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/93.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
recaptcha__de.js
www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/ 		346 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dda2aba38252dcb4fde2222ecdcf5806f23fc3e9400f310f0ee1927329243c78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.news8000.com/
Origin
https://www.news8000.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:51:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
138388
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 04:02:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Sun, 23 Oct 2022 16:51:47 GMT
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
gzip
etag
"XUylRaJiJNdi08iU32oNYQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sun, 31 Oct 2021 02:13:30 GMT
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
js
www.googletagmanager.com/gtag/ 		73 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ebd031eaf39d8b9d8ca3ae8d125f3b06988385df29c13409b4ce517ce5fcdc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29683
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Oct 2021 02:13:30 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-23109173-1&cid=1323862419.1635041610&jid=2020945736&gjid=264238168&_gid=232399919.1635041610&_u=YGBAgEABAAAAAE~&z=1486356062
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 24 Oct 2021 02:13:30 GMT
content-type
text/plain
access-control-allow-origin
https://www.news8000.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&aip=1&a=1543060529&t=pageview&_s=1&dl=https%3A%2F%2Fwww.news8000.com%2F&ul=en-us&de=UTF-8&dt=!Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=2020945736&gjid=264238168&cid=1323862419.1635041610&tid=UA-23109173-1&_gid=232399919.1635041610&gtm=2wgak0K8H6L3P&cd1=6&cd2=!Homepage&cd4=implementations&cd6=page&cd7=No&cd8=No&cd10=No&cd11=No&z=2117472528
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 13:50:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44606
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
ghb.adtelligent.com/geo/ 		141 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/wrapper_hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
3fae299156a4379d8c80f48392968c676f5ab1bb78b5df6de64399ba0979a92a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.news8000.com
Date
Sun, 24 Oct 2021 02:13:29 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
141
Content-Type
application/json
tracking
ghb.adtelligent.com/adunit/ 		43 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=450266&site_id=11887&full_page_url=https%3A%2F%2Fwww.news8000.com%2F&adid=4lk4st.ou&vpbv=0859&lifecycle_tte=2036
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/wrapper_hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.news8000.com
Date
Sun, 24 Oct 2021 02:13:29 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
show_pla
obs.cheqzone.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.news8000.com%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=64127200162500061598100092510051530618416675550422780822226004070810&nc=0&tsf=0&tsfmi=&pv=0&cb=1635041610500&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=220482090&at=&bid=e30%3D&di=W1siZWYiLDgzMzldLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NDAsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxMTEz%0D%0ANjE1MTIsXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjgsZVlYVlgxUHJ4Mk8rZTJhWm5NcEJkSUFSS0tWRUVRSWdLQ2RK%0D%0AWGVCQkVRUklxaUlDMThxRFJGa041Q0M0clNmaUpTcEFvSVJPbVFRaEpTU005TVpqSnp5eWw3NzdX%0D%0AL1o1MTd6OCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6%0D%0AZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCJ7XCJvXCI6MH0i%0D%0AXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJb%0D%0AMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwx%0D%0ANjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIxMzIzODYyNDE5LjE2MzUwNDE2%0D%0AMTAiXSxbLTIxLCJYZmZ4Ym5GbiJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0y%0D%0ANCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjMzMTAwMDAwLFwidWpoc1wiOjI5NDAw%0D%0AMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsOS4xLDAsXCI0Z1wiLG51bGxdIl0s%0D%0AWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAs%0D%0AMCwyLDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJd%0D%0ALFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2MzUwNDE2MTA0NDgsMF0iXSxbLTM2LCJbXCI0%0D%0ALzNcIixcIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsMzE5LDAs%0D%0AMSwwLDAsMTg2LDI0NywxMTM0LDAsMTQ1NS40LDE0NTUuNCwyMTIwLDIxMjAiXSxbLTM5LCJbXCIy%0D%0AMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGws%0D%0AdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3%0D%0ANjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0s%0D%0AWy00NSwiNjIwLDY3OCwwLDAsMCw1NjEsMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCww%0D%0ALDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1V%0D%0AUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiwxMjRdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A1600%2C%22h%22%3A5270%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=vsdQf9UQu4&sdd=%7B%7D&pto=2173
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
675ce971fcf5daf592e564dfda949084b343630e231c2c9860e3314ead34d987

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
gzip
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length
1399
expires
Fri, 01 Jan 1990 00:00:00 GMT
14048
rtb.gumgum.com/usync/ Frame 98EF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by
Host: vid.springserve.com
URL: https://vid.springserve.com/ssusersync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
742a47f2d330d112ae4e22fbe089b755f23359c3262b1e449af6d16819652533

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://engine.univtec.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://engine.univtec.com/

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_ce4fc4d9-a2a4-4b58-9990-7437e58937cc; Domain=.gumgum.com; Expires=Mon, 24-Oct-2022 02:13:30 GMT; Path=/; Secure; SameSite=None
etag
W/"041e9a4772f8dd87fd2f4397135e14add"
timing-allow-origin
*
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BE68 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by
Host: vid.springserve.com
URL: https://vid.springserve.com/ssusersync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://engine.univtec.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://engine.univtec.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=170054
expires
Tue, 26 Oct 2021 01:27:44 GMT
date
Sun, 24 Oct 2021 02:13:30 GMT
vary
Accept-Encoding
usersync
sync.springserve.com/ Frame DC75
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=8944076163001898924
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=8944076163001898924
Requested by
Host: engine.univtec.com
URL: https://engine.univtec.com/embed-akamai.php?params=dXJsPTc0RDdzcFRhUkV5REU4Q1dLblhkV1EmdWE9VUEtMjMxMDkxNzMtMSZ2YXN0PWh0dHBzJTNBJTJGJTJGcHViYWRzLmcuZG91YmxlY2xpY2submV0JTJGZ2FtcGFkJTJGYWRzJTNGaXUlM0QlMkY0MzQ1OTI3MSUyRmVuZ2luZW1lZGlhbGl2ZSUyRnNzLVdLQlQlMjZkZXNjcmlwdGlvbl91cmwlM0QlMjUlMjVSRUZFUlJFUl9VUkxfRVNDJTI1JTI1JTI2dGZjZCUzRDAlMjZucGElM0QwJTI2c3olM0Q2NDB4NDgwJTI2bWluX2FkX2R1cmF0aW9uJTNEMCUyNm1heF9hZF9kdXJhdGlvbiUzRDYwMDAwJTI2Z2RmcF9yZXElM0QxJTI2b3V0cHV0JTNEdmFzdCUyNnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0JTNEMSUyNmVudiUzRHZwJTI2aW1wbCUzRHMlMjZjb3JyZWxhdG9yJTNEJTI1JTI1Q0FDSEVCVVNURVIlMjUlMjUmdGl0bGVFdmVudD1XS0JUJTJGTmV3czgwMDAuY29tJmNhdGVnb3J5PVZpZGVv%22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.202.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-202-1.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://engine.univtec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Oct 2021 02:13:30 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:30 GMT
X-Proxy-Origin
185.232.23.182; 185.232.23.182; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e9793dbf-3098-4c5e-862e-b5b746f74302
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=8944076163001898924
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
syncb
sync.bfmio.com/ Frame DC75 		0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/syncb?pid=111&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: engine.univtec.com
URL: https://engine.univtec.com/embed-akamai.php?params=dXJsPTc0RDdzcFRhUkV5REU4Q1dLblhkV1EmdWE9VUEtMjMxMDkxNzMtMSZ2YXN0PWh0dHBzJTNBJTJGJTJGcHViYWRzLmcuZG91YmxlY2xpY2submV0JTJGZ2FtcGFkJTJGYWRzJTNGaXUlM0QlMkY0MzQ1OTI3MSUyRmVuZ2luZW1lZGlhbGl2ZSUyRnNzLVdLQlQlMjZkZXNjcmlwdGlvbl91cmwlM0QlMjUlMjVSRUZFUlJFUl9VUkxfRVNDJTI1JTI1JTI2dGZjZCUzRDAlMjZucGElM0QwJTI2c3olM0Q2NDB4NDgwJTI2bWluX2FkX2R1cmF0aW9uJTNEMCUyNm1heF9hZF9kdXJhdGlvbiUzRDYwMDAwJTI2Z2RmcF9yZXElM0QxJTI2b3V0cHV0JTNEdmFzdCUyNnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0JTNEMSUyNmVudiUzRHZwJTI2aW1wbCUzRHMlMjZjb3JyZWxhdG9yJTNEJTI1JTI1Q0FDSEVCVVNURVIlMjUlMjUmdGl0bGVFdmVudD1XS0JUJTJGTmV3czgwMDAuY29tJmNhdGVnb3J5PVZpZGVv%22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.82.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-82-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://engine.univtec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 24 Oct 2021 02:13:31 GMT
um
cs.emxdgt.com/ Frame DC75 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Requested by
Host: engine.univtec.com
URL: https://engine.univtec.com/embed-akamai.php?params=dXJsPTc0RDdzcFRhUkV5REU4Q1dLblhkV1EmdWE9VUEtMjMxMDkxNzMtMSZ2YXN0PWh0dHBzJTNBJTJGJTJGcHViYWRzLmcuZG91YmxlY2xpY2submV0JTJGZ2FtcGFkJTJGYWRzJTNGaXUlM0QlMkY0MzQ1OTI3MSUyRmVuZ2luZW1lZGlhbGl2ZSUyRnNzLVdLQlQlMjZkZXNjcmlwdGlvbl91cmwlM0QlMjUlMjVSRUZFUlJFUl9VUkxfRVNDJTI1JTI1JTI2dGZjZCUzRDAlMjZucGElM0QwJTI2c3olM0Q2NDB4NDgwJTI2bWluX2FkX2R1cmF0aW9uJTNEMCUyNm1heF9hZF9kdXJhdGlvbiUzRDYwMDAwJTI2Z2RmcF9yZXElM0QxJTI2b3V0cHV0JTNEdmFzdCUyNnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0JTNEMSUyNmVudiUzRHZwJTI2aW1wbCUzRHMlMjZjb3JyZWxhdG9yJTNEJTI1JTI1Q0FDSEVCVVNURVIlMjUlMjUmdGl0bGVFdmVudD1XS0JUJTJGTmV3czgwMDAuY29tJmNhdGVnb3J5PVZpZGVv%22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://engine.univtec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-length
0
content-type
text/html
usermatchredir
ssum.casalemedia.com/ Frame DC75 		0
0
sync
pixel.advertising.com/ups/58185/ Frame DC75 		0
0
prebid
rtb.openx.net/sync/ Frame DC75 		0
0
rtset
bh.contextweb.com/ Frame DC75 		0
0
usersync
sync.springserve.com/ Frame DC75
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_...
  • https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
0
0
us.gif
sync.go.sonobi.com/ Frame DC75 		0
0
usersync
sync.springserve.com/ Frame DC75
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D1%26gdpr_consent%3D%26us_privac...
  • https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=fb70fb2b-346f-11ec-88a7-10b91cd50106
0
0
pubsync
pbs.publishers.tremorhub.com/ Frame DC75 		0
0
getuid
eb2.3lift.com/ Frame DC75 		0
0
pbsync
ads.yieldmo.com/ Frame DC75 		0
0
occ
ups.analytics.yahoo.com/ups/58518/ Frame DC75 		0
0
collect
www.google-analytics.com/g/ 		0
133 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7L9520XTNE&gtm=2oeak0&_p=1543060529&sr=1600x1200&ul=en-us&cid=1323862419.1635041610&_s=1&dl=https%3A%2F%2Fwww.news8000.com%2F&dt=!Homepage&sid=1635041610&sct=1&seg=0&en=page_view&_fv=1&_ss=1&epn.asset_id=6&ep.author_name=implementations
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7L9520XTNE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.news8000.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-23109173-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FZ4Q5Q&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa7ac808d4cb9a37b81926d4f74ef69f1048c69cef0e02a8915d637ea78bf2a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35759
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Oct 2021 02:13:30 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1635041610555&sessionId=ffd902f9-ca1f-2974-5960-ad6cdacfedd9&url=www.news8000.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:30 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
adf6b1f5c12154f3ae6c7d7967f3c018
Content-Length
4
Expires
0
config
c.amazon-adsystem.com/cdn/prod/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3086&u=https%3A%2F%2Fwww.news8000.com%2F
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 21:57:38 GMT
via
1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
server
Server
age
15352
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.news8000.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
OOGPAJfj73pByk7ue3sZeXXwsg3ZQiwU1JbiXAw1Z_had7yvYXMeDA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
78387
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
date
Sat, 23 Oct 2021 04:27:03 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
ASbl8OftvLlAkNjQxVRdPKkoyAwh0kehoth-YyeG6sb65WH7AnnCsg==
rules-p-155UsT_Yy1Za-.js
rules.quantcount.com/ 		3 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-155UsT_Yy1Za-.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:d600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 02:35:20 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d31.cloudfront.net (CloudFront)
age
85091
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:42:55 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
kSRWIlEHGzqvZs4fvZSwfoIzoPJP8xlAUuKCmxvtvltdm3TIVSk75A==
click-out-icon.css
s.ntv.io/css/ 		618 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/css/click-out-icon.css
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8e41a8e6b02e146fe25fa71262a12a24c80ee7e0debfcae0757a4fe6c67de5a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:30 GMT
Last-Modified
Wed, 13 Sep 2017 22:37:26 GMT
Server
AmazonS3
x-amz-request-id
880B72DFDE73E1A1
ETag
"43c31858c9aac81661d142577cb1fc68"
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
618
x-amz-id-2
oJuMSYYTkoOSfPRAwKWeUHSB/I4XdenD8NLhFAx/kTATfZPgnOYWZme29G+bjHzZ0WiWyUBL9lM=
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=1418815&ntv_pl=729212
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:30 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
080417E262A34091B76E6B9619D16A3D.jpg
ntvcld-a.akamaihd.net/image/upload/w_768,h_432,c_fill,g_auto:text,f_auto/assets/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntvcld-a.akamaihd.net/image/upload/w_768,h_432,c_fill,g_auto:text,f_auto/assets/080417E262A34091B76E6B9619D16A3D.jpg
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.107.122 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-122.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
67acfc9840a71e43d21752440989807e24c7604bf79ac449725b379ef0e5424c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:31 GMT
X-Check-Cacheable
YES
X-Serial
1189
ETag
"035d03f166d4ac979880f51e76bbcbe0"
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=1667036
Last-Modified
Sat, 26 Jun 2021 14:00:09 GMT
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
45238
Server
Akamai Image Manager
Expires
Fri, 12 Nov 2021 09:17:27 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=46,302&ntv_ui=28a6f1ac-cd80-4f7f-bc38-452f54d97c63&ntv_a=b4wGA5-BKAfCALA&ntv_fl=CF4se3gYGjAPzQcMJoAeWd5WH3oACv5dt8ZRuFE-1ISjanFPUSYOO1i182bqfGxUNngEg4qg219LD1m-5FJ2REiIhmUe3XmT01O7BwzrszgM6Yqgigs3xJF6aSDszIb6vyQeak1uBFZCk86L9L6vnPMURC8qveOP6oBsJuYXXNzdj9YnacY1vE36i-h681IcDTjk97LsRXTMVvYDVv9DMg==&ord=1318603384&ntv_ht=SsF0YQA&ntv_tad=16&ntv_it
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:30 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=729212&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:30 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
config.json
player.adtelligent.com/exchange_rates/319104/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/319104/config.json?cb=https%3A%2F%2Fwww.news8000.com%2F
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7e2053d28a5998b7c02723103200b78168f761db5ce87f5d1d3c2be139784087

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
gzip
last-modified
Sun, 24 Oct 2021 00:02:11 GMT
server
nginx/1.18.0
etag
W/"6174a283-85c"
content-type
application/json
access-control-allow-origin
https://www.news8000.com
expires
Sun, 24 Oct 2021 03:13:30 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3086&u=https%3A%2F%2Fwww.news8000.com%2F&pid=ZnVP4SkN5JtP0&cb=0&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F21745780820%2Fwkbt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F21745780820%2Fwkbt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21745780820%2Fwkbt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21745780820%2Fwkbt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%222x1%22%5D%2C%22sn%22%3A%22%2F21745780820%2Fwkbt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21745780820%2Fwkbt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F21745780820%2Fwkbt%2Fhomepage%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:31 GMT
via
1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
H28GAHC49P05W171B50G
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.news8000.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
Y9scv0P39wbo_p1cVzYBHFVIa57gzoEz81DR6KExJeic1T2eZaLAhw==
click-out-icon.ttf
s.ntv.io/font/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/font/click-out-icon.ttf?sjshwd
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/css/click-out-icon.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ee2214a948aa510978878e09453b21c85f1bcfe78a7c55412268ad85a5fb147d

