www.newser.com Open in urlscan Pro
40.114.51.62 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.newser.com/
Submission: On January 30 via api (January 30th 2022, 3:55:20 pm UTC) from IE — Scanned from DE

Summary HTTP 291 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 60 IPs in 6 countries across 45 domains to perform 291 HTTP transactions. The main IP is 40.114.51.62, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.newser.com. The Cisco Umbrella rank of the primary domain is 226050.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 31st 2020. Valid for: a year.

This is the only time www.newser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	40.114.51.62 40.114.51.62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
75	2620:1ec:46::69 2620:1ec:46::69	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
59	2620:1ec:bdf::69 2620:1ec:bdf::69	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2600:9000:225... 2600:9000:2250:2400:12:4abd:d340:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2600:9000:223... 2600:9000:223d:2e00:14:2602:6e80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
2	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	54.91.59.199 54.91.59.199	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:9f11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 3	108.157.4.38 108.157.4.38	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:d000:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2600:9000:223... 2600:9000:223c:6400:1a:1459:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	72.247.226.64 72.247.226.64	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:40f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:4200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.211.139.241 18.211.139.241	14618 (AMAZON-AES) (AMAZON-AES)
1	3.11.115.229 3.11.115.229	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
12	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	18.66.109.174 18.66.109.174	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
17 23	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4200:9a2f:8341:7f9b:9de	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	18.135.35.213 18.135.35.213	16509 (AMAZON-02) (AMAZON-02)
1 1	18.196.159.27 18.196.159.27	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.42 52.222.214.42	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
4 4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 2	52.26.6.186 52.26.6.186	16509 (AMAZON-02) (AMAZON-02)
1	34.192.117.147 34.192.117.147	14618 (AMAZON-AES) (AMAZON-AES)
1	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.19.22.209 52.19.22.209	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 19	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	3.91.171.215 3.91.171.215	() ()
291	60

4 40.114.51.62 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

75 2620:1ec:46::69 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static1-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img1-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 2620:1ec:bdf::69 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static2-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img2-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2250:2400:12:4abd:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:223d:2e00:14:2602:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.91.59.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9f11 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.38 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:d000:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:6400:1a:1459:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

config.playwire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.226.64 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-226-64.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:40f1 (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:4200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.139.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-139-241.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.115.229 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-115-229.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-109-174.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 159.122.14.34 (United States) 17 redirects

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:9a2f:8341:7f9b:9de (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.135.35.213 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-35-213.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.159.27 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-159-27.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-42.fra56.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.26.6.186 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-6-186.us-west-2.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.117.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-117-147.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.192.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.22.209 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.243 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.91.171.215 (None, )

ASN- ()

kinesis.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
138	newser.com www.newser.com — Cisco Umbrella Rank: 226050 static1-azrcdn.newser.com — Cisco Umbrella Rank: 419801 static2-azrcdn.newser.com — Cisco Umbrella Rank: 496082 img2-azrcdn.newser.com — Cisco Umbrella Rank: 311424 img1-azrcdn.newser.com — Cisco Umbrella Rank: 313300 newser.com — Cisco Umbrella Rank: 180658	5 MB
30	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124	158 KB
25	simpli.fi 17 redirects i.simpli.fi — Cisco Umbrella Rank: 3551 um.simpli.fi — Cisco Umbrella Rank: 745	14 KB
18	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 96 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 197	242 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com	162 KB
13	intergi.com cdn.intergi.com — Cisco Umbrella Rank: 3941	202 KB
9	intergient.com cdn.intergient.com — Cisco Umbrella Rank: 4651	145 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 www.googleapis.com — Cisco Umbrella Rank: 35	5 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 281	40 KB
4	exelator.com 1 redirects loadus.exelator.com — Cisco Umbrella Rank: 1333 load77.exelator.com — Cisco Umbrella Rank: 3641 loadm.exelator.com — Cisco Umbrella Rank: 1077	4 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1501 m.addthis.com — Cisco Umbrella Rank: 1468	217 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	113 KB
3	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2638 pbid.pro-market.net — Cisco Umbrella Rank: 6332	913 B
3	moatads.com z.moatads.com — Cisco Umbrella Rank: 361 mb.moatads.com — Cisco Umbrella Rank: 561	77 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 138	2 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 279	18 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 592 syndication.twitter.com — Cisco Umbrella Rank: 844	133 KB
2	amazonaws.com kinesis.us-east-1.amazonaws.com	594 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 483	1 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 673	1 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 442 d.agkn.com — Cisco Umbrella Rank: 529	961 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 419	889 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 389	730 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8028 www.google.de — Cisco Umbrella Rank: 5557	1 KB
2	rddywd.com rddywd.com — Cisco Umbrella Rank: 110063	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	83 KB
2	4dsply.com cdn.engine.4dsply.com — Cisco Umbrella Rank: 19556 engine.4dsply.com — Cisco Umbrella Rank: 19338	59 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1019 pixel.quantserve.com — Cisco Umbrella Rank: 424	10 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 359	274 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 312	239 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 106	635 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 316	66 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 816	348 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 510	603 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1279	421 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1542
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 7146	183 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1758	556 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1120	201 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 898	429 B
1	playwire.com config.playwire.com — Cisco Umbrella Rank: 4008	9 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1277	14 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 3497	253 B
291	45

	Domain	Requested by
71	img1-azrcdn.newser.com	www.newser.com static1-azrcdn.newser.com
58	img2-azrcdn.newser.com	www.newser.com static1-azrcdn.newser.com
23	um.simpli.fi	17 redirects
19	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com tpc.googlesyndication.com
13	cdn.intergi.com	www.newser.com cdn.intergient.com cdn.intergi.com
9	securepubads.g.doubleclick.net	cdn.intergi.com securepubads.g.doubleclick.net www.newser.com www.googletagservices.com
9	cdn.intergient.com	www.newser.com cdn.intergient.com
7	pagead2.googlesyndication.com	newser.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	www.google.com	2 redirects f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com tpc.googlesyndication.com
5	www.gstatic.com	f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
5	fonts.googleapis.com	www.newser.com f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
4	cm.g.doubleclick.net	4 redirects
4	f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	c.amazon-adsystem.com	cdn.intergi.com c.amazon-adsystem.com
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
4	static1-azrcdn.newser.com	www.newser.com
3	encrypted-tbn2.gstatic.com	f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
3	www.googletagservices.com	f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects www.newser.com
3	fonts.gstatic.com	fonts.googleapis.com
3	ssl.google-analytics.com	1 redirects www.newser.com
3	s7.addthis.com	www.newser.com s7.addthis.com
3	www.newser.com	static1-azrcdn.newser.com
2	kinesis.us-east-1.amazonaws.com	cdn.intergient.com
2	ib.adnxs.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	eb2.3lift.com	1 redirects
2	rddywd.com	newser.com www.newser.com
2	z.moatads.com	cdn.intergient.com s7.addthis.com
2	connect.facebook.net	www.newser.com connect.facebook.net
2	platform.twitter.com	static1-azrcdn.newser.com platform.twitter.com
2	i.simpli.fi	www.newser.com i.simpli.fi
1	encrypted-tbn3.gstatic.com	f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
1	encrypted-tbn0.gstatic.com	f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	www.google