Request headers

Referer
https://s.ntv.io/css/click-out-icon.css
Origin
https://www.news8000.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:30 GMT
Last-Modified
Tue, 04 Oct 2016 00:20:40 GMT
Server
AmazonS3
x-amz-request-id
AC8FC5A61A32D72F
ETag
"f587575d5d6dc5e7dc296da77fb11396"
Access-Control-Allow-Methods
GET
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
1092
x-amz-id-2
HpmlO9jp42YcpH/ytKgJ6y3WOr8NGe0HL5xeSJfJ9rdt9gQvyYNLG9CGGlqG2AwyIUAjwpZku7A=
PugMaster
image6.pubmatic.com/AdServer/ Frame BE68 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36221651&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-length
0
pixel;r=1733006917;rf=0;a=p-155UsT_Yy1Za-;url=https%3A%2F%2Fwww.news8000.com%2F;uht=2;fpan=1;fpa=P0-1896199046-1635041610758;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=news80...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1733006917;rf=0;a=p-155UsT_Yy1Za-;url=https%3A%2F%2Fwww.news8000.com%2F;uht=2;fpan=1;fpa=P0-1896199046-1635041610758;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=news8000.com;je=0;sr=1600x1200x24;dst=0;et=1635041610757;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.News8000%252Ecom%20-%20WKBT%2Cdescription.La%20Crosse%20Wisconsin%20News%252C%20La%20Crosse%20Weather%20and%20Wisconsin%20Sports%20-%20WKBT-TV%252C%20News%2Curl.https%3A%2F%2Fwww%252Enews8000%252Ecom%2F%2Csite_name.WKBT%2Cimage.https%3A%2F%2Fwpcdn%252Eus-east-1%252Evip%252Etn-cloud%252Enet%2Fwww%252Enews8000%252Ecom%2Fcontent%2Fuploads%2F2020%2F0%2Cimage%3Awidth.940%2Cimage%3Aheight.788
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
analytics.js
www.google-analytics.com/ Frame FE99 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget-mobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
776
date
Sun, 24 Oct 2021 02:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sun, 24 Oct 2021 04:00:34 GMT
analytics.js
www.google-analytics.com/ Frame BDE3 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dgtonline.net
URL: https://dgtonline.net/mini-widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dgtonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
776
date
Sun, 24 Oct 2021 02:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sun, 24 Oct 2021 04:00:34 GMT
usersync
rtb.gumgum.com/ Frame 98EF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://rtb.gumgum.com/usersync?b=apn&i=8944076163001898924
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=8944076163001898924
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:30 GMT
X-Proxy-Origin
185.232.23.182; 185.232.23.182; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5d6b8f1f-5530-463a-8f8a-b85b68485f7b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=8944076163001898924
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 98EF 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_ce4fc4d9-a2a4-4b58-9990-7437e58937cc&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-195-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame 98EF 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.22.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-22-100.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:31 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync
rtb.gumgum.com/ Frame 98EF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_ce4fc4d9-a2a4-4b58-9990-7437e58937cc&gdpr=1&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 98EF
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4075171078
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4075171078
  • https://sync.1rx.io/usersync/tradedesk/0183d758-ecd7-43a5-871a-56ca543c5b89
  • https://sync.targeting.unrulymedia.com/csync/RX-f49fde50-06d2-4f7e-a417-5f70b050a687-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-f49fde50-06d2-4f7e-a417-5f70b050a687-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-f49fde50-06d2-4f7e-a417-5f70b050a687-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-f49fde50-06d2-4f7e-a417-5f70b050a687-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-f49fde50-06d2-4f7e-a417-5f70b050a687-003
date
Sun, 24 Oct 2021 02:13:30 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf49fde5006d24f7ea4175f70b050a687003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 98EF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=6PcsG6I8HXrc&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=6PcsG6I8HXrc&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=6PcsG6I8HXrc&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7dbdc8d85d-2cdbv
expires
-1
syncUser
sync.outbrain.com/ Frame 98EF
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28bcTWRMJz77I4sCzKh-1bdnSkhjMw_tb8AD_WRpDsFx6AG3M98Mnlou1DawdFEZ1i%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_ce4fc4d9-a2a4-4b58-9990-7437e58937cc&obuid=ENC(bcTWRMJz77I4sCzKh-1bdnSkhjMw_tb8AD_WRpDsFx6AG3M98Mnlou1DawdFEZ1i)
0
0
usersync
rtb.gumgum.com/ Frame 98EF
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=0cb13d46-eafb-4500-89cc-7b4f76ab484e
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=0cb13d46-eafb-4500-89cc-7b4f76ab484e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=0cb13d46-eafb-4500-89cc-7b4f76ab484e
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 98EF 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:dabc:e8e1:b53a:329 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame 98EF
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=fbc15baf-346f-11ec-8b08-495c96b09bc0
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=fbc15baf-346f-11ec-8b08-495c96b09bc0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=fbc15baf-346f-11ec-8b08-495c96b09bc0
Date
Sun, 24 Oct 2021 02:13:30 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
fbc15bb0-346f-11ec-8b08-495c96b09bc0
services
sync.technoratimedia.com/ Frame 98EF 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.222.2 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:31 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
243804688
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 98EF 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 Albuquerque, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-length
0
server
c
usersync
rtb.gumgum.com/ Frame 98EF
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=1a8d102a-450f-455d-94c3-ed911bfd902f
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=1a8d102a-450f-455d-94c3-ed911bfd902f
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=1a8d102a-450f-455d-94c3-ed911bfd902f
date
Sun, 24 Oct 2021 02:13:30 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 98EF
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15
  • https://rtb.gumgum.com/usersync?b=sad&i=43394786434762142&gdpr=1&gdpr_consent=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sad&i=43394786434762142&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=sad&i=43394786434762142&gdpr=1&gdpr_consent=
date
Sun, 24 Oct 2021 02:13:30 GMT
content-length
0
usersync
sync.springserve.com/ Frame 98EF 		43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000004&gdpr=1&gdpr_consent=&us_privacy=&uuid=e_ce4fc4d9-a2a4-4b58-9990-7437e58937cc
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.202.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-202-1.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
content-type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C637 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=170054
expires
Tue, 26 Oct 2021 01:27:44 GMT
date
Sun, 24 Oct 2021 02:13:30 GMT
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 760C 		70 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method
GET
:authority
match.adsrvr.org
:scheme
https
:path
/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame 2548
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Oct 2021 02:13:30 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=gumgum
Date
Sun, 24 Oct 2021 02:13:30 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usersync
rtb.gumgum.com/ Frame DC2B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=a20c6174-c14a-4500-afae-8d70bd53bbb5&gdpr=1&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=a20c6174-c14a-4500-afae-8d70bd53bbb5&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=a20c6174-c14a-4500-afae-8d70bd53bbb5&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
cookie
vst=e_ce4fc4d9-a2a4-4b58-9990-7437e58937cc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sun, 24 Oct 2021 02:13:30 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 4044 0c7f252 master zrh-pixel-x27 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=a20c6174-c14a-4500-afae-8d70bd53bbb5; domain=.mathtag.com; path=/; expires=Mon, 21-Nov-2022 02:13:30 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=a20c6174-c14a-4500-afae-8d70bd53bbb5&gdpr=1&gdpr_consent=
Expires
Sun, 24 Oct 2021 02:13:29 GMT
usersync
rtb.gumgum.com/ Frame CA7D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YXTBSgAAAFt7iAAR
  • https://rtb.gumgum.com/usersync?b=atm&i=YXTBSgAAAFt7iAAR&gdpr=1&gdpr_consent=&_test=YXTBSgAAAFt7iAAR
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YXTBSgAAAFt7iAAR&gdpr=1&gdpr_consent=&_test=YXTBSgAAAFt7iAAR
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YXTBSgAAAFt7iAAR&gdpr=1&gdpr_consent=&_test=YXTBSgAAAFt7iAAR
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
cookie
vst=e_ce4fc4d9-a2a4-4b58-9990-7437e58937cc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YXTBSgAAAFt7iAAR&gdpr=1&gdpr_consent=&_test=YXTBSgAAAFt7iAAR
accept-ranges
bytes
date
Sun, 24 Oct 2021 02:13:30 GMT
via
1.1 varnish
x-served-by
cache-hhn4047-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1635041611.908722,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame E511
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jZTRmYzRkOS1hMmE0LTRiNTgtOTk5MC03NDM3ZTU4OTM3Y2M=&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jZTRmYzRkOS1hMmE0LTRiNTgtOTk5MC03NDM3ZTU4OTM3Y2M=&gdpr=1&gdpr_consent=&google_tc=
170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jZTRmYzRkOS1hMmE0LTRiNTgtOTk5MC03NDM3ZTU4OTM3Y2M=&gdpr=1&gdpr_consent=&google_tc=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV9jZTRmYzRkOS1hMmE0LTRiNTgtOTk5MC03NDM3ZTU4OTM3Y2M=&gdpr=1&gdpr_consent=&google_tc=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Sun, 24 Oct 2021 02:13:30 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jZTRmYzRkOS1hMmE0LTRiNTgtOTk5MC03NDM3ZTU4OTM3Y2M=&gdpr=1&gdpr_consent=&google_tc=
date
Sun, 24 Oct 2021 02:13:30 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
364
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 24-Oct-2021 02:28:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
/
ssc-cms.33across.com/ps/ Frame FF85 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.175 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip175.208-100-17.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Sun, 24 Oct 2021 02:13:30 GMT
um
cs.emxdgt.com/ Frame 1473 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Sun, 24 Oct 2021 02:13:30 GMT
content-length
0
idsync
tg.socdm.com/aux/ Frame 268B 		0
0
usersync
rtb.gumgum.com/ Frame 7960
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=5108559721384131550
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=5108559721384131550
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=5108559721384131550
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
cookie
vst=e_ce4fc4d9-a2a4-4b58-9990-7437e58937cc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sun, 24 Oct 2021 02:13:30 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjS2MDE0NjQ1NRDiM9Q1yDXJdQ0O8HI31Y2X4jU0MzY1MDE0A6q1NAYABhXNszQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 18 Nov 2022 02:13:30 GMT; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmxqYGJoZmhgYWkCAIrsogYQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 18 Nov 2022 02:13:30 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjS2MDE0NjQ1NRDiM9Q1yDXJdQ0O8HI31Y0HAJWCjX8lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=5108559721384131550
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 4218
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=PTWMJCKGPxQm6vJ0900O&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=PTWMJCKGPxQm6vJ0900O&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=PTWMJCKGPxQm6vJ0900O&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
cookie
vst=e_ce4fc4d9-a2a4-4b58-9990-7437e58937cc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 24 Oct 2021 02:13:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sun, 24 Oct 2021 02:13:30 GMT Sun, 24 Oct 2021 02:13:30 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=PTWMJCKGPxQm6vJ0900O&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=28&ntv_ui=28a6f1ac-cd80-4f7f-bc38-452f54d97c63&ntv_a=b4wGA5-BKAfCALA&ntv_fl=CF4se3gYGjAPzQcMJoAeWd5WH3oACv5dt8ZRuFE-1ISjanFPUSYOO1i182bqfGxUNngEg4qg219LD1m-5FJ2REiIhmUe3XmT01O7BwzrszgM6Yqgigs3xJF6aSDszIb6vyQeak1uBFZCk86L9L6vnPMURC8qveOP6oBsJuYXXNzdj9YnacY1vE36i-h681IcDTjk97LsRXTMVvYDVv9DMg==&ord=-1681662599&ntv_ht=SsF0YQA&ntv_it
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:30 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1635041610844&sessionId=ffd902f9-ca1f-2974-5960-ad6cdacfedd9&url=www.news8000.com&cheqSource=1&cheqEvent=2&responseTime=845
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:30 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
3112d65e3042e822dbbe416b2e94d1cd
Content-Length
4
Expires
0
imp.gif
obs.cheqzone.com/tracker/ 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e001369ebc731eb418b9d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d65337fd78afe6d4e3474fbd41d9bd39e922d361c45085052aae2d05f91e46042cca5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c02f0616e9656aaf970a62edc89825d957bd1fad811bc551c8c96dd82a77c3d835d27790d0bbf089bbb71e7ca02db0baa87d0733ba8530c5bd4ae7174f57825d0e80d5c38681eb923bce6a88deb5882abb292e62d228719293c3157285ba72ad01b6c04e9526fe7e431e019c35ff439cd0be71f8df78d209f2c3d0dc729f03163faf12155e71043e89ec65b3058c9fc964b59966ec9d209adabab03d9fbea7075f2dc6b80e1095e658014ca5bbb87aa73b99f641e9e02fae61a631914fc917d1a820da1c27e6c38e746c2d6a115e7e4e0bb8b39e66d31ea5001f5123fca85d9ccd5a4aabfaace5f93286b4baab94f2ebb30e1a20e904c6a4536ece&cb=1635041610843&cri=vsdQf9UQu4
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:30 GMT
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type
image/gif
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 2548 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12553
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Sun, 24 Oct 2021 05:42:43 GMT
khaos.jpg
token.rubiconproject.com/ Frame 2548 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
Content-Type
image/jpg
/
www.news8000.com/rayos/tracking/rayos-lotame/audience-extraction/ 		0
158 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.news8000.com/rayos/tracking/rayos-lotame/audience-extraction/?d=%7B%22name%22%3A%22client%22%2C%22value%22%3A%2215032%22%7D&i=1635041610051,
Requested by
Host: wpcdn.us-east-1.vip.tn-cloud.net
URL: https://wpcdn.us-east-1.vip.tn-cloud.net/www.news8000.com/content/mu-plugins/rayos-tracking//rayos-tracking.js?ver=787430dd007e3eaa5a3c8077862c07e9
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.130 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
wpapp.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode
no-cors
origin
https://www.news8000.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
_cb_ls=1; minVersion={"experiment":-1169967520,"minFlavor":"prodmi-1.13.7.12.js100"}; ga-disable-=true; minUniq=%7B%22minUID%22%3A%22427b21fd61-89edbe743b-f7d4cc8ad6-47230f6b01-1f30bfd9dd%22%7D; minSession=%7B%22minSID%22%3A%22ce12239b27-e8af4d451a-df1f6951c2-88bb7ab2f9-5b401bcc74%22%2C%22minSessionSent%22%3Atrue%7D; minDaily=%7B%22testMode%22%3Afalse%2C%22dailyUser%22%3Atrue%7D; minBuffer=%7B%22minAnalytics%22%3A%22%7B%5C%22clicks%5C%22%3A%5B%5D%7D%22%2C%22_minEE1%22%3A%22%5B%5D%22%7D; OptanonConsent=isIABGlobal=false&datestamp=Sun+Oct+24+2021+02%3A13%3A30+GMT%2B0000+(GMT)&version=6.17.0&hosts=&landingPath=https%3A%2F%2Fwww.news8000.com%2F&groups=; _gid=GA1.2.232399919.1635041610; _dc_gtm_UA-23109173-1=1; _ga_7L9520XTNE=GS1.1.1635041610.1.0.1635041610.0; ntvSession={"id":1418815,"placementID":729212,"lastInteraction":1635041610616,"sessionStart":1635041610616,"sessionEndDate":1635120000000,"experiment":""}; _ga=GA1.2.1323862419.1635041610; __qca=P0-1896199046-1635041610758
content-length
0
:path
/rayos/tracking/rayos-lotame/audience-extraction/?d=%7B%22name%22%3A%22client%22%2C%22value%22%3A%2215032%22%7D&i=1635041610051,
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
text/plain;charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
www.news8000.com
referer
https://www.news8000.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

real-hostname
www.news8000.com
x-vcache
MISS
age
0
date
Sun, 24 Oct 2021 02:13:31 GMT
content-type
application/octet-stream
cache-control
s-maxage=0, private, no-cache
accept-ranges
bytes
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=381898&zone_id=2115976&size_id=2&eid_pubcid.org=a8e818bd-99dd-4508-8c6b-9c534090247b%5E1&rf=https%3A%2F%2Fwww.news8000.com%2F&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=86ce3b9f-a873-44c4-b236-ed80680b3a84&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5704224902731974
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
73b15cb935f9b6924cdf1d30f974eeac6f3449e67ab14abba0223cc557855eef

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:31 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.news8000.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=381898&zone_id=2115978&size_id=57&eid_pubcid.org=a8e818bd-99dd-4508-8c6b-9c534090247b%5E1&rf=https%3A%2F%2Fwww.news8000.com%2F&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=86ce3b9f-a873-44c4-b236-ed80680b3a84&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.40003452682710816
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
acdf6e52a55cd2c1d3fb245665d986955330ac67dbcf798aac48afb515fc9e48

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:31 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.news8000.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=381898&zone_id=2115972&size_id=15&eid_pubcid.org=a8e818bd-99dd-4508-8c6b-9c534090247b%5E1&rf=https%3A%2F%2Fwww.news8000.com%2F&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=d4be1fd0-9fb2-4c52-a03a-4701db689de7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.42870028028968843
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f61e593d456c3d3d37d71b0c579a3a3807dd39261d96cb041931556a9c224f1f

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:31 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.news8000.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=381898&zone_id=2115972&size_id=15&eid_pubcid.org=a8e818bd-99dd-4508-8c6b-9c534090247b%5E1&rf=https%3A%2F%2Fwww.news8000.com%2F&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=419f360b-03cf-48e1-8678-9002342c8556&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3782135746541522
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f96d19b5a9c92e3060a6a5e00e81a8ea0d039ee96d485bcaaad4f12c7a547952

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:31 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.news8000.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=381898&zone_id=2115972&size_id=15&eid_pubcid.org=a8e818bd-99dd-4508-8c6b-9c534090247b%5E1&rf=https%3A%2F%2Fwww.news8000.com%2F&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=91848609-2338-4f02-a4dc-918792d7eacd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.27118686214329446
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1d756059ae28513267cbb302d12e9691dd0f5f0ba656969a163cf660deaa166a

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:31 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.news8000.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=381898&zone_id=2115976&size_id=2&eid_pubcid.org=a8e818bd-99dd-4508-8c6b-9c534090247b%5E1&rf=https%3A%2F%2Fwww.news8000.com%2F&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=25262f23-0963-44da-920b-06157380f334&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3190355841404111
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5a3e8e3e8a34540cd48e187acb1a35ed34cebf4ecbe02b51c665fca4e04997d0

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:31 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.news8000.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=381898&zone_id=2115978&size_id=57&eid_pubcid.org=a8e818bd-99dd-4508-8c6b-9c534090247b%5E1&rf=https%3A%2F%2Fwww.news8000.com%2F&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=25262f23-0963-44da-920b-06157380f334&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2727333684761153
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ad1af8b427124f2bd8fbefc456bc6b4ca6f1bba886a6d6c5b9b5cb9fd5513021

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:31 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.news8000.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
os4m-d.openx.net/w/1.0/ 		173 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.news8000.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=86ce3b9f-a873-44c4-b236-ed80680b3a84%2C86ce3b9f-a873-44c4-b236-ed80680b3a84%2Cd4be1fd0-9fb2-4c52-a03a-4701db689de7%2C419f360b-03cf-48e1-8678-9002342c8556%2C91848609-2338-4f02-a4dc-918792d7eacd%2C25262f23-0963-44da-920b-06157380f334%2C25262f23-0963-44da-920b-06157380f334&nocache=1635041611194&pubcid=a8e818bd-99dd-4508-8c6b-9c534090247b&aus=728x90%7C970x250%7C300x250%7C300x250%7C300x250%7C728x90%7C970x250&divids=ad-manager-120143%2Cad-manager-120143%2Cad-manager-118188%2Cad-manager-118188-2%2Cad-manager-118188-3%2Cad-manager-120143-2%2Cad-manager-120143-2&aucs=%2C%2C%2C%2C%2C%2C&auid=545625878%2C545625879%2C545625874%2C545625874%2C545625874%2C545625878%2C545625879
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
efd0419f9043f0534b59e83deaca4f5312077585dd1cfbbba4e1315ae461fd41

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:31 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.news8000.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:31 GMT
X-Proxy-Origin
185.232.23.182; 185.232.23.182; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
26d56e72-f830-4169-8aba-2ca413246ecf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.news8000.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.10.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-10-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/ 		25 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.18.0-pre
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b3a9c93d549d61d6848930657031cc42235e0c95f50e57ff906ce84c78685267

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 24 Oct 2021 02:13:31 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.news8000.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cygnus
htlb.casalemedia.com/ 		25 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=728001&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2271b6fd865691b25%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.news8000.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%225.18.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2274a9a6c57ae9fc1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22728001%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728002%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22728001%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2277847e24c7d1d21%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22727999%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%228230ce198068431%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22727999%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2292b4521922ee1e9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22727999%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2299f866ac75ac41a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22728001%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728002%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22728001%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%5D%7D
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
77fd6a22ebf90bcd0ba1af61ab130c9b105d4c5c1eeeea46d9545483bb2ac98e

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:31 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.182], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.news8000.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sun, 24 Oct 2021 02:13:31 GMT
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.news8000.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
colossusssp.com/ 		2 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.126 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.news8000.com
Date
Sun, 24 Oct 2021 02:13:38 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
prebid
ib.adnxs.com/ut/v3/ 		19 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:31 GMT
X-Proxy-Origin
185.232.23.182; 185.232.23.182; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e193bcb5-3240-4d16-b523-305812ac6410
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.news8000.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
651eea7ea74cd7d4ffef959d4693b6dc64c7f1880a3eca576eb05148555cb03c

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 02:13:31 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.news8000.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
153
content-length
3591
trinity.json
apex.go.sonobi.com/ 		732 B
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221538f22673c6a546%22%3A%225ea9bd21ce66b89348c0%7C728x90%2C970x90%2C970x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%2215437d62f4c38c9c%22%3A%229981d4a2df69fca13865%7C728x90%2C970x90%2C970x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%22155d397ded6c795a%22%3A%224ac99f72e8d572f6112b%7C728x90%2C970x90%2C970x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%221560df1b5d3606cb%22%3A%2278e2568d18ced6f87cf6%7C728x90%2C970x90%2C970x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%2215764e5c375078e8%22%3A%2247e647b6fe715ccd493c%7C728x90%2C970x90%2C970x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%2215865b8461958085%22%3A%225ea9bd21ce66b89348c0%7C300x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%2215945223888ff7aa%22%3A%229981d4a2df69fca13865%7C300x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%22160ca7f63d5ca1a3%22%3A%224ac99f72e8d572f6112b%7C300x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%22161d387b0b9b558f%22%3A%2278e2568d18ced6f87cf6%7C300x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%22162ee7521ef1bfc9%22%3A%2247e647b6fe715ccd493c%7C300x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%221637e005c87e5a62%22%3A%225ea9bd21ce66b89348c0%7C300x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%22164ee59c0fc59eb6%22%3A%229981d4a2df69fca13865%7C300x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%2216560eb51e1650b1%22%3A%224ac99f72e8d572f6112b%7C300x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%221662d3d5b471f1a3%22%3A%2278e2568d18ced6f87cf6%7C300x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%2216755b15e30cee4e%22%3A%2247e647b6fe715ccd493c%7C300x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%221682b38e4a769bb%22%3A%225ea9bd21ce66b89348c0%7C2x1%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%2216917c900d2810a1%22%3A%229981d4a2df69fca13865%7C2x1%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%221706d2580a3a8f55%22%3A%224ac99f72e8d572f6112b%7C2x1%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%22171a939f5a7aa917%22%3A%2278e2568d18ced6f87cf6%7C2x1%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%221720ed993958b096%22%3A%2247e647b6fe715ccd493c%7C2x1%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%2217348f1bbde231c3%22%3A%225ea9bd21ce66b89348c0%7C300x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%22174ba0825f8405d6%22%3A%229981d4a2df69fca13865%7C300x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%22175c0151e65d9f22%22%3A%224ac99f72e8d572f6112b%7C300x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%221767c351a0c50395%22%3A%2278e2568d18ced6f87cf6%7C300x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%2217725c40533c8bea%22%3A%2247e647b6fe715ccd493c%7C300x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%22178deeec30e3fe18%22%3A%225ea9bd21ce66b89348c0%7C728x90%2C970x90%2C970x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%221792cf2abafb0206%22%3A%229981d4a2df69fca13865%7C728x90%2C970x90%2C970x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%2218075ba8d0f4d395%22%3A%224ac99f72e8d572f6112b%7C728x90%2C970x90%2C970x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%22181fa0a91468536b%22%3A%2278e2568d18ced6f87cf6%7C728x90%2C970x90%2C970x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%2C%221825af6a5aa8dfc%22%3A%2247e647b6fe715ccd493c%7C728x90%2C970x90%2C970x250%7Cgpid%3D%2F21745780820%2Fwkbt%2Fhomepage%22%7D&ref=https%3A%2F%2Fwww.news8000.com%2F&s=27900e73-e465-42d6-ada0-9370a392551c&pv=966f1573-8e6b-4969-847e-b23671b47426&vp=desktop&lib_name=prebid&lib_v=5.18.0-pre&us=0&ius=1&userid=%7B%22pubcid%22%3A%22a8e818bd-99dd-4508-8c6b-9c534090247b%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a8e818bd-99dd-4508-8c6b-9c534090247b%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
1ef03b81695295b6d5e9d51adce5a46f0b9446306452f2fddbd41809f12659e0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:31 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.news8000.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
387
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.news8000.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.news8000.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2598225188708957&correlator=14435231899406&output=ldjh&impl=fifs&eid=31062392%2C31063236%2C31063140&vrg=2021101401&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=21745780820%2Cwkbt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C1x1&ists=1&prev_scp=position%3D1%26placement%3Dpixel-1%26amznbid%3D2%26amznp%3D2%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3D1%26placement%3Doop-1%26hb_rfBid%3D0&eri=1&cust_params=url%3D%252F%26post%3D6%26category%3Duncategorized&cookie_enabled=1&bc=31&abxe=1&lmt=1635041611&dt=1635041611232&dlt=1635041608926&idt=1273&frm=20&biw=1600&bih=1200&oid=2&adxs=215%2C215&adys=125%2C4229&adks=2692892286%2C2278311414&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.news8000.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x0%7C1170x0&msz=1170x0%7C1170x0&ga_vid=1323862419.1635041610&ga_sid=1635041611&ga_hid=1543060529&ga_fc=true&ga_cid=232399919.1635041610&fws=0%2C0&ohw=0%2C0&btvi=0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
3c2ea3a32d3f2dcdd09662445e56717ad485b8e7a42be564c25dd5cfa63c79fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7870
x-xss-protection
0
google-lineitem-id
5330787546,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138306818637,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.news8000.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6d737814fd16de3b0a3a7c673cec74ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4A20 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://6d737814fd16de3b0a3a7c673cec74ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6d737814fd16de3b0a3a7c673cec74ec.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.news8000.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 24 Oct 2021 02:13:31 GMT
expires
Mon, 24 Oct 2022 02:13:31 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
analytics.js
www.google-analytics.com/ Frame DC75 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: engine.univtec.com
URL: https://engine.univtec.com/embed-akamai.php?params=dXJsPTc0RDdzcFRhUkV5REU4Q1dLblhkV1EmdWE9VUEtMjMxMDkxNzMtMSZ2YXN0PWh0dHBzJTNBJTJGJTJGcHViYWRzLmcuZG91YmxlY2xpY2submV0JTJGZ2FtcGFkJTJGYWRzJTNGaXUlM0QlMkY0MzQ1OTI3MSUyRmVuZ2luZW1lZGlhbGl2ZSUyRnNzLVdLQlQlMjZkZXNjcmlwdGlvbl91cmwlM0QlMjUlMjVSRUZFUlJFUl9VUkxfRVNDJTI1JTI1JTI2dGZjZCUzRDAlMjZucGElM0QwJTI2c3olM0Q2NDB4NDgwJTI2bWluX2FkX2R1cmF0aW9uJTNEMCUyNm1heF9hZF9kdXJhdGlvbiUzRDYwMDAwJTI2Z2RmcF9yZXElM0QxJTI2b3V0cHV0JTNEdmFzdCUyNnVudmlld2VkX3Bvc2l0aW9uX3N0YXJ0JTNEMSUyNmVudiUzRHZwJTI2aW1wbCUzRHMlMjZjb3JyZWxhdG9yJTNEJTI1JTI1Q0FDSEVCVVNURVIlMjUlMjUmdGl0bGVFdmVudD1XS0JUJTJGTmV3czgwMDAuY29tJmNhdGVnb3J5PVZpZGVv%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://engine.univtec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
777
date
Sun, 24 Oct 2021 02:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sun, 24 Oct 2021 04:00:34 GMT
json
sync.springserve.com/usersync/ Frame DC75 		51 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.springserve.com/usersync/json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.202.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-202-1.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
58384cc41f66cf83c113a303932b9451d1b0a3daefc7d6d5bdf0d1885d324a39

Request headers

Accept
*/*
Referer
https://engine.univtec.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://engine.univtec.com
date
Sun, 24 Oct 2021 02:13:31 GMT
access-control-allow-credentials
true
server
nginx
content-length
51
content-type
application/json
amp.min.css
amp.akamaized.net/players/9.1.1+premier/akamai/amp/core/ Frame DC75 		0
0
ima3_dai.js
imasdk.googleapis.com/js/sdkloader/ Frame DC75 		0
0
Imadai.js
amp.akamaized.net/players/9.1.1+premier/akamai/amp/imadai/ Frame DC75 		0
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame DC75 		0
0
Ima.min.js
amp.akamaized.net/players/9.1.1+premier/akamai/amp/ima/ Frame DC75 		0
0
Chromecast.min.css
amp.akamaized.net/players/9.1.1+premier/akamai/amp/chromecast/ Frame DC75 		0
0
Chromecast.min.js
amp.akamaized.net/players/9.1.1+premier/akamai/amp/chromecast/ Frame DC75 		0
0
react.min.js
amp.akamaized.net/players/9.1.1+premier/akamai/amp/react/libs/ Frame DC75 		0
0
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuaTCIIhkF2Erm59MyabSFdNycZqhcvSXgtkL3XTg3V54jsvO-Xvhd9LVXv3cnEX93li7o9E0A32C05brcyGIiRcietj8VjmNgdecf5YN99ARsvkuWkzHIFH31TPzsmOGnIfA0r-hOtH7VbuDeOOof10jNSZE4lWoKlVxZDesvH-MNcApHbQ-g56SpevdfYhx9iy2VEpagbldPH5pmoaGnCq7mJPUnYyJMDAUDDNox7Fz13tX8VYsSGjTCCxlU2KmOx2lJzSoQpAr98JNiTrJ3yquhAFC7hXVaycWYge_50hqwG1T3x5uJxUcri4C4&sig=Cg0ArKJSzMoy14ifquFkEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:13:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
index.js
cdn1.opstag.com/13194/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/13194/index.js?cb=1052986357
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00acd3662d3193fd72496228543edb38a3c7a8969b60a89923c430a915c878d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:32 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 16:39:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
"83e74c00aeeebdc009fa08ec7821ae8b"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
5004
x-amz-cf-id
0pM7LSPXomlMj8YhmOZSircBAsxzrCb86eHoAL8El_xTwII9bEOg8A==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 24 Oct 2021 02:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Oct 2021 02:13:31 GMT
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8f6ace061d713b4a21bac5d83a4f87774d704321e838060c594e69c8c01b67c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=47&ntv_ui=28a6f1ac-cd80-4f7f-bc38-452f54d97c63&ntv_a=b4wGA5-BKAfCALA&ntv_fl=CF4se3gYGjAPzQcMJoAeWd5WH3oACv5dt8ZRuFE-1ISjanFPUSYOO1i182bqfGxUNngEg4qg219LD1m-5FJ2REiIhmUe3XmT01O7BwzrszgM6Yqgigs3xJF6aSDszIb6vyQeak1uBFZCk86L9L6vnPMURC8qveOP6oBsJuYXXNzdj9YnacY1vE36i-h681IcDTjk97LsRXTMVvYDVv9DMg==&ord=-1373152254&ntv_ht=SsF0YQA&ntv_tad=16&ntv_ift=0&ntv_it
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:31 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.news8000.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.news8000.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		115 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2598225188708957&correlator=3409005283517409&output=ldjh&impl=fifs&eid=31062392%2C31063236%2C31063140&vrg=2021101401&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=21745780820%2Cwkbt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250%2C300x250%2C2x1%2C300x250%2C728x90%7C970x90%7C970x250&prev_scp=position%3D1%26placement%3Dleaderboard-1%26optimera%3DC0%2CTB2%2CD4%2CM6%2CM0%2CL4%2CTG8%2COB3%2CE1%2CM7%2CM1%2CL5%2CJ6%2CTH6%2CJ0%2CM8%2CM2%2CL6%2CK2%2CI9%2CTH8%2CDE%2CB%26amznbid%3D2%26amznp%3D2%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3D1%26placement%3Drectangle-1%26optimera%3DA6%2CM3%2CL7%2CL1%2CJ1%2CTH0%2COA9%2CDE%2CB%26amznbid%3D2%26amznp%3D2%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3D1%26placement%3Drectangle-2%26optimera%3DA6%2CM3%2CTH0%2COA9%2CDE%2CB%26amznbid%3D2%26amznp%3D2%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3D1%26placement%3D2x1-1%26amznbid%3D2%26amznp%3D2%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3D1%26placement%3Drectangle-3%26optimera%3DA6%2CM3%2CTA0%2COA9%2CDE%2CB%26amznbid%3D2%26amznp%3D2%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3D1%26placement%3Dleaderboard-2%26optimera%3DC0%2CD4%2CTC2%2COB3%2CE1%2CTC5%2CJ0%2CTF5%2CDE%2CB%26amznbid%3D2%26amznp%3D2%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=url%3D%252F%26post%3D6%26category%3Duncategorized&cookie=ID%3Dc9a3ed324007e7b9%3AT%3D1635041611%3AS%3DALNI_Mad_wo050MuThC9rpWmb_huOouHnQ&bc=31&abxe=1&lmt=1635041611&dt=1635041611715&dlt=1635041608926&idt=1273&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=2652642819%2C3659646478%2C4105574447%2C2178350573%2C4105574444%2C2234950011&ucis=3%7C4%7C5%7C6%7C7%7C8&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.news8000.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&psts=AGkb-H8yGqxcjX1Fv4B6HlYStJR4aoTAVUer9tAolBxTdbKv-BUbf_TiXM_s05UJRhkhaDSCiI4OcMxcmpyGvW9vbWYTJw%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1323862419.1635041610&ga_sid=1635041611&ga_hid=1543060529&ga_fc=true&ga_cid=232399919.1635041610&fws=2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
26f81fa6ee8dc03679db9295294de583846520fa1f23630bf54b68e357bf13f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17882
x-xss-protection
0
google-lineitem-id
5653154778,5654149381,5654149381,5245905013,5654149381,5653154778
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138344445125,138344900380,138344475057,138344745058,138344900410,138344445122
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.news8000.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f727a7f48f710af14457e8a9e44c30f8d84df7422b167e8401c9a3cacee54c78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8510
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsummcm4hGQAugiK6_ANAUPss7XkmgfrsX-n7e-amehrpKM7UqmRjUjhZZMmlD_LFLn52oDa-BBoCvpE_veIzd3W05dAQuoBGA4GmvAEoUzwZzQIxQDj02gpqAty3jRqtptg0KbrXMl3An5QBEyGnCZ4Th2a-oXMOw2L6DstwJbl52_qCaKJ0-BQ97AeFLYC1lfTScZBCvfdiHU3PaHEOpDaxhLA1ir1iGl8TO6jCYV-UK6d7s6XDP3ZQZYEU-DhWWeBMe3EjS6rmLKdT0Ug4yH6vE4dj2x0GRaci3yFsSuccQraziF7nAFImJXXjy2VRg&sig=Cg0ArKJSzO45SHjjfX-qEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:13:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 24 Oct 2021 02:13:31 GMT
prebid.js
cdn1.opstag.com/13194/ Frame DBEC 		302 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/13194/prebid.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/index.js?cb=1052986357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
199cf9591c8411559d63afdb76606c2e482668bce6345d796ae3414599b5e266

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:33 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 16:39:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
"dc3104016820da1499281fa786087abb"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
96150
x-amz-cf-id
JFQ-352iNR3sOBV9mRx6EOvAgXiGsbJsHmiYey3Lg3qmJdHxUfvdiw==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame DBEC 		166 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
64bff75a60c41b34a4deb9ce811a1e48a1b17bc3d3624715354764f6ae57cb63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:31 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:51:44 GMT
server
Apache/2.2.15 (CentOS)
etag
"1421bfb-2987a-5cd3bc6b497d9"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=28524
accept-ranges
bytes
content-type
text/javascript
content-length
54629
expires
Sun, 24 Oct 2021 10:08:55 GMT
config.js
confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/ Frame DBEC 		63 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/index.js?cb=1052986357
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aadc688d409b30c5ebc13790f6d2ea216805e4800727614792a23f5b585dced9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:31 GMT
Content-Encoding
gzip
Age
333
X-Cache
HIT
Connection
keep-alive
Content-Length
15069
x-amz-id-2
9/HmRSo5qgwWyB7P6hc/HBrDuryrFyIruMJTf2MB9vvKzaiiXPrzA+z/pM5WBDOdN94TkGj4nmk=
X-Served-By
cache-hhn4072-HHN
Last-Modified
Sun, 24 Oct 2021 00:54:59 GMT
Server
AmazonS3
X-Timer
S1635041612.999040,VS0,VE1
ETag
"88305f52f5c2cb2eeeca6290b4a50e4d"
x-amz-request-id
TWV4CDS0RT0WFS27
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
1
placement.js
cdn1.opstag.com/13194/ Frame DBEC 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/13194/placement.js?cb=1635041611917
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/index.js?cb=1052986357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bdb5ac405f2458baf685f9d0372813dd7d89832a1c1d99b37c7e7267e0bcc27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:33 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 16:39:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
"d56d852864dc4771f0259e421f6559ff"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
6747
x-amz-cf-id
HaBKo1mUO0c_AYlAlOyBwMZElQ_G2BSbY3oaSar0Z7pSDgu04W6PSA==
ad
pubads.g.doubleclick.net/gampad/
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/morganmurphymedia/news8000-13194-728x90-ads-desktop-pixel&sz=1x1&t=&c=5330796685
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/morganmurphymedia/news8000-13194-728x90-ads-desktop-pixel&sz=1x1&t=&c=5330796685&pre=1
42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/morganmurphymedia/news8000-13194-728x90-ads-desktop-pixel&sz=1x1&t=&c=5330796685&pre=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
google-lineitem-id
-2

Redirect headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:13:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/morganmurphymedia/news8000-13194-728x90-ads-desktop-pixel&sz=1x1&t=&c=5330796685&pre=1
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.news8000.com%2F&domain=www.news8000.com&cw=1&lsw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.news8000.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.news8000.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1426
date
Sun, 24 Oct 2021 02:13:31 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame DBEC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.news8000.com%2F&domain=www.news8000.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=bd7auHxKSzJtVGhRYk5KUWNhc1NmNlI3MnVRcEM0VDkvd2Z2N2JieFUzZk9XeXgxam10ZGpHZ2trdFpIdUN3WDZrUVNtMnc4ajJRQklpYjNLRVpTcC9ma2w4WUpxdnR1b2lsN2t4RkxWckF0VmlVZHVnNVFoK0l2U0ZUeH...
348 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bd7auHxKSzJtVGhRYk5KUWNhc1NmNlI3MnVRcEM0VDkvd2Z2N2JieFUzZk9XeXgxam10ZGpHZ2trdFpIdUN3WDZrUVNtMnc4ajJRQklpYjNLRVpTcC9ma2w4WUpxdnR1b2lsN2t4RkxWckF0VmlVZHVnNVFoK0l2U0ZUeHJRUmxHTlAvNjdwN3I1S3Q5aUh1Mk1iWkVnbVhQS2diN1Bsekp4SWNQT3NsK0JvMnRxT0tISWdDT1dMM2Fzd2ptTUN5Tm44RFN2Q0d0WHVPYmxUd3lyVXJhZXd1QmtXUER6NlJCdWVaQ1dKYkc1TFRWUVduaFp6aHBPV0JXZk0xMkRjaWJka1pnfA&cppv=2
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
472f217c4d8a0f8a8e33ccc4ef56bff79ff6ee22c296adf26a628c4a4ff17f8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 24 Oct 2021 02:13:31 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2299
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 24 Oct 2021 02:13:31 GMT
location
https://mug.criteo.com/sid?cpp=bd7auHxKSzJtVGhRYk5KUWNhc1NmNlI3MnVRcEM0VDkvd2Z2N2JieFUzZk9XeXgxam10ZGpHZ2trdFpIdUN3WDZrUVNtMnc4ajJRQklpYjNLRVpTcC9ma2w4WUpxdnR1b2lsN2t4RkxWckF0VmlVZHVnNVFoK0l2U0ZUeHJRUmxHTlAvNjdwN3I1S3Q5aUh1Mk1iWkVnbVhQS2diN1Bsekp4SWNQT3NsK0JvMnRxT0tISWdDT1dMM2Fzd2ptTUN5Tm44RFN2Q0d0WHVPYmxUd3lyVXJhZXd1QmtXUER6NlJCdWVaQ1dKYkc1TFRWUVduaFp6aHBPV0JXZk0xMkRjaWJka1pnfA&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.news8000.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1377
content-length
509
expires
0
gpt.js
www.googletagservices.com/tag/js/ Frame DBEC 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.news8000.com
URL: https://www.news8000.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd15114bff107e1188f0b293db7acf0037d405cbab30a8c9571df82bd849fc8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1023 / 38 of 1000 / last-modified: 1634853991"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27130
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Oct 2021 02:13:32 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 24 Oct 2021 02:13:32 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110211248/ Frame DBEC 		180 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110211248/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8874382f0d935e5ae3ca6f72809f0419dd51c67d8141c712b5ffc9877f308be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:32 GMT
Content-Encoding
gzip
Age
422
X-Cache
HIT
Connection
keep-alive
Content-Length
58956
x-amz-id-2
5VaBez9t2V2KYw4QpVZFGBfZFICceVXKeQxmO1NvFgraK5MnMa1OKSY2si4xPAnfs7YWxlUObgk=
X-Served-By
cache-hhn4072-HHN
Last-Modified
Thu, 21 Oct 2021 16:55:33 GMT
Server
AmazonS3
X-Timer
S1635041612.028548,VS0,VE0
ETag
"74936fd3518300130e0d2a9d947106cd"
x-amz-request-id
R9985E5R4RWZZP6X
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
180
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8904 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.news8000.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 24 Oct 2021 01:14:35 GMT
expires
Mon, 24 Oct 2022 01:14:35 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3537
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 20F9 		783 B
915 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2039bf2d812091ca02a8482ad934ffe8cae0b0cc0a29580e6f3faf57f9fb8910
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WGNe11pfs1ANLPa/4wckEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.news8000.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 24 Oct 2021 02:13:32 GMT
date
Sun, 24 Oct 2021 02:13:32 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-WGNe11pfs1ANLPa/4wckEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/pagead/ Frame 20F9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101401&jk=2598225188708957&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bd7auHxKSzJtVGhRYk5KUWNhc1NmNlI3MnVRcEM0VDkvd2Z2N2JieFUzZk9XeXgxam10ZGpHZ2trdFpIdUN3WDZrUVNtMnc4ajJRQklpYjNLRVpTcC9ma2w4WUpxdnR1b2lsN2t4RkxWckF0VmlVZHVnNVFoK0l2U0ZUeHJRUmxHTlAvNjdwN3I1S3Q5aUh1Mk1iWkVnbVhQS2diN1Bsekp4SWNQT3NsK0JvMnRxT0tISWdDT1dMM2Fzd2ptTUN5Tm44RFN2Q0d0WHVPYmxUd3lyVXJhZXd1QmtXUER6NlJCdWVaQ1dKYkc1TFRWUVduaFp6aHBPV0JXZk0xMkRjaWJka1pnfA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1150
date
Sun, 24 Oct 2021 02:13:31 GMT
content-encoding
gzip
vary
Accept-Encoding
pubads_impl_2021101201.js
securepubads.g.doubleclick.net/gpt/ Frame DBEC 		361 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
124532
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Oct 2021 02:13:32 GMT
c
prebid.a-mo.net/a/ Frame DBEC 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:32 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
136
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame DBEC 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
date
Sun, 24 Oct 2021 02:13:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame DBEC 		19 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:32 GMT
X-Proxy-Origin
185.232.23.182; 185.232.23.182; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9c76d849-5c1f-4051-8029-e955b88b67c0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.news8000.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame DBEC 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=316592&zone_id=1619904&size_id=2&rp_schain=1.0,1!yieldlift.com,2000039,1,,,&eid_pubcid.org=a8e818bd-99dd-4508-8c6b-9c534090247b%5E1&rf=https%3A%2F%2Fwww.news8000.com%2F&tk_flint=pbjs_lite_v5.1.0&x_source.tid=7d83557c-3a30-4c8b-a9c9-c284ef77d5d7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8634766266431302
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d4ae0b93aeecf7b39108769af898e164c5aaa3421fa1368eca7f99a130912476

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:32 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.news8000.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame DBEC 		24 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.1.0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
a9d88004ecf909f10f24eb838564c9e3fbd1427f605eeb2d444df083c66d1435

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 24 Oct 2021 02:13:32 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.news8000.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
trinity.json
apex.go.sonobi.com/ Frame DBEC 		95 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2212a402230a88742%22%3A%2268aca0cac03799ad2020%7C728x90%7Cgpid%3D%2F8570%2Fmorganmurphymedia%2Fnews8000-13194-728x90-ads-desktop%22%7D&ref=https%3A%2F%2Fwww.news8000.com%2F&s=353e4095-c980-4390-9f30-916ac0abf375&pv=20ed431f-cada-49b3-bf1a-c4b5e258154d&vp=mobile&lib_name=prebid&lib_v=5.1.0&us=10&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000039%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22a8e818bd-99dd-4508-8c6b-9c534090247b%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a8e818bd-99dd-4508-8c6b-9c534090247b%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
d09b39cadbc6cb3a4c1205eae09ee4f5a19f60fa7f01caa369bc86594a325854
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:32 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.news8000.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ Frame DBEC 		66 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=akGFn6kr0r64m5aKlId8sQ
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
a39972aca8a154a3c9597c68e51ea8658ffabac257c617871a14d1bbb9d93c4b

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 02:13:32 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.news8000.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
arj
os4m-d.openx.net/w/1.0/ Frame DBEC 		173 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.news8000.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7d83557c-3a30-4c8b-a9c9-c284ef77d5d7&nocache=1635041612439&pubcid=a8e818bd-99dd-4508-8c6b-9c534090247b&schain=1.0%2C1!yieldlift.com%2C2000039%2C1%2C%2C%2C&aus=728x90&divids=div-gpt-ad-9265879173666-0&aucs=&auid=541018112
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
c1fa2ba542da6c85d3e7a7b41b758a24bf927fb2394909f4dee123118cd1d89e

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:32 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.news8000.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ Frame DBEC 		15 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.news8000.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cygnus
htlb.casalemedia.com/ Frame DBEC 		25 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=516235&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2219795688d9945fb%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.news8000.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.1.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000039%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220c918f5cd18bf8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22516235%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
33d1255c335c1aaaa994fae6c818de271a60079fb0c66e95b3edd720969f7a26

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:32 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.182], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.news8000.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sun, 24 Oct 2021 02:13:32 GMT
mvo
tag.1rx.io/rmp/231800/0/ Frame DBEC 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/231800/0/mvo?z=1r&hbv=5.1,2.1
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.news8000.com
pragma
no-cache
date
Sun, 24 Oct 2021 02:13:32 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame 8904 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 21:45:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
16061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 23 Oct 2022 21:45:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101401&jk=2598225188708957&bg=!7u2l7anNAAbUs_yW1LM7ACkAdvg8WmqZDqRk1kDe0igPOos3uCtqSBrtzP1-kCTrelOVgP9_qPiuUQIAAABPUgAAAAtoAQcKAIEDrcaS9NZsAzS7jPmXacjHzMWZDtIdeyjZRXPuYCCWFLT1qxeTdipKq0NbqcCQ59m6-dBiwwiXCWFgSLv9xD9rNhCOTf6avkCnmKeupk379ETb03FCEJkK359t46-Oloho7eihKgG8ROeZSw1ckkjYnPASQnAPlBr0HhGyGM8hg4GZAr-V_kqC1jW3OPq8t0as_E_tWDc1aCmgWwbxKfEVMXH3SWjDihM1yQT4eh2RFF9HLXw2c6y-MaSAfa0pw0qkvXAdGo4tfVGmB0479lmTD_sqskxBij3WG9iozr1SS_D8oFwFz8GPmmILYYnic2OF-QrichqR9CZbwqRbtPj_LTrfSkTd1HAZ0ewx5ztme0PK9LO341tgCl6GaaE3FThBF2m2AZFW8mm2ZIEHZG0dwb4JA1KaAnLX8fP0rucHW-Oqtnh2RlchPX1sBRBtCmh41FN2ynKLGdth9BLvYEcrxQyJOpkEZhpYpX1T_gLZv8Gu1ivBSMWPsO9UAvuP0BfsVai9Khp4zviKxODLJE27UT686EkuBrHy4hxn4yj-PTBZNfc8JBqNu3HjNMr08-jbpdpyvTBHF2Sr2cuGE1C6xfYY4adqyosiBcFN9QqYEs2vi_1DW9JOYIXZSMkmHDPRF2cxdpME9c3CgByonRu4HKeI0gEh2xh-EC4nwEALO3EPSW6bRqaOlcqLOwx_eLke-P2Swxr17nnCkWMUli1TjC72Q45YE4XNwSFckScIgmNKHTaM7oNH6cknYxtNk9PvC1OP4HjeYnGCQhpEIgqJGdK7PTHRm3itjltIKRhkSzQbZv0tSVtzBbilAvWq9MpE5x7ozbkVCWV0S_DqwhoC-a1ZV1tQar-O8cBIODLouc0cmKRLrENYzFBj3AF5BFWAfnT2xgS7Y8dWvo3CPi9TXYbmHsKQg4gGBWOu0eOwu80PG7O456Lkujy55xk8F6jCi-lRDYfgpdpc7t6C3xaHYmhmJ7UxY-EyQFNoxn4utadWki3Wkvv8t0NH0ufG_AjQKUQsIkciRFHN37Dgr0vOMwdTx8TaRfKM_b5C-8llvo8UwvIbP321bmtK4nPNUzwWB-O-vIvIgZGSgTkhOmmwdhW6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame DBEC 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.news8000.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DBEC 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.news8000.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame DBEC 		0
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2409187675805934&correlator=1159151613022459&output=wbn&wbsu=bc44f585-55bd-4e82-8ad2-631174c245f7&callback=googletag.wbn1&impl=fifs&eid=31060545%2C31062324%2C31063182%2C31062931&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=8570%2Cmorganmurphymedia%2Cnews8000-13194-728x90-ads-desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=rfsh%3D1%26rfshtime%3D22&eri=1&cookie=ID%3Dc9a3ed324007e7b9%3AT%3D1635041611%3AS%3DALNI_Mad_wo050MuThC9rpWmb_huOouHnQ&cdm=www.news8000.com&bc=31&abxe=1&lmt=1635041612&dt=1635041612688&dlt=1635041611909&idt=499&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1110&adks=3063004668&ucis=bbmol5jw3n1v&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.news8000.com%2F&top=https%3A%2F%2Fwww.news8000.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=232399919.1635041610&ga_sid=1635041613&ga_hid=243922415&ga_fc=true&fws=260&ohw=728&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27746
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
application/webbundle
access-control-allow-origin
https://www.news8000.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
uuid:bc44f585-55bd-4e82-8ad2-631174c245f7
/ Frame DBEC 		451 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
urn:uuid:bc44f585-55bd-4e82-8ad2-631174c245f7
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
68dd2479e81130bd2fb9022bd00b1f969808f5d30ed8e9ee44e70c7aeac1a42b
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
multitracking
ghb.adtelligent.com/adunit/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/wrapper_hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.news8000.com
Date
Sun, 24 Oct 2021 02:13:32 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
sodar
pagead2.googlesyndication.com/getconfig/ Frame DBEC 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c2d4f5c5c9561c962b57a48a99b4183087c9b3ee5ea32f66d23cff0d425ec0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8519
x-xss-protection
0
uuid:cdaa73ec-073f-f28c-7d6f-f28c073fcdaa
/ Frame 6ECD 		54 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
urn:uuid:cdaa73ec-073f-f28c-7d6f-f28c073fcdaa
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110211248/wrap.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd581e97a53b3739f0be17a03083e1a5ce6e9413bb2a3af6137226438dd5a1c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Content-Type-Options
nosniff
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6ECD 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AMzBfKKrsXpEYVgFYeUp0mv4L6ja1IrsXgE-kVWZu_C7DQAHIXRH36GnINFJyV35kHK8lE8cinphTCJKlHzYobaHHUQotrDgvZ3O1BRRcpFhUJcAc
Requested by
Host: uuid
URL: urn:uuid:cdaa73ec-073f-f28c-7d6f-f28c073fcdaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 6ECD 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:cdaa73ec-073f-f28c-7d6f-f28c073fcdaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:47:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1573
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 01:47:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6ECD 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: uuid
URL: urn:uuid:cdaa73ec-073f-f28c-7d6f-f28c073fcdaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Oct 2021 02:13:33 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 6ECD 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:cdaa73ec-073f-f28c-7d6f-f28c073fcdaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 02:07:51 GMT
l
www.google.com/ads/measurement/ Frame 6ECD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS35bglBGFiuxX7CZ1TbRVCAKvZ8dKLxoGwY98k22L-iSp6A2pm417YZDmNLqYYnzpt71ca
Requested by
Host: uuid
URL: urn:uuid:cdaa73ec-073f-f28c-7d6f-f28c073fcdaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7839 		0
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNn50QEQxY3WzwIYg6rurAEwAQ&v=APEucNVyC8y0utJRBOAhYy_QmZRXdjmGv4J00Zr8gV0EXn4IdXUXvnrv3VBDcgO7bMuNWzbybrtFq7jNZvAxxOqCVmyZ9qOyYw
Requested by
Host: uuid
URL: urn:uuid:cdaa73ec-073f-f28c-7d6f-f28c073fcdaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNn50QEQxY3WzwIYg6rurAEwAQ&v=APEucNVyC8y0utJRBOAhYy_QmZRXdjmGv4J00Zr8gV0EXn4IdXUXvnrv3VBDcgO7bMuNWzbybrtFq7jNZvAxxOqCVmyZ9qOyYw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmbOYBADVZ0YHKgIpOvvUjczVQ-2QnLDRUm5_7OJXLzjNEnvtKVlk4R-sXaNnA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 24 Oct 2021 02:13:33 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 6ECD 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:cdaa73ec-073f-f28c-7d6f-f28c073fcdaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 00:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 00:27:57 GMT
14756919406501965036
s0.2mdn.net/simgad/ Frame 6ECD 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/14756919406501965036
Requested by
Host: uuid
URL: urn:uuid:cdaa73ec-073f-f28c-7d6f-f28c073fcdaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ded061ef586b57c27ea3e65774d4349d2f1d0c7a3432f6e5d82db34008804416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:50:47 GMT
x-content-type-options
nosniff
age
130966
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
44882
x-xss-protection
0
last-modified
Wed, 09 Jun 2021 08:09:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Oct 2022 13:50:47 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 6ECD 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:cdaa73ec-073f-f28c-7d6f-f28c073fcdaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2631
x-xss-protection
0
server
cafe
etag
10983085961369067521
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 01:02:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6ECD 		0
542 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNY4XdR9gp7J4Rdq1hllYNJGqGzBa1T9RRj83QlsBOBKhlx_X4bRA1mG6X7FDFLbRtayuABqZD0MXJIn6tD814BxTyUceX5E9OBdbSvtkKKpe4Q-F3X--KQa7-9XdjJ9zysOs_D7awNq1POsEglJePDgl0dJndjHYdh-R-hV-oXLoKpB-4ZuJxB9kSqoXLuCNvyfcpnwl18a8Y7UtINrkeUa_YqCHvOye1FzNhG_67NzXruYI0Iia-qnf3aMjxIxpzaRnuPecLZzy9bFSwie0WkzT68_dy1pNFw-PLtUJV7HGkkjW4_wD2ZozTlcBoS5eTuhJsZ-atq8EHz_Fds9oygBy-GWHZKvXGD-taEalZilxFhNywRKnmGF3gG6hBJGOUmGxiGLFdRlpYMrG6pSFZR1nX7ovpe64_ew-aPoCqp5GffVzo1V1ayQkvb39NECv5r7B-ODLNGix9z1vBW2Y-D23PPmge-RLDcXtBA16oiK1hBRuo7geWoZDu7jX4kNXlG3gsco2mmW_TQzrrTZKhxx9b5XW_TwAMrVGQWevk5r4vBj61dsyhJvXWgiZ9GneEO6Xip8aYqOSXzCPl6yUWne2jUISwjzh-pOENXlWECncV9occ0LTYAlmY3ox8ACXHCbfk904wD9wjaCzPHc_hvg9_78D24pGi-5bw9rtkiES03rYCpdnCvP3QNCA-fCFW-cvB1KO1QoVrVknOCDN5qtngy6jvCfNHxFJCYr6qRZ3YEI3DGf2EklNmmoS-FI_r6oV__N1EAxoAR7-uYDjrQac3Dj7umjgckCGebbLXlUZzx1q8_0La9MpBtFyEhBl-RsD0Tog_kQ4BqhtW5KlKE9qIeg2gFQq8O9C_LNQ8J1LINsUEnhMADZDqPMlgYFNi3uv4H2seoECPqp_x-UOtr8RuaMl94QJeLj2eDUQ_NkCpO00rZT0Ue5aLVgbvgrZ3_KoJ80MjOxrE2DVlPmpNn21tSlq9xgt1JdJOm_joxYKKD5i1mAiZFvepqBH203eXq0OQ9MUquDNVrmniNMXfttiMAHWD-0xVr7Dg1ceOVpdXKu__S-3PQXNZzE6CUhpVkzT-txtCiwPZK7LUA-FBj5JhQU36ECx1X3aAuqMszVWexL9AnM7fGm5ur7FR0Wkra5G73xOAFfwjQtlhSUDNhmvZa-L20YNYU99sEY7TE0eA0hkaLWkpn8IcNji8fN066wj8K0xuiDV6Gw&sai=AMfl-YQ4JxfDhOlJT_tD5fCMOveLHjWkdfPSicwd1sZW9F2nFeFHDdFwJvokgeplXXybC51qRNMCiD2388RWTkMFHTNSk6vramc167R4QDIEO5XrcKoXBsBptxiq9pIfHyEFaEhqF5ShszLGwa6l-369galVExrCbO516AY48EnmxniZHeaTH0LNXMEvu7-8OXgm8phHupi6oznLKTBaSnxYPW0Sg8S15jST5FQXXaICS_caNCWKOH7Dstr6fzf3aPEtM5TDt-8dak5tSP3WIvvHaWxQAhz7X3OF0v3VEn6Ze0tf&sig=Cg0ArKJSzKziUuvYEm_6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211020.06605&adurl=
Requested by
Host: uuid
URL: urn:uuid:cdaa73ec-073f-f28c-7d6f-f28c073fcdaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 24 Oct 2021 02:13:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6ECD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: uuid
URL: urn:uuid:cdaa73ec-073f-f28c-7d6f-f28c073fcdaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 12:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137186
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 22 Oct 2022 12:07:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DBEC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 24 Oct 2021 02:13:34 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1E28 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 12:07:07 GMT
expires
Sat, 22 Oct 2022 12:07:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
137186
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ Frame 6ECD 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1df58d62e3a708876b32249b925a9f246e0a14a1fe1e54bebb35c8b5ffe72ac2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 6ECD 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNY4XdR9gp7J4Rdq1hllYNJGqGzBa1T9RRj83QlsBOBKhlx_X4bRA1mG6X7FDFLbRtayuABqZD0MXJIn6tD814BxTyUceX5E9OBdbSvtkKKpe4Q-F3X--KQa7-9XdjJ9zysOs_D7awNq1POsEglJePDgl0dJndjHYdh-R-hV-oXLoKpB-4ZuJxB9kSqoXLuCNvyfcpnwl18a8Y7UtINrkeUa_YqCHvOye1FzNhG_67NzXruYI0Iia-qnf3aMjxIxpzaRnuPecLZzy9bFSwie0WkzT68_dy1pNFw-PLtUJV7HGkkjW4_wD2ZozTlcBoS5eTuhJsZ-atq8EHz_Fds9oygBy-GWHZKvXGD-taEalZilxFhNywRKnmGF3gG6hBJGOUmGxiGLFdRlpYMrG6pSFZR1nX7ovpe64_ew-aPoCqp5GffVzo1V1ayQkvb39NECv5r7B-ODLNGix9z1vBW2Y-D23PPmge-RLDcXtBA16oiK1hBRuo7geWoZDu7jX4kNXlG3gsco2mmW_TQzrrTZKhxx9b5XW_TwAMrVGQWevk5r4vBj61dsyhJvXWgiZ9GneEO6Xip8aYqOSXzCPl6yUWne2jUISwjzh-pOENXlWECncV9occ0LTYAlmY3ox8ACXHCbfk904wD9wjaCzPHc_hvg9_78D24pGi-5bw9rtkiES03rYCpdnCvP3QNCA-fCFW-cvB1KO1QoVrVknOCDN5qtngy6jvCfNHxFJCYr6qRZ3YEI3DGf2EklNmmoS-FI_r6oV__N1EAxoAR7-uYDjrQac3Dj7umjgckCGebbLXlUZzx1q8_0La9MpBtFyEhBl-RsD0Tog_kQ4BqhtW5KlKE9qIeg2gFQq8O9C_LNQ8J1LINsUEnhMADZDqPMlgYFNi3uv4H2seoECPqp_x-UOtr8RuaMl94QJeLj2eDUQ_NkCpO00rZT0Ue5aLVgbvgrZ3_KoJ80MjOxrE2DVlPmpNn21tSlq9xgt1JdJOm_joxYKKD5i1mAiZFvepqBH203eXq0OQ9MUquDNVrmniNMXfttiMAHWD-0xVr7Dg1ceOVpdXKu__S-3PQXNZzE6CUhpVkzT-txtCiwPZK7LUA-FBj5JhQU36ECx1X3aAuqMszVWexL9AnM7fGm5ur7FR0Wkra5G73xOAFfwjQtlhSUDNhmvZa-L20YNYU99sEY7TE0eA0hkaLWkpn8IcNji8fN066wj8K0xuiDV6Gw&sai=AMfl-YQ4JxfDhOlJT_tD5fCMOveLHjWkdfPSicwd1sZW9F2nFeFHDdFwJvokgeplXXybC51qRNMCiD2388RWTkMFHTNSk6vramc167R4QDIEO5XrcKoXBsBptxiq9pIfHyEFaEhqF5ShszLGwa6l-369galVExrCbO516AY48EnmxniZHeaTH0LNXMEvu7-8OXgm8phHupi6oznLKTBaSnxYPW0Sg8S15jST5FQXXaICS_caNCWKOH7Dstr6fzf3aPEtM5TDt-8dak5tSP3WIvvHaWxQAhz7X3OF0v3VEn6Ze0tf&sig=Cg0ArKJSzKziUuvYEm_6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=72&vt=11&dtpt=71&dett=2&cstd=0&cisv=r20211020.06605&adurl=
Requested by
Host: uuid
URL: urn:uuid:cdaa73ec-073f-f28c-7d6f-f28c073fcdaa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:13:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js
pagead2.googlesyndication.com/bg/ Frame 1E28 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 20:36:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
192997
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13263
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 21 Oct 2022 20:36:56 GMT
v3_450266_11887.json
player.adtelligent.com/prebidlink/2725069/ 		29 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/2725069/v3_450266_11887.json?cb=www.news8000.com
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/wrapper_hb_450266_11887.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
06f48ed74dee932f532078dd2855a2200902b9b67ff809b9ff78701f4d7ef143

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:33 GMT
content-encoding
gzip
last-modified
Sat, 23 Oct 2021 18:01:02 GMT
server
nginx/1.18.0
etag
W/"61744dde-720d"
content-type
application/json
access-control-allow-origin
https://www.news8000.com
expires
Sun, 24 Oct 2021 03:13:33 GMT
cache-control
max-age=3600
x-proxy-cache
MISS
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E28 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuwuxTMF0YeXfLLH6gAeT-KLwCgAAAAA4AeAEAg&bg=!_f6l_rrNAAbUs_yW1LM7ACkAdvg8WvsEhwo2Bm3ivV4NvtR2tivmcCdqWO-dO38rUhKOYIrfeD5XCwIAAABcUgAAAA5oAQcKADuWcN2kwS_svYNLxhN1Kk_YlqNq8lw_xkUdYenHXLM595DJYSyW3LO07lfpCVl2eRChU9ZqPDBGH2cqHZkCzR7y5YOCopKUaC__h_-t1o7EtlWaMW3UI3oIByMSrERVkEGDnee3MS5TG32Su128OnLbF8ii3FtrqT-FksbDJfDrHZw05IfoQnF_pOYAzbStfMeAtdrczOp3gpL3RbJifQtDVsacpoAwhGA1JqhUlOVuSy8NBMtHlykI8n0lPm9fdtL3UF_enTwcj7KRk6B-ymdh-jFSweClHFBSYKB-GkXHxIiX9pw3Q6BlkODZm8Gtamkvepc29GUyRJYSVlaTG5hWRYUeBk8UWGcjpVv453V4MGC-Kr6-RCzzaNL2r5J7hiyoBye2dTHSkrnBpffuVTc8ApQ2Kp__Kyftgr7_Gzk4gQdBsT2krh2Gh1X7KKNtPPWSOkwRDXuYxB2rBWcSyUK13ruKCkdSORGuNFX1_WND1glO6cpLyqhRfLdND1GfrSk5Q-Y5XwZcP9WeQFm04bSkDg-wRVscorIVLfsYkyJ-E9kLreMDnPf0pYWA1zgD9Qg6sX2qT5XCkOzfdsuawSMug0UJFERFGlgC7rDYQ2zACYeyfbzfgeBBk1PHO1arTlJ2tPAUtDMFvLNdgJPl46KKPEoKvOia9CeejIQ8JwNR7C3iYHn3HLCIS_I1RDJ5OE_435tkDCMB90d96JXdQAby2mJ0ggRmXTIcqVcddMx0Ykeoql6oWDmB8ewreqK64Z0DD7apsQZfHMArm0ERR1ERo0YbCM4GY3jzsem9nLZcgJ7reXiDTorv8pdt2ETbAw0kHTXtBMQd6u1MWh-4odt-8wQ0dceYJX22YVDlqcpoYpbvFbIGRvLhX86RxqXNMksy4ucIQ6n3PoJPkbPqWgramXlsWZPaBToC3c0vs0NCN_KpxL7mZqVSjvQCSeTG9bNvrciJ4_YigkTWyZ-skINvrYQ9IQSwxbEq-rMvUsdVSzFhruH5X7ApI5M-LJTEEXwH1wc2pB3vuSbzCg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
944.json
id5-sync.com/g/v2/ Frame DBEC 		212 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/944.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.110 , Germany, ASN16276 (OVH, FR),
Reverse DNS
p23.id5-sync.com
Software
/
Resource Hash
47ce95dd46dd98392b656a5c63ca7906512289ceaff39c81d74bb26852b51251
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.news8000.com
Date
Sun, 24 Oct 2021 02:13:33 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame DBEC 		44 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 02:13:34 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.news8000.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
rid
match.adsrvr.org/track/ Frame DBEC 		108 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=71nw1m8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
22203adddbf362b6726eaa3aa6cca1e92eebcdf24b5ef9d84132b11b4889f9aa

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 02:13:34 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.news8000.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 23 Nov 2021 02:13:34 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6ECD 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNc9a70xlRxiTwZN3kYksg5vCNMAJ8kTcqPWImhP3-q5oSx-WElmvKmhySzk6p-ymakoB0q7qu4_ge80FK3hBG61Ctxu28vhT6kjMBIYLtlQLguRy4tw&sai=AMfl-YSVLIdrBhc-eigvDhWmB2yqi4SAkjWs3f8VINn5ZPDATv-iMz8hvBPGNAAiFkdjyW4KIP9ciztLso8G-lW1QFWGC0W5TB75ctjdiak7MrMZsi-BSt7P-kXVPjM9&sig=Cg0ArKJSzD0QEuan5Bj0EAE&cid=CAASPeRoBL9AZ0DZuDx4Pv-vf3wCny2zxkhAZQbXFJOyl8xD5x6u9G1sHcLxr_YkPuxQAUvvDh3jjSTlfC0jNyo&id=lidar2&mcvt=1000&p=1110,436,1204,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3063004668&rs=4&la=0&cr=0&vs=4&r=v&rst=1635041613195&rpt=89&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 800E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.news8000.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 24 Oct 2021 01:14:35 GMT
expires
Mon, 24 Oct 2022 01:14:35 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3539
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 77EE 		783 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e366faee45ca7c0ac7f097058dd99681947d94a587a4108dad4a78114cd47f40
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zNd4HsTQIIjPQj24eSX1Eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.news8000.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 24 Oct 2021 02:13:34 GMT
date
Sun, 24 Oct 2021 02:13:34 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-zNd4HsTQIIjPQj24eSX1Eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame 800E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 21:45:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
16063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 23 Oct 2022 21:45:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 77EE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101201&jk=2409187675805934&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBEC 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=2409187675805934&bg=!nZ6lntrNAAbUs_yW1LM7ACkAdvg8WmTxxGYK2scPRIlFs2ntmEXNdITKuvQDJEzzSSGoFtCPKYTOPAIAAABhUgAAAAtoAQcKAMTspY6Rwb8DOKtKPXh3kQTjyrbXW-kv_RqzhYOEPfOhGHqn-6uJrQAcxUkmQYCTt6GW_RCx6UNH1vrwdl-MZc_bT2xnaLS4ZDizoA_rslA2-cOaFZhuD85nBV503pNfVLlit_UnRSjeelstniCmN9ebCJe2uePxpHB4C7BGPiRmNcLWcMEETXkmTxvkJxY-iAZbV30Vi6ar49kkRAHGLbch28D4giZxpJXwvC5Bw4robj-cMM4amk936hHd8Aev2HiRA9b5mQLGh2EbjEiBHmNSM3nrca4hgMvsOcKTC2J5xfBwdcfzzOlGhZJVKPRLHgK_CzKsY4FYvrUZsz-BbEvdj_buL4eY1BCk-sTDsp_3P2-w8opgR_6WGvaNqlHpAMxJY29qQy2n_E4PaHpE9tJ4uBo46Sw1IMczYZL_f5VGX0W9ANezgZyCQ28298DBNvgn5-hZs5vGgnejyNvJbLCn0O6ayAh6_VPNeCY9P0E0s1iSYd_NFj0IfPXPaH5HbmjK24aTv62E1F3GV_9ks5uan6jgH9ZFPPA92emALXGGo9VHNLbTi7IEBHjL-ge-RVUZzZd7L9t0ZFORc6b4dOQUGhY4Mh3ez_I0Cex3eTrYP9PH_s4OpcQv6-pNt58D5VhWnSWn84CvRiaBcaFeVqbhLasi1YYZWwMp70FrKOcwi3uh9iR_yeEZbfvnMivo4Rm5N0LGY8SvfiHJVbJLmR2Vbsm5debjmSlkbBCbAjp0Al0YteJao_ereEt69KRBz1VzcniCuv3gApO08CBwY-Wt1FchO5ETTTYkZQtYW7nzMHLSlUEeg6VTt05-dJqBvkHRvHvcRCx63EB9-VfjBrZ5Ux2XWn0DVb98E1gHw2-H-Q0ZQXU-lORjAyGouMxv193FH8go-QYV4RSik2JORdV3QIvWZ2_DUl1FyCAIj1uqJKRp7Wp7T_sdmNLtcgriCYW_afQ832o5AujLIcFhZsmgWODrzgn3HLhfcHukMPmzZb21ylbjv5ZiR8kFMERZ0gAnJ35hJzWPzk6-YqLJs-MxfiPrpVE1DjUb7QyXHnwJFNWzujdd0AWwvYcu_ldBM8zxrxhayVPXC12Qkv6XWdq6QK0IOAlnapMg6xuZMb0cJfqi6q8s5m2QRYizmt_glAF89oWAYRegFb59h6jYC_1Dky3JFWKN2TKYKmf20YuOUjwCKsNiocllTc8pIE0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.news8000.com%2F&domain=www.news8000.com&cw=1&lsw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.news8000.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.news8000.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
2465
date
Sun, 24 Oct 2021 02:13:33 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.news8000.com%2F&domain=www.news8000.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=dhZp9nwwNVNBS1JFRmhoTGh6M2xIeW9IMExUTUEwQW44RTFhMFJtbC9ZdG52QXN4amtHRTF0SEdqR1ljR3JPWnIzSFlGUGI3OERSVFFhTWFjMTZOdFRNL2VheTlzSG9RUElidHo1KzFUU3NuL1c3NDlnaG1WcFplaFR3cG...
345 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=dhZp9nwwNVNBS1JFRmhoTGh6M2xIeW9IMExUTUEwQW44RTFhMFJtbC9ZdG52QXN4amtHRTF0SEdqR1ljR3JPWnIzSFlGUGI3OERSVFFhTWFjMTZOdFRNL2VheTlzSG9RUElidHo1KzFUU3NuL1c3NDlnaG1WcFplaFR3cGRtbDZUT0RwMHRyRktTQ3BENERteGRzMnR2NWJ3K1FyYUd3ZUIvS3RrOU1RV1F6aHJ4V1dkU0YxQ2YzYUg3dDdsTHdWeXFwQ0dSMGpwc0xlR25XUlpKWW5VenlGL1F5ZzlpckFyYzBpdjdGckFwS2N0eDJjPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
296da1cbb1aa101678727bcef186513ea6706975acc9bd5ad6f181b6ac6a5dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 24 Oct 2021 02:13:34 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3001
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 24 Oct 2021 02:13:34 GMT
location
https://mug.criteo.com/sid?cpp=dhZp9nwwNVNBS1JFRmhoTGh6M2xIeW9IMExUTUEwQW44RTFhMFJtbC9ZdG52QXN4amtHRTF0SEdqR1ljR3JPWnIzSFlGUGI3OERSVFFhTWFjMTZOdFRNL2VheTlzSG9RUElidHo1KzFUU3NuL1c3NDlnaG1WcFplaFR3cGRtbDZUT0RwMHRyRktTQ3BENERteGRzMnR2NWJ3K1FyYUd3ZUIvS3RrOU1RV1F6aHJ4V1dkU0YxQ2YzYUg3dDdsTHdWeXFwQ0dSMGpwc0xlR25XUlpKWW5VenlGL1F5ZzlpckFyYzBpdjdGckFwS2N0eDJjPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.news8000.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1697
content-length
482
expires
0
692.json
id5-sync.com/g/v2/ 		213 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_450266_11887.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.110 , Germany, ASN16276 (OVH, FR),
Reverse DNS
p23.id5-sync.com
Software
/
Resource Hash
051b26c75dfc7a56a8ee742a322269268d2bf85b25fc8a05ca5163c1e89892ad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.news8000.com
Date
Sun, 24 Oct 2021 02:13:33 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=dhZp9nwwNVNBS1JFRmhoTGh6M2xIeW9IMExUTUEwQW44RTFhMFJtbC9ZdG52QXN4amtHRTF0SEdqR1ljR3JPWnIzSFlGUGI3OERSVFFhTWFjMTZOdFRNL2VheTlzSG9RUElidHo1KzFUU3NuL1c3NDlnaG1WcFplaFR3cGRtbDZUT0RwMHRyRktTQ3BENERteGRzMnR2NWJ3K1FyYUd3ZUIvS3RrOU1RV1F6aHJ4V1dkU0YxQ2YzYUg3dDdsTHdWeXFwQ0dSMGpwc0xlR25XUlpKWW5VenlGL1F5ZzlpckFyYzBpdjdGckFwS2N0eDJjPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
871
date
Sun, 24 Oct 2021 02:13:33 GMT
content-encoding
gzip
vary
Accept-Encoding
sync
translator.a-mo.net/ Frame DBEC 		90 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://translator.a-mo.net/sync?tagId=&ref=https://www.news8000.com/&u=https://www.news8000.com/&v=5.1.0&vg=pbjs&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3333c063e90610b0e3827c741d06411316c4aadbe6f86b69957cf7701d4bbad9

Request headers

Referer
https://www.news8000.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 02:13:35 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
6a2fafd23d7e59d7-MXP
/
ssc-cms.33across.com/ps/ Frame 58AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=akGFn6kr0r64m5aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.175 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip175.208-100-17.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=akGFn6kr0r64m5aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.news8000.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Sun, 24 Oct 2021 02:13:35 GMT
pd
eu-u.openx.net/w/1.0/ Frame B6C0 		1006 B
859 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
d2110aeb75e64f00a6ddb402d4d80df2f542d5b1900e6a567c3495a5a4006ab2

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.news8000.com/
accept-encoding
gzip, deflate, br
cookie
i=2820a66f-6b69-42a1-b461-a34adadc7af5|1635041610
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=2820a66f-6b69-42a1-b461-a34adadc7af5|1635041610; Version=1; Expires=Mon, 24-Oct-2022 02:13:35 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1635041615|mOgeginskin0vNomiygu; Version=1; Expires=Mon, 08-Nov-2021 02:13:35 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.217.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 24 Oct 2021 02:13:35 GMT
content-type
text/html
content-length
542
content-encoding
gzip
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame F196 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.news8000.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=8944076163001898924
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Mon, 25 Oct 2021 02:13:37 GMT
Date
Sun, 24 Oct 2021 02:13:35 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 80AD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.news8000.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sun, 24 Oct 2021 02:13:35 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame D9D0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.news8000.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f; khaos=KV4LK5LO-3-C1G4; audit=1|naVuGyos1qr0+JoZ8+6jptproiWwdM6Zsj4aADY2PVIlMNVEfWi2yi3huw6VjTZCBmmOe3UAm2dWbJYqFlBp2CYbB5SW5XQ32YoH28FgeNCma+WVcS1g3g==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Oct 2021 02:13:35 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame EC19 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1635041612454
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1635041612454
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.news8000.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EF2A 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13194/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=157898
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.news8000.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=170049
expires
Tue, 26 Oct 2021 01:27:44 GMT
date
Sun, 24 Oct 2021 02:13:35 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame DBEC 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.news8000.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
usync.js
eus.rubiconproject.com/ Frame D9D0 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12548
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Sun, 24 Oct 2021 05:42:43 GMT
sd
eu-u.openx.net/w/1.0/ Frame B6C0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=gWPWxFpN1MEt0X5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=gWPWxFpN1MEt0X5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:35 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-09c412c5345d1bfc7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=gWPWxFpN1MEt0X5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B6C0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=46c992bb-9d21-480c-9f2e-b8c0ebaae9e5
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=46c992bb-9d21-480c-9f2e-b8c0ebaae9e5
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ce4d7ff4-5326-4ef7-998a-7d57489e2370&user_group=1&ssp=openx&bsw_param=46c992bb-9d21-480c-9f2e-b8c0ebaae9e5
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=46c992bb-9d21-480c-9f2e-b8c0ebaae9e5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=46c992bb-9d21-480c-9f2e-b8c0ebaae9e5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:36 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=46c992bb-9d21-480c-9f2e-b8c0ebaae9e5
Date
Sun, 24 Oct 2021 02:13:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame B6C0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8944076163001898924
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8944076163001898924
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:35 GMT
X-Proxy-Origin
185.232.23.182; 185.232.23.182; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8107ac66-1da2-4ebd-9db4-45c83f6d7759
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8944076163001898924
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame B6C0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBVktrN0M2WU1BQUI2MFBKMmYwUQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAVKk7C6YMAAB60PJ2f0Q&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAVKk7C6YMAAB60PJ2f0Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAVKk7C6YMAAB60PJ2f0Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.193 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:35 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAVKk7C6YMAAB60PJ2f0Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Date
Sun, 24 Oct 2021 02:13:35 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame B6C0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a20c6174-c14a-4500-afae-8d70bd53bbb5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a20c6174-c14a-4500-afae-8d70bd53bbb5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 24 Oct 2021 02:13:35 GMT
Server
MT3 4044 0c7f252 master zrh-pixel-x5 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a20c6174-c14a-4500-afae-8d70bd53bbb5
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 24 Oct 2021 02:13:34 GMT
sd
us-u.openx.net/w/1.0/ Frame B6C0
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Tpb-uBuW_e1Vxau8S5Lk6UmV-L1Vxqu6SZ4-USzj
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Tpb-uBuW_e1Vxau8S5Lk6UmV-L1Vxqu6SZ4-USzj
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Tpb-uBuW_e1Vxau8S5Lk6UmV-L1Vxqu6SZ4-USzj
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame B6C0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5428336153863699082
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5428336153863699082
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5428336153863699082
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame B6C0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=fb8c9936-c2ee-7d56-eeb7-6ba2befb4908&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B6C0 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDdlMzRhZmMtMGI5OS0yM2YyLWZiNTctMzExYjc0MTk4NzY4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B6C0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDLSYOwmHOMImqMrE1fWAKg&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDLSYOwmHOMImqMrE1fWAKg&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDLSYOwmHOMImqMrE1fWAKg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame EF2A 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14934915&p=157898&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d00a47cc403957b9a0546fcc0ae82bd5e29deadf35398a4194e502939a2b23b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:35 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame A6C9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 24 Oct 2021 02:13:35 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=5256140870281012116; expires=Thu, 23 Dec 2021 02:13:35 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sun, 24 Oct 2021 02:13:35 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Wed, 24 Nov 2021 02:13:35 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame E5A1
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7837863691364352680
42 B
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7837863691364352680
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7837863691364352680
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6; chkChromeAb67Sec=1; pi=157898:2; DPSync3=1635120000%3A174%7C1636243200%3A201_197_219; SyncRTB3=1637625600%3A203%7C1635638400%3A223%7C1636243200%3A13_161_56_220_21_3_8_7_54%7C1636329600%3A35; KRTBCOOKIE_27=16735-uid:a20c6174-c14a-4500-afae-8d70bd53bbb5&KRTB&16736-uid:a20c6174-c14a-4500-afae-8d70bd53bbb5&KRTB&23019-uid:a20c6174-c14a-4500-afae-8d70bd53bbb5&KRTB&23114-uid:a20c6174-c14a-4500-afae-8d70bd53bbb5; PUBMDCID=3; KRTBCOOKIE_377=6810-0183d758-ecd7-43a5-871a-56ca543c5b89&KRTB&22918-0183d758-ecd7-43a5-871a-56ca543c5b89&KRTB&23031-0183d758-ecd7-43a5-871a-56ca543c5b89; KRTBCOOKIE_1101=23040-7022450264033785995; SPugT=1635041614; KRTBCOOKIE_391=22924-1959269981770323908&KRTB&23263-1959269981770323908; PugT=1635041615; KRTBCOOKIE_57=22776-8944076163001898924; KRTBCOOKIE_153=19420-zqYzHJumMEnV9WYYy6IpTcmlNRnV9mYeya75TG-4&KRTB&22979-zqYzHJumMEnV9WYYy6IpTcmlNRnV9mYeya75TG-4; KRTBCOOKIE_80=22987-CAESEAHO6beFf-_S0NJrbN9SgYI&KRTB&16514-CAESEAHO6beFf-_S0NJrbN9SgYI&KRTB&23025-CAESEAHO6beFf-_S0NJrbN9SgYI; KRTBCOOKIE_699=22727-AAAVKk7C6YMAAB60PJ2f0Q
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 24 Oct 2021 02:13:36 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-7837863691364352680; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 23-Nov-2021 02:13:36 GMT; path=/ PugT=1635041616; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 23-Nov-2021 02:13:36 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 22-Jan-2022 02:13:36 GMT; path=/
x-lat
lhrpug002:0:476
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7837863691364352680
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame D02D 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 24 Oct 2021 02:13:35 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Sun, 24 Oct 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
405251
Pug
simage2.pubmatic.com/AdServer/ Frame A275
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7022450264033785995
42 B
311 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7022450264033785995
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7022450264033785995
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6; chkChromeAb67Sec=1; pi=157898:2; DPSync3=1635120000%3A174%7C1636243200%3A201_197_219; SyncRTB3=1637625600%3A203%7C1635638400%3A223%7C1636243200%3A13_161_56_220_21_3_8_7_54%7C1636329600%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 24 Oct 2021 02:13:34 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7022450264033785995; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 23-Nov-2021 02:13:34 GMT; path=/ PugT=1635041614; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 23-Nov-2021 02:13:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 22-Jan-2022 02:13:34 GMT; path=/
x-lat
amspug020:0:405
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sun, 24 Oct 2021 02:13:35 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7022450264033785995; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7022450264033785995
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EF2A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TB4KS7p1Q16qpqjzqxKb5g%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:35 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=170049
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Tue, 26 Oct 2021 01:27:44 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame EF2A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a20c6174-c14a-4500-afae-8d70bd53bbb5
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a20c6174-c14a-4500-afae-8d70bd53bbb5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 24 Oct 2021 02:13:35 GMT
Server
MT3 4044 0c7f252 master zrh-pixel-x1 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a20c6174-c14a-4500-afae-8d70bd53bbb5
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 24 Oct 2021 02:13:34 GMT
mw
mwzeom.zeotap.com/ Frame EF2A
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6
  • https://spl.zeotap.com/?zdid=1332&zcluid=485bd5705c960048
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1c442f0b-76ea-41c7-51ab-3326b1072b08&reqId=e4f4bcd2-c52e-4ead-6709-a64b503739c2&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELhQFLwM7aD9P15La6N3lK8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1c442f0b-76ea-41c7-51ab-3326b1072b08&reqId=e4f4bcd2-c52e-4ead-6709-a64...
95 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESELhQFLwM7aD9P15La6N3lK8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1c442f0b-76ea-41c7-51ab-3326b1072b08&reqId=e4f4bcd2-c52e-4ead-6709-a64b503739c2&zcluid=485bd5705c960048&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6a2fafd44d463757-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESELhQFLwM7aD9P15La6N3lK8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1c442f0b-76ea-41c7-51ab-3326b1072b08&reqId=e4f4bcd2-c52e-4ead-6709-a64b503739c2&zcluid=485bd5705c960048&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EF2A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEMxRTBBNEItQkE3NS00MzVFLUFBQTYtQThGM0FCMTI5QkU2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:35 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:368
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EF2A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAHO6beFf-_S0NJrbN9SgYI&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAHO6beFf-_S0NJrbN9SgYI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:35 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:379
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAHO6beFf-_S0NJrbN9SgYI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame EF2A 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 23 Oct 2021 02:13:35 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EF2A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a20c6174-c14a-4500-afae-8d70bd53bbb5&gdpr=0&gdpr_consent=
42 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a20c6174-c14a-4500-afae-8d70bd53bbb5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:34 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:379
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 24 Oct 2021 02:13:35 GMT
Server
MT3 4044 0c7f252 master zrh-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a20c6174-c14a-4500-afae-8d70bd53bbb5&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 24 Oct 2021 02:13:34 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EF2A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1959269981770323908
42 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1959269981770323908
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:35 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:420
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1959269981770323908
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame EF2A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0183d758-ecd7-43a5-871a-56ca543c5b89
42 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0183d758-ecd7-43a5-871a-56ca543c5b89
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:34 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:434
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0183d758-ecd7-43a5-871a-56ca543c5b89
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame EF2A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8944076163001898924&gdpr=0&gdpr_consent=
42 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8944076163001898924&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:35 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:361
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:35 GMT
X-Proxy-Origin
185.232.23.182; 185.232.23.182; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a16bcd6c-7d99-4df5-a01e-097e869bdcd0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8944076163001898924&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EF2A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zqYzHJumMEnV9WYYy6IpTcmlNRnV9mYeya75TG-4
42 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zqYzHJumMEnV9WYYy6IpTcmlNRnV9mYeya75TG-4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:35 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:430
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zqYzHJumMEnV9WYYy6IpTcmlNRnV9mYeya75TG-4
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame EF2A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YikQyspE2uUMc3i3gR4za5thmYp79UM-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YikQyspE2uUMc3i3gR4za5thmYp79UM-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 24 Oct 2021 02:13:35 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YikQyspE2uUMc3i3gR4za5thmYp79UM-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 6EDC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3f44bbf59a3038d2a7bb4dad1b185cdcf453669367ec862a5b12fdb0b579f580

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YXTBTy5df63NKLeLY0HE8gAA; CMPS=5204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|241|230|4|90|40|51
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1581
Expires
Sun, 24 Oct 2021 02:13:35 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:35 GMT
Connection
keep-alive
Set-Cookie
CMID=YXTBTy5df63NKLeLY0HE8gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 24 Oct 2022 02:13:35 GMT CMPS=5204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 22 Jan 2022 02:13:35 GMT CMPRO=1131;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 22 Jan 2022 02:13:35 GMT CMRUM3=336174c14f05a0&f16174c14f05a0&046174c14f05a0&2d6174c14f05a0&286174c14f05a00&e66174c14f2760&276174c14f0b40&5a6174c14f05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 24 Oct 2022 02:13:35 GMT CMST=YXTBT2F0wU8A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 25 Oct 2021 02:13:35 GMT

Redirect headers

Server
Apache
Content-Length
339
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 24 Oct 2021 02:13:35 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:35 GMT
Connection
keep-alive
Set-Cookie
CMID=YXTBTy5df63NKLeLY0HE8gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 24 Oct 2022 02:13:35 GMT CMPS=5204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 22 Jan 2022 02:13:35 GMT
async_usersync
ib.adnxs.com/ Frame F196 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:35 GMT
X-Proxy-Origin
185.232.23.182; 185.232.23.182; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
fffcf3c5-76cf-4141-a4ff-bc5eb7b3c8d0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D9D0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVjODkxYzU2OGVmOTE1MDVmZmQzOWYzMDZhNTBhNDkyZmU5ZmVlMQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVjODkxYzU2OGVmOTE1MDVmZmQzOWYzMDZhNTBhNDkyZmU5ZmVlMQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVjODkxYzU2OGVmOTE1MDVmZmQzOWYzMDZhNTBhNDkyZmU5ZmVlMQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D9D0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ATmsL4Dd7Md60GMJRG83cw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4814267418406014771
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4814267418406014771
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
Content-Type
image/gif

Redirect headers

date
Sun, 24 Oct 2021 02:13:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4814267418406014771
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame D9D0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TEs1TE8tMy1DMUc0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TEs1TE8tMy1DMUc0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TEs1TE8tMy1DMUc0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D9D0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a20c6174-c14a-4500-afae-8d70bd53bbb5&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a20c6174-c14a-4500-afae-8d70bd53bbb5&expires=28
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
Content-Type
image/gif

Redirect headers

Date
Sun, 24 Oct 2021 02:13:35 GMT
Server
MT3 4044 0c7f252 master zrh-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a20c6174-c14a-4500-afae-8d70bd53bbb5&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 24 Oct 2021 02:13:34 GMT
709414.gif
id.rlcdn.com/ Frame D9D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame D9D0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YXTBSgAAAFt7iAAR
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YXTBSgAAAFt7iAAR
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1635041616.849188,VS0,VE0
x-served-by
cache-hhn4047-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YXTBSgAAAFt7iAAR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame D9D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGwuY2z1EOU0PEi0UIF-eOs&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGwuY2z1EOU0PEi0UIF-eOs&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGwuY2z1EOU0PEi0UIF-eOs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame D9D0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
casale
match.adsrvr.org/track/cmf/ Frame 6EDC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 6EDC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXTBTy5df63NKLeLY0HE8gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdr47lff6GWiqlzPJpeYWo&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdr47lff6GWiqlzPJpeYWo&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 24 Oct 2021 02:13:36 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdr47lff6GWiqlzPJpeYWo&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6EDC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXTBTy5df63NKLeLY0HE8gAABGsAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXTBTy5df63NKLeLY0HE8gAABGsAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXTBTy5df63NKLeLY0HE8gAABGsAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6S1JA1WMQ5GE6NB7D1C4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RR5RY054H7ZXHRCXEWV8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXTBTy5df63NKLeLY0HE8gAABGsAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6EDC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXTBTy5df63NKLeLY0HE8gAABGsAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAx0PNde_-GLlOkMEkWdgNA&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAx0PNde_-GLlOkMEkWdgNA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 24 Oct 2021 02:13:36 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAx0PNde_-GLlOkMEkWdgNA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6EDC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4061321676367055149
43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4061321676367055149
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 24 Oct 2021 02:13:36 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4061321676367055149
pragma
no-cache
date
Sun, 24 Oct 2021 02:13:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
no_match_opted_out
um.simpli.fi/ Frame 6EDC
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Oct 2021 02:13:36 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Sun, 24 Oct 2021 02:13:35 GMT
x-content-type-options
nosniff
server
openresty
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 23 Oct 2021 02:13:35 GMT
sync
x.bidswitch.net/ Frame 6EDC 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-195-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 6EDC 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YXTBTy5df63NKLeLY0HE8gAA%261131
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:13:35 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2378
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 24 Oct 2021 02:53:13 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 7AAE
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.news8000.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.142.27 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
59c7d6c395c85a49ec61f341ff7a5997d001a1739166c0be4a2c106f3395000b

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum-sec.casalemedia.com/
accept-encoding
gzip, deflate, br
cookie
EQUser=UID=41dd9129-974c-4016-be2a-623c24a59107
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Sun, 24 Oct 2021 02:13:36 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sun, 24 Oct 2021 02:13:36 GMT
pragma
no-cache

Redirect headers

date
Sun, 24 Oct 2021 02:13:36 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=41dd9129-974c-4016-be2a-623c24a59107; Path=/; Domain=eqads.com; Expires=Mon, 24 Jan 2022 02:13:36 GMT; Secure; SameSite=None
crum
dsum-sec.casalemedia.com/ Frame 7AAE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=41dd9129-974c-4016-be2a-623c24a59107&expiration=1642990416
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 24 Oct 2021 02:13:36 GMT
async_usersync
ib.adnxs.com/ Frame F196 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:13:36 GMT
X-Proxy-Origin
185.232.23.182; 185.232.23.182; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0a6cd240-e2ae-42e8-b485-0abb28dd33c9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame EF2A 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157898&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:13:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssum.casalemedia.com
URL
https://ssum.casalemedia.com/usermatchredir?s=184932&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
Domain
rtb.openx.net
URL
https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24%7BUID%7D
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/rtset?gdpr=1&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%25%25VGUID%25%25
Domain
sync.springserve.com
URL
https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us.gif?gdpr=1&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000013%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BUID%5D
Domain
sync.springserve.com
URL
https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=fb70fb2b-346f-11ec-88a7-10b91cd50106
Domain
pbs.publishers.tremorhub.com
URL
https://pbs.publishers.tremorhub.com/pubsync?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/getuid?gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/pbsync?gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000017%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58518/occ?gdpr=1&gdpr_consent=
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_ce4fc4d9-a2a4-4b58-9990-7437e58937cc&obuid=ENC(bcTWRMJz77I4sCzKh-1bdnSkhjMw_tb8AD_WRpDsFx6AG3M98Mnlou1DawdFEZ1i)
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
amp.akamaized.net
URL
https://amp.akamaized.net/players/9.1.1+premier/akamai/amp/core/amp.min.css
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3_dai.js
Domain
amp.akamaized.net
URL
https://amp.akamaized.net/players/9.1.1+premier/akamai/amp/imadai/Imadai.js
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
amp.akamaized.net
URL
https://amp.akamaized.net/players/9.1.1+premier/akamai/amp/ima/Ima.min.js
Domain
amp.akamaized.net
URL
https://amp.akamaized.net/players/9.1.1+premier/akamai/amp/chromecast/Chromecast.min.css
Domain
amp.akamaized.net
URL
https://amp.akamaized.net/players/9.1.1+premier/akamai/amp/chromecast/Chromecast.min.js
Domain
amp.akamaized.net
URL
https://amp.akamaized.net/players/9.1.1+premier/akamai/amp/react/libs/react.min.js

Verdicts & Comments Add Verdict or Comment

285 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| ad_slots_refresh object| gtx_ads_conf object| googletag function| gtx_enable_dfp object| oDv object| oVa string| oDevice number| optimeraTimeout object| dataLayer object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper object| _wpemojiSettings object| otStubData undefined| $ function| jQuery object| RAYOS object| html5 object| Modernizr function| yepnope function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| classie function| EventEmitter object| eventie function| imagesLoaded function| getStyleProperty function| docReady object| lightboxSettings object| stlib boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus boolean| sop_pview_logged string| stWidgetVersion object| stLight boolean| st_showing number| _sf_startpt object| _sf_async_config object| _cb_shared object| _cc15032 object| LOTCC object| rayos_siteaud number| user_logged_in string| logout_url object| vmpbjs object| vpb object| wxWidgetsJsonp object| regeneratorRuntime object| __AMPLITUDE__ object| wxWidgets object| wxMicroWidgets object| wxSunWidgetEventEmitter object| wxMapboxPlaceholder function| cnxps function| TNStats_Tracker object| TNTracker object| slotData object| FB object| __connect object| _min object| _min_tv object| _tvp boolean| _editor_tv_loaded object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| twemoji object| wp string| p string| gaProperty string| disableStr string| group undefined| delete_cookie function| gaOptout boolean| ga-disable- boolean| is_active number| refresh_rate string| refresh_limit string| refresh_counter object| Optanon object| OneTrust string| p1179073821 number| p1179073822 function| p1179073823 function| p1179073819 function| p1179073817 function| p1179073829 function| p1179073826 function| p1179073824 function| p1179073800 function| p1179073805 function| p1179073791 function| p1179073790 function| p1179073788 function| p1179073781 function| oEnableNullChecklistener_ function| p1179073808 function| p1179073772 function| oPageUnload function| p1179073701 function| p1179073706 function| p1179073825 number| p1179073691 string| p1179073692 object| p1179073693 object| p1179073694 boolean| p1179073695 number| p1179073697 number| p1179073698 object| p1179073719 string| p1179073761 number| p1179073702 object| p1179073769 string| p1179073737 string| p1179073738 object| p1179073775 number| p1179073776 boolean| p1179073780 number| p1179073782 boolean| p1179073784 boolean| p1179073810 boolean| p1179073809 boolean| oAudienceListenerEnabled_ object| p1179073786 string| oParentHostname_ string| oParentPathname_ boolean| p1179073787 boolean| p1179073789 number| p1179073804 boolean| p1179073806 number| p1179073807 object| p1179073796 object| oAdSlots_ object| otkjs boolean| p1179073827 boolean| p1179073828 string| p1179073746 function| p1179073699 string| p1179073700 boolean| p1179073768 boolean| p1179073748 object| p1179073747 string| p1179073766 number| p1179073750 object| opbjs object| oaudLibjs object| ovpjs number| p1179073749 object| google_tag_manager object| _cbm object| jQuery112408341251082131214 function| updateViewportDimensions object| viewport function| waitForFinalEvent number| timeToWaitForLast function| loadGravatars boolean| pp_alreadyInitialized number| p1179073703 string| oUrl_ undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| ggeac object| google_js_reporting_queue object| google_tag_data string| GoogleAnalyticsObject function| ga number| oIndex4_ number| p1179073718 boolean| _minAlreadyLoaded object| gtx_ad_man object| apsSlots object| apsLazySlots number| adSlotTimeout number| adSlotLoad function| get_ad_position function| get_ad_placement_suffix function| gtx_ad_lazy_load object| apstag function| PhotoSwipeUI_Default function| PhotoSwipe object| Main function| renderInvisibleReCaptcha function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox object| from_php function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _qevents boolean| doresize object| scroll_pos boolean| hashtag string| image string| message function| gtag object| gaplugins object| gaGlobal object| gaData object| __ctcg_65349_0_exec function| onYouTubeIframeAPIReady boolean| apstagLOADED function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| vmpbjsChunk object| _pbjsGlobals object| recaptcha object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id boolean| inDapIF boolean| inGptIF object| dicnf number| google_srt object| viewReq function| vu number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ object| yl_logger object| GoogleGcLKhOms object| google_image_requests

74 Cookies

Domain/Path Name / Value
www.news8000.com/ Name: _cb_ls
Value: 1
www.news8000.com/ Name: minVersion
Value: {"experiment":-1169967520,"minFlavor":"prodmi-1.13.7.12.js100"}
www.news8000.com/ Name: ga-disable-
Value: true
.facebook.com/ Name: fr
Value: 08CkTR251WdHFJwXf..BhdMFK...1.0.BhdMFK.
.www.news8000.com/ Name: minUniq
Value: %7B%22minUID%22%3A%22427b21fd61-89edbe743b-f7d4cc8ad6-47230f6b01-1f30bfd9dd%22%7D
.www.news8000.com/ Name: minSession
Value: %7B%22minSID%22%3A%22ce12239b27-e8af4d451a-df1f6951c2-88bb7ab2f9-5b401bcc74%22%2C%22minSessionSent%22%3Atrue%7D
.www.news8000.com/ Name: minDaily
Value: %7B%22testMode%22%3Afalse%2C%22dailyUser%22%3Atrue%7D
.www.news8000.com/ Name: minBuffer
Value: %7B%22minAnalytics%22%3A%22%7B%5C%22clicks%5C%22%3A%5B%5D%7D%22%2C%22_minEE1%22%3A%22%5B%5D%22%7D
.www.news8000.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Sun+Oct+24+2021+02%3A13%3A30+GMT%2B0000+(GMT)&version=6.17.0&hosts=&landingPath=https%3A%2F%2Fwww.news8000.com%2F&groups=
.news8000.com/ Name: _gid
Value: GA1.2.232399919.1635041610
.news8000.com/ Name: _dc_gtm_UA-23109173-1
Value: 1
.postrelease.com/ Name: opt_out
Value: 1
.adtelligent.com/ Name: vmuid
Value: 39fed9b2b2325922
.news8000.com/ Name: _ga_7L9520XTNE
Value: GS1.1.1635041610.1.0.1635041610.0
www.news8000.com/ Name: ntvSession
Value: {"id":1418815,"placementID":729212,"lastInteraction":1635041610616,"sessionStart":1635041610616,"sessionEndDate":1635120000000,"experiment":""}
.spotxchange.com/ Name: audience
Value: fb70fb2b-346f-11ec-88a7-10b91cd50106
.gumgum.com/ Name: vst
Value: e_ce4fc4d9-a2a4-4b58-9990-7437e58937cc
.news8000.com/ Name: _ga
Value: GA1.2.1323862419.1635041610
.quantserve.com/ Name: mc
Value: 6174c14a-bb035-e1211-ab619
.news8000.com/ Name: __qca
Value: P0-1896199046-1635041610758
.openx.net/ Name: i
Value: 2820a66f-6b69-42a1-b461-a34adadc7af5|1635041610
.adnxs.com/ Name: uuid2
Value: 8944076163001898924
.mathtag.com/ Name: uuid
Value: a20c6174-c14a-4500-afae-8d70bd53bbb5
obs.cheqzone.com/ Name: cg_uuid
Value: bb07774428de09770cdb31aa33ac772a
.creativecdn.com/ Name: u
Value: PTWMJCKGPxQm6vJ0900O
.creativecdn.com/ Name: ts
Value: 1635041610
.adsrvr.org/ Name: TDID
Value: 0183d758-ecd7-43a5-871a-56ca543c5b89
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjS2MDE0NjQ1NRDiM9Q1yDXJdQ0O8HI31Y2X4jU0MzY1MDE0A6q1NAYABhXNszQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFslxmtoZmxqYGJoZmhgYWkCAIrsogYQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjS2MDE0NjQ1NRDiM9Q1yDXJdQ0O8HI31Y0HAJWCjX8lAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YXTBSgAAAFt7iAAR
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f49fde50-06d2-4f7e-a417-5f70b050a687-003%22%7D
.360yield.com/ Name: tuuid
Value: 1a8d102a-450f-455d-94c3-ed911bfd902f
.360yield.com/ Name: tuuid_lu
Value: 1635041610
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f49fde50-06d2-4f7e-a417-5f70b050a687-003%22%7D
.smartadserver.com/ Name: pid
Value: 43394786434762142
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 5a2f2a6e2507622f
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.outbrain.com/ Name: obuid
Value: c042089c-00cf-4cbc-aaa9-d4116a5fb074
www.news8000.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.news8000.com/ Name: _pubcid
Value: a8e818bd-99dd-4508-8c6b-9c534090247b
.ipredictive.com/ Name: cu
Value: fbc15baf-346f-11ec-8b08-495c96b09bc0|1635041611141
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f
.go.sonobi.com/ Name: HAPLB5A
Value: s56128|YXTBT
.springserve.com/ Name: ssid
Value: 9679919b-2df0-4338-b585-56775752e40a
.doubleclick.net/ Name: IDE
Value: AHWqTUmbOYBADVZ0YHKgIpOvvUjczVQ-2QnLDRUm5_7OJXLzjNEnvtKVlk4R-sXaNnA
.3lift.com/ Name: tluid
Value: 16571563108401443499
.rubiconproject.com/ Name: khaos
Value: KV4LK5LO-3-C1G4
.advertising.com/ Name: APID
Value: UPfbeb5201-346f-11ec-b261-02baf75e00f4
.news8000.com/ Name: __gads
Value: ID=c9a3ed324007e7b9:T=1635041611:S=ALNI_Mad_wo050MuThC9rpWmb_huOouHnQ
.a-mo.net/ Name: amuid2
Value: b6184fc3-9dc4-4cf6-9d72-6cf73e96aefb
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qr0+JoZ8+6jptproiWwdM6Zsj4aADY2PVIlMNVEfWi2yi3huw6VjTZCBmmOe3UAm2dWbJYqFlBp2CYbB5SW5XQ32YoH28FgeNCma+WVcS1g3g==
prebid.a-mo.net/ Name: __amc
Value: 2_1635041611_1635041612
www.news8000.com/ Name: _lr_retry_request
Value: true
www.news8000.com/ Name: _lr_env_src_ats
Value: false
www.news8000.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%220183d758-ecd7-43a5-871a-56ca543c5b89%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-09-24T02%3A13%3A34%22%7D
www.news8000.com/ Name: cto_bundle
Value: R9wc0V9UeCUyRkVFNEl3R1BhTHoyJTJGcVFZZWNUTFg1UVpUeDN4cTYwSHZuZ0JwUlk5WGloNkNtS2x3WlZWTUdvQzhhMVRNd0lhRDJScXFQYjVNRHhpTlh0T2l0TFFYamFERVAwenpFQkJFOFJ3YkI2JTJCNWluNml4NEdRd1p1TVlUYjJtM1RBOA
www.news8000.com/ Name: cto_bidid
Value: -g8bFV9rRHBrUG1NYzVZY1dYQXV0WTFPZmw1SmF1eWVjQzQlMkZPVXRjaExxUmM3alg1UndtTnMyNm5yRUhHR1k1ZklLQ1Z2a014NnpObjY0VzZIJTJCM2ExZUNlMUElM0QlM0Q
.openx.net/ Name: pd
Value: v2|1635041615|mOgeginskin0vNomiygu
.ads.pubmatic.com/ Name: KCCH
Value: YES
.bidswitch.net/ Name: tuuid
Value: 46c992bb-9d21-480c-9f2e-b8c0ebaae9e5
.bidswitch.net/ Name: c
Value: 1635041615
.bidswitch.net/ Name: tuuid_lu
Value: 1635041615
eus.rubiconproject.com/ Name: pux
Value: 1512%3D103538%262249%3D103538%262307%3D103538%262974%3D103538%263778%3D103538%262249-DV360-Hosted%3D103538%26goog%3D103538%26idl%3D103538%26
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4C1E0A4B-BA75-435E-AAA6-A8F3AB129BE6
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 157898:2
.pubmatic.com/ Name: DPSync3
Value: 1635120000%3A174%7C1636243200%3A201_197_219
.pubmatic.com/ Name: SyncRTB3
Value: 1637625600%3A203%7C1635638400%3A223%7C1636243200%3A13_161_56_220_21_3_8_7_54%7C1636329600%3A35
.w55c.net/ Name: wfivefivec
Value: gWPWxFpN1MEt0X5
.quantserve.com/ Name: d
Value: ELoBEQHHJPijCJiTAA
.w55c.net/ Name: matchopenx
Value: 5
.yahoo.com/ Name: A3
Value: d=AQABBE_BdGECEAc60OB6hv6ny68BpXxYfvUFEgEBAQESdmF-YQAAAAAA_eMAAA&S=AQAAAhOpNGTyw5rqnvxDhBl8EWM
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwish46wvaeLOhAFGAEgASgCMgsIrP-Q3dOnizoQBTgBWghwdWJtYXRpY2AC

7 Console Messages

Source Level URL
Text
javascript warning URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=univtec.trial&version=9.1.1(Line 18)
Message:
Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript warning URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=univtec.trial&version=9.1.1(Line 18)
Message:
Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript warning URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=univtec.trial&version=9.1.1(Line 18)
Message:
Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6d737814fd16de3b0a3a7c673cec74ec.safeframe.googlesyndication.com
acdn.adnxs.com
ad.360yield.com
ad.crwdcntrl.net
ad.turn.com
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
amp.akamaized.net
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
apv-launcher.minute.ly
b1sync.zemanta.com
bh.contextweb.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cd.connatix.com
cdn.cookielaw.org
cdn.jsdelivr.net
cdn.polyfill.io
cdn1.opstag.com
cdnjs.cloudflare.com
cds.connatix.com
cm.g.doubleclick.net
code.jquery.com
colossusssp.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
counter.snackly.co
creativecdn.com
cs.emxdgt.com
d15kdpgjg3unno.cloudfront.net
d5p.de17a.com
dgtonline.net
dis.criteo.com
dlxpix.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dyv1bugovvq1g.cloudfront.net
eb2.3lift.com
engine.univtec.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
jadserve.postrelease.com
js-sec.indexww.com
l.sharethis.com
log.outbrainimg.com
mab.chartbeat.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
maxcdn.bootstrapcdn.com
mug.criteo.com
mwzeom.zeotap.com
ntvcld-a.akamaihd.net
ob.cheqzone.com
obs.cheqzone.com
onetag-geo.s-onetag.com
onetag-sys.com
os4m-d.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pbs.publishers.tremorhub.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
player.adtcdn.com
player.adtelligent.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
pubads.g.doubleclick.net
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.ntv.io
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
snippet.minute.ly
spl.zeotap.com
sqs.us-east-1.amazonaws.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.chartbeat.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.springserve.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tag.1rx.io
tags.crwdcntrl.net
tcheck.outbrainimg.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
translator.a-mo.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
uuid
vid-io-dub.springserve.com
vid.springserve.com
widget-pixels.outbrain.com
widgets.media.weather.com
widgets.outbrain.com
wpcdn.us-east-1.vip.tn-cloud.net
ws.sharethis.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.news8000.com
x.bidswitch.net
ads.yieldmo.com
amp.akamaized.net
bh.contextweb.com
eb2.3lift.com
imasdk.googleapis.com
pbs.publishers.tremorhub.com
pixel.advertising.com
rtb.openx.net
ssum.casalemedia.com
sync.go.sonobi.com
sync.outbrain.com
sync.springserve.com
tg.socdm.com
ups.analytics.yahoo.com

104.109.78.125
104.18.211.41
13.248.242.197
142.250.186.130
142.250.186.98
147.75.38.124
150.136.222.2
151.101.1.194
151.101.130.137
151.101.66.49
159.253.128.183
169.197.150.8
172.217.23.98
178.162.133.150
178.250.0.163
178.250.2.146
18.156.0.31
18.195.155.181
18.196.195.54
18.66.112.63
18.66.112.65
18.66.112.89
18.66.97.88
184.31.84.150
185.184.8.65
185.29.132.241
185.33.221.50
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.86.137.122
185.94.180.125
192.104.183.130
193.0.160.129
198.148.27.140
198.47.127.20
199.187.193.193
2.16.107.122
2.18.232.130
2.18.232.28
2.18.233.180
2.18.234.163
2.18.234.190
2.18.234.21
2.19.35.65
2001:4de0:ac18::1:a:3b
2001:678:cb4:bbbb::11
205.185.216.42
208.100.17.175
213.155.156.168
213.174.135.1
213.19.147.42
213.19.147.45
216.52.2.19
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:223c:c200:18:1fcd:34f:cdc1
2600:9000:223c:d600:6:44e3:f8c0:93a1
2600:9000:223d:ce00:3:c04e:c780:93a1
2600:9000:223e:b400:11:b309:9100:21
2600:9000:223e:ec00:5:82fd:2500:21
2602:803:c003:200::21
2606:4700:10::6816:1857
2606:4700:10::6816:33f0
2606:4700:20::681a:a06
2606:4700:3034::ac43:b0e7
2606:4700:3037::6815:3471
2606:4700::6810:135e
2606:4700::6810:5814
2606:4700::6810:9540
2606:4700::6812:bcf
2606:4700::6813:9e13
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:400c:c1b::9d
2a02:2638:1::13
2a02:26f0:7100:48d::3282
2a02:26f0:7100::1720:ee33
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::714
2a04:4e42:600::282
2a05:d018:d29:3602:dabc:e8e1:b53a:329
2a0c:5c81:5142::2
3.124.10.167
3.124.143.99
3.124.181.115
3.220.82.225
3.236.169.96
34.120.133.55
34.149.20.76
34.200.155.146
34.204.22.100
34.232.92.67
34.243.159.23
34.254.122.11
35.156.217.79
35.210.53.219
35.244.159.8
35.244.174.68
37.157.4.25
37.252.172.38
50.31.142.191
51.210.112.63
51.89.7.110
51.89.9.251
52.16.214.249
52.222.210.175
52.222.214.22
52.222.236.10
52.31.202.1
52.46.133.124
52.48.137.92
54.197.28.239
54.208.142.27
66.155.71.25
67.199.248.12
70.42.32.31
8.2.111.126
8.43.72.98
85.114.159.118
00acd3662d3193fd72496228543edb38a3c7a8969b60a89923c430a915c878d1
00bdab76d1f7cd9f9f7a418c27ba6de8384c7b0fa8dfbbef923a8eaffe507071
0190073142437593f69fcf93088148239125f1a6c368df01614304170d8892d8
019fe96d013011d279e6f2f51924633e5119fef76b0a8527fce8e3d8b3dc13fc
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0317d183fdb3ea1c52d86476dfa25bc46f785c442dd372c655fdbfbae52c8246
047ff7cfd5956ecf06bd9fc9fd123772f2c5825cce3d124418ba418d540a5b98
04d01b4ab00c5e8435e816af1d0e0c5a4cb9a9028cc843ad8a477485d0dc9acb
051b26c75dfc7a56a8ee742a322269268d2bf85b25fc8a05ca5163c1e89892ad
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d6af2406ecbb1b8c3f01f5c27275e2904f702122dc6c694b589bf35d141b15
06f48ed74dee932f532078dd2855a2200902b9b67ff809b9ff78701f4d7ef143
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
099d5a93d27e43c40b29b9f45a57492ca8d87ee45d14d7a83d0ff39735822b3a
0af8a96bdafac836eb0b60e58e3344589ad0ecce793c781ae0ae9206d7de94c0
0b2a741489fb323cd96e2b546693ca1fc7151cfa0f2111eee4dd512e6b359941
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cb5fa14f9ce2d712b463e11e13f635a0ff48ca6354fd10650b3fcf36566c471
0e2a6e9c68e094040d0225fa290823792af66f313ac3625fafff49d9038dc823
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f7e7c1e557d4db0925b3381a9eb74b4578f79457cb2b52e0414dc08ef7c1df4
0f8d1b64af4570eb22e5e5d4973055c60739d743a75c7b8f9fbe114813397ca1
100bfeb6d7dcf82121307e32a1885cda01d7758d0e0b1974dba5e9b4ddbb6f06
10aa42531ac9ce46c8a113133eb2a9ece9e537215cdf258fe65c4d2eb4662343
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
1271b77745fede3f551183c51c2464cd76864c092d484e829c560be053d08cde
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15b8a699fb10b062f1d7ae5386082ec49295e013c64964eb8218b6e5ae48c130
165b76be3d695c12e2791b47346f4267fb885d8c9d1adc308e8e0130d985b7fe
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189e83fee12e251b88b39293c7404b1d97151a06e03d592ff769f64dcf58ecd1
194a24f0310167ad53e1e7ae75df64d0755ca36fe5d9c38726f60e6c0e0be2d8
196d453bda8e93c87f7b5e535df26dcbd0cf1c8a13c72e946386617bd6d1e2b5
199cf9591c8411559d63afdb76606c2e482668bce6345d796ae3414599b5e266
1a889b5b51282b57fa01601833ce1cdacfad915bc014ff1719cd495fcbce75aa
1bdb5ac405f2458baf685f9d0372813dd7d89832a1c1d99b37c7e7267e0bcc27
1ccf9aa4385c97f9258ff3ee7da754958c5639e08b3f03fb460dbcdee0a676fb
1d756059ae28513267cbb302d12e9691dd0f5f0ba656969a163cf660deaa166a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1df58d62e3a708876b32249b925a9f246e0a14a1fe1e54bebb35c8b5ffe72ac2
1ebd031eaf39d8b9d8ca3ae8d125f3b06988385df29c13409b4ce517ce5fcdc6
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1ef03b81695295b6d5e9d51adce5a46f0b9446306452f2fddbd41809f12659e0
1f823651e175cd56323817a2b359056762a44341b91e03bfb2877bcf89d31403
200963ab4a498d1553cfca2e0b92a4ba127453c1e06f05fb92eb4d78decf2374
2039bf2d812091ca02a8482ad934ffe8cae0b0cc0a29580e6f3faf57f9fb8910
21f0406a0bb2c1dc5967c28387a41308852f78913d4ca3962e7110b09c062d62
22203adddbf362b6726eaa3aa6cca1e92eebcdf24b5ef9d84132b11b4889f9aa
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22a88b5cb0367a570872d01efc22e9d4b51f7fc9525557bcd7e4bb8271a082fe
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
26b2c76d113c605500a8de27913a7194faf50f61f0a3673be152ed1d6dbd6400
26f81fa6ee8dc03679db9295294de583846520fa1f23630bf54b68e357bf13f6
28cbc62defd6b0e423b7cb16098a18861300be5117f487445671c70f7f1d81b8
296da1cbb1aa101678727bcef186513ea6706975acc9bd5ad6f181b6ac6a5dc4
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2c364fa179e5fdc4c250f2575d8854fd835049ef55e9efda77b7675f751a11c2
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9
2d70e55623e1898d04bb52babb16f05437b2eb5e20889b0b07cea6e6053ca377
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ef7d832fabc0394a37115aca932aeeacc791cca46bdc6503e4cf8e07911ca90
2f9bcab78ea4d984bb956c70fb66ed055d47051f262d6e15ae5c11fb8093e916
322bf3797b194ae22aafa05a366471210116b26feeef7ea074752efff0b7f061
3333c063e90610b0e3827c741d06411316c4aadbe6f86b69957cf7701d4bbad9
33d1255c335c1aaaa994fae6c818de271a60079fb0c66e95b3edd720969f7a26
3504f24cd0137e3918b062e68fc848ad8df7ad94d16a3a54ea9ba9fb525031b8
35aa4fbe16db5a71427a08ad78f27d18295895bd78009653839a497ba91753f7
3708acc719d54dc2c2ebca2a7a0b82f0f1dd15c63dc1b91588a728e6b153c995
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
381a311f0bf7b9c5638965d8287ce4ebe7e38c64e139d73a2861226b275cca57
38f17877b3d9614c4a1a37b257a64c7b759cae9eed1fe27747670d001206c4be
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b341bd21487195da5ac2e172c28f837780a21a9397d43e2a1bc6236c6270a4e
3c2ea3a32d3f2dcdd09662445e56717ad485b8e7a42be564c25dd5cfa63c79fc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d65865c1d7cd1bbf96d797f0eda4e094bf5c46a3879526c7a01cc3d0badeb98
3dfeeb1325e270b9a3b973089676783c06596554abc9e0939a66cc416c1b19b4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f44bbf59a3038d2a7bb4dad1b185cdcf453669367ec862a5b12fdb0b579f580
3fae299156a4379d8c80f48392968c676f5ab1bb78b5df6de64399ba0979a92a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4059dc11e73e02d4cb2dd7987b457813d685577b5e5ea4c383cc18e0bf569d02
42a8ca47ac3c92cb4d3d92304df69d325788ef9c1d71e56db99be448c9203c6b
43b2c605cdfcbf45584e7ccc2c14a1723fcdb93e055b2da97cbbc6f1d45d70f9
472f217c4d8a0f8a8e33ccc4ef56bff79ff6ee22c296adf26a628c4a4ff17f8f
47a9eafc49a373ef94089adbadee8123beaeec6f910ef9f574566e3888d2ab3c
47ce95dd46dd98392b656a5c63ca7906512289ceaff39c81d74bb26852b51251
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b70dbbd3110e9643943cf22014e280cf8ae7e01d2e0165ad09bdb988fc79efd
4cdc019231ff1951cbaf8cce84ae8304d124c229143a3bd8e8a4e2f7af4322e4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f06fa6a4a36d9702745dec58ef82ea73b36cc8e2636504a85f65207904322d
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
54170c0cebcb833af46abaeecb5c2ce8f53f972ffee8bb1c5a4b2e54e775184d
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5498eab9ddd9c6790d3e401556c0daaa159bcf36708cb89fee8184bf38e4b7aa
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
58384cc41f66cf83c113a303932b9451d1b0a3daefc7d6d5bdf0d1885d324a39
59c7d6c395c85a49ec61f341ff7a5997d001a1739166c0be4a2c106f3395000b
5a3e8e3e8a34540cd48e187acb1a35ed34cebf4ecbe02b51c665fca4e04997d0
5a8a81dddbbf7047b08929c8b45235916fe75f45fff369691db784596575e690
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c8bd0c2f891239145b9a187e6490a89c8af9f6b5224cea83884f6c5662d1b48
5caf34a4fcaf7f30ee8ace6738a8ca4b37990511e39772e7fe2ebb19c649cb49
5d8bc910787f53dcb6d618ba42ef9cd2bc3b42ca6733ed995e17beecf477fbac
5db03f62ed2a1019b994d6183b704759d62e5396be34ec96bc703afb80b86ea4
5e2ba8bafa05f6e59b34b8a904bd0caa012a84e4c3afbc64080e846e0c0d0053
5f21a17a963e88c0a1f960ee24a1a3dd1802cf1e2c6232077276f99c9f3bcdb4
61209518abc8cefccbcb0c3d116807e8e8de7dd7dffb28f1052fc9b01ce40ce3
618df22bb0f56120f08ed1351ff2efbf892c20ffd66bdef5f4ba6a21ec24055e
6224660b34bbaf4612921643c84a10f5f09423edbc20b97e57540010e5d18625
64bff75a60c41b34a4deb9ce811a1e48a1b17bc3d3624715354764f6ae57cb63
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
651eea7ea74cd7d4ffef959d4693b6dc64c7f1880a3eca576eb05148555cb03c
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
675ce971fcf5daf592e564dfda949084b343630e231c2c9860e3314ead34d987
67acfc9840a71e43d21752440989807e24c7604bf79ac449725b379ef0e5424c
68dd2479e81130bd2fb9022bd00b1f969808f5d30ed8e9ee44e70c7aeac1a42b
69886bc0ae8bae5ca533ed82d7fa3feec2f90439c182935a4c6fcb04eeb992a3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2d4f5c5c9561c962b57a48a99b4183087c9b3ee5ea32f66d23cff0d425ec0f
6c8774ee00be3a278770921351e0e9f55f681a1e79b5bf961f06bdbf1ea22ed1
6e6c4265633449503c1aaf2d1883bbec2bbbd22efa16d0570686ad7853a38b84
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
73b15cb935f9b6924cdf1d30f974eeac6f3449e67ab14abba0223cc557855eef
742a47f2d330d112ae4e22fbe089b755f23359c3262b1e449af6d16819652533
746f73b7567b31378fda3e0dc0495aaa2ab6577dbdcbe65c55dc0959073f7739
74cd9730bce2a622d14ada07f55b72a2b054702bcd8584b4749a970e8808fa06
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
77fd6a22ebf90bcd0ba1af61ab130c9b105d4c5c1eeeea46d9545483bb2ac98e
78ad6b3da7f5453b1da747273df5ba6daa1418bf866f37cc9ca4e044e7621528
798d62ba5e0d79c78e9ec2ca02c704a640bd8fb0294a5c7e2ee1a4df10311306
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79b54723fb2d66d1e944e6d3dd08e2f7541976d0b476d62162432e7915bb09d3
7e2053d28a5998b7c02723103200b78168f761db5ce87f5d1d3c2be139784087
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8251f50f242f2786e1ac081a125f329811b44d37442fa1f3b5fb71974fd6f716
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8370e4d308f9ad450bb279a602fe082fd1e66a46122ce3559b18620ecdf96f42
8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be
88aaecda68b50302ff3e9ac1876e6febf68f59e3dd26a46ff7076d4c297c8b66
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a92f941d2c2a0e89955207d6bd80ceee23714643f5f1484154a2547517d5c1d
8ade00ef9b3c7f137dfe82dd11ed970b47ece19df2e6014b9abce76bc91a1b3f
8b8ba6975979319331b20da4cb9f293c0309b65f8331236922f2323418578da0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e41a8e6b02e146fe25fa71262a12a24c80ee7e0debfcae0757a4fe6c67de5a9
8f57c27c59dd99a164f294f700e0bb210f118b46190fba22c7c96b4b41ec5f90
900e38ec18d499f254299ca7bbd59e95f8ea503b836b83c86b81978c55a17326
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
92789dd382650fd94ee8ab2545ec0e06f42264c9cdb2f6fe9c3b998a100f65fa
95ce087c9b606c0e90075ac6c21aac9d1ff7936dbde9375a2416f31ca7c0e4fa
96be461bff843e754832eb42870dc20c918467823e87ed9b5d9cabaf103e850c
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
97ba52d83e23a4721cdea517d8bfe028d87739a620b2095ffd1feaf9d56c309a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9910dd3a7c6d979d1d4b496161542773b952b0f5b738e24bd329f2b21657389e
9b99d42f862eeec467ae36592bc18992a5ff87d4c9ea915a4908291e854385fc
9be6923457d76debf4c512fac0a2173aaa94748868d26566515ce2a4156d083d
9c02ab04166fd2c0a5aa6bb7e60b7a6f72c4f2652101d9c60c71e41497af879f
9c068d2ebef10d7d53bb79442b12c6fcb754a6bf9a005bc1e5f9dd5a553e081c
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
9fc198a760173ed46364de628b404758e087443bea0bb0e45ab82b5ebd81534a
a03069108742c10840597955cf7bcff3b34e71f5e800cd2b32a3aea1723a2a59
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10844d60cd0fd12d194780a7d5521ac07b4dc525b40b9938d8e6780424f85d8
a20da0f3025718c756c87eeff8a425b5dc8463a48850b3333f1ab5a83e2da45b
a39972aca8a154a3c9597c68e51ea8658ffabac257c617871a14d1bbb9d93c4b
a3f877bcb1ee7aeab0f595f46dc0f9ad358f5d39ac81b4ca8e5f46838a053dbf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a80f860251402c6bd55adaa519fe7260a90e6257d4255d5652b734df3f38f39f
a8874382f0d935e5ae3ca6f72809f0419dd51c67d8141c712b5ffc9877f308be
a8936f01ec6473de761c0063a29e01afc43680ef0811084cbc67bfcffc7f409f
a9d88004ecf909f10f24eb838564c9e3fbd1427f605eeb2d444df083c66d1435
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
aadc688d409b30c5ebc13790f6d2ea216805e4800727614792a23f5b585dced9
acdf6e52a55cd2c1d3fb245665d986955330ac67dbcf798aac48afb515fc9e48
ad1af8b427124f2bd8fbefc456bc6b4ca6f1bba886a6d6c5b9b5cb9fd5513021
afbd6d3dbf677900ec3d80e8057a7b9f93f72e5971494ed7ce7a4be1cb7c9ae8
b0fc4fc124399d25ecf7ea03ea01d46cae5da401629413685473c0db995ac46f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a9c93d549d61d6848930657031cc42235e0c95f50e57ff906ce84c78685267
b42c2a0907347e161dee8a76dd6340359c3c620acde68b8e45cf8d2b1d302b70
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b663ec8d2d4c48019fb994fc2b053605887ff6657a88c22d4e3b8c3d31b71203
b6fa07f2bd5937a2358b0f8f0d8bf39accbd8d520fbbcb486dd0346f7d372e87
b70d7038b66c759d8e5cbdaa205cf6979594aeff80de1181f5d0fca6d491b119
b7b6b36454670404310a2bce33511aa9295576c528b24be0b937e9f7b40cf80f
b800c07b7cbb51b1b594e4e80f5d464e8f274ed26a216ca8571c8de6959d9e66
b93423f18ba63f3282ce4969c0703d17e870a3ece31aab2fe5df224a44912d72
b99c4a34042b7bca706d57bb324b3e22985e479f18099283829a50a6121e9491
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb8fd3ee596308ac7f4a78b69962bada72aafdac94a40f17e1fc9aad43b25b0d
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd581e97a53b3739f0be17a03083e1a5ce6e9413bb2a3af6137226438dd5a1c8
c01c3cd75ff91106691294753337537fea1c5ecd6ef1487e9af7a6defc329206
c07aa45cd9ee10800a0d609f576679017535d93fbe6fb875cd8d368afe2b9e55
c0ed1d3b2ece2129c825899e0e7c4f74305539db3dfd183ab56b8f38bb618886
c15ddba3505cd530e7dc9f39c664503260907acfd546e6ca2e522d6a7a19ec82
c1b1e89b0313b3bfa1ab3c7a637515144dd9cc3cbf8fd56d053cf3e26cfec578
c1fa2ba542da6c85d3e7a7b41b758a24bf927fb2394909f4dee123118cd1d89e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c32ded4289d4594932e1ad845389cfa3f0ddfb72dfbf2173166ce243e3e6afb4
c4e8e149566a2334254e847e91735fdfe5ab28008eaf4d437a732c211a3dd845
c59d4419f3446bf2a79524e54a076f29bbad72a689374cc2737b71b865f23c93
c62d5fc0754bfd17baff17811525072f2c625dbdc43e7f0e3e924afed4ba2949
c69f07bbe87bdd03b774a4069f22acb6d89e79799483f5dc091ebd3e83247c18
c6a96615312cc82965aa7fcd41ed4094e0fee514a2be9e3efec908178be6d833
c76853b9b64b3fb4b4cfbd22885e4cc2e3f14918020efb69a1df8eaeeb2a3b8e
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c914329f4907e4dd5399763e54f095a97b1c5e3e1c8d3b00fafa84887e97361e
c9796a117818a21b8f6d298cc042f7c2c737dd5d4d9fae8c8878a603d28201ba
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf92e49b7ff06f53dbcf42538e8c8013d45ef02bc000dd88a407aefe2ae13f7d
d00a47cc403957b9a0546fcc0ae82bd5e29deadf35398a4194e502939a2b23b3
d0453cf4c77ab597ba01b1fd26e2876fb8cd5697446cb8379f7546cf0e80977f
d09b39cadbc6cb3a4c1205eae09ee4f5a19f60fa7f01caa369bc86594a325854
d2110aeb75e64f00a6ddb402d4d80df2f542d5b1900e6a567c3495a5a4006ab2
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d30a4052a504ef2a2ef54f763c90d6dc6a303ed966a09941b62d707eed090c08
d43b7b365c95c246a59b3c313f581b6a152619978af90cdaa91f0c4a1b192a4a
d4ae0b93aeecf7b39108769af898e164c5aaa3421fa1368eca7f99a130912476
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d5cd451f1e51e0cfb1e3120c2721a8036dea1d319846cf793b0b1d958474594b
d8f6ace061d713b4a21bac5d83a4f87774d704321e838060c594e69c8c01b67c
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dd1eed7f8af9c0f129c29dc882519132ed76ef66e707afe5c0864ac42e2352cc
dda2aba38252dcb4fde2222ecdcf5806f23fc3e9400f310f0ee1927329243c78
ded061ef586b57c27ea3e65774d4349d2f1d0c7a3432f6e5d82db34008804416
e366faee45ca7c0ac7f097058dd99681947d94a587a4108dad4a78114cd47f40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cc31d1dd4a86f84ce96fbbec379b67fac15f5855c25c47ee210349b5268d65
e9c2df2904ee0ac9a0dcc01dbb90666d1c1fd659891fcecba4aa7f64ee0406c1
eacb58d751682d6d566f8c07557b7a197f91487142cd2d312c91ef1f51af0469
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
ecf83cf0d8f693beb5b55a233f85293f21fc9ba35465bf21598da6c918051fe5
ee2214a948aa510978878e09453b21c85f1bcfe78a7c55412268ad85a5fb147d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd0419f9043f0534b59e83deaca4f5312077585dd1cfbbba4e1315ae461fd41
f1dbbc4be8d88ae17466b1d7a8fd7bf4f9d9b5ab492719cdea721d82cecb738d
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495
f4380407c0d68da81b547384db263414e78e2a34e171ca7cc5220b9d86507b85
f4b3853b7e792cec8a88f9da8a31d2b29ee09d6a77aabc45979c9ab2937f0962
f5118b9ee8055eef8c16bdecb643b8b1565c4f05cbc7013943ecde9ef561d7f6
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f61e593d456c3d3d37d71b0c579a3a3807dd39261d96cb041931556a9c224f1f
f6672d33b6e9fd814d134854ba139fa0a5f88c8d88bdb7a3e15c0884f0147f8c
f6e238f7a3c4b938a20f19c208f38ea3d8e8a3d3fca5e1b824963cf04151667d
f727a7f48f710af14457e8a9e44c30f8d84df7422b167e8401c9a3cacee54c78
f802791ac8bc03092e1bfed70c327230798e4688f0631b0a01740c8dfaf71e2a
f96d19b5a9c92e3060a6a5e00e81a8ea0d039ee96d485bcaaad4f12c7a547952
f9d2ba6384feb8da12cdb77b1b1ff511c5a7ed249db5375d1812597891e02ab9
fa7ac808d4cb9a37b81926d4f74ef69f1048c69cef0e02a8915d637ea78bf2a0
fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009
fc0ed772252f1b7c745827b54ea5f6f2f080af8fdd673909f7758328b08e2753
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fc3480e320023f8a8ee0c23f3f6dc29953f9422bbad79fbae43ac18ddaf3931d
fd15114bff107e1188f0b293db7acf0037d405cbab30a8c9571df82bd849fc8c
fe37b6902f282b8a2b238de024f319a95da2d87f38309ea014bbdc310ac2e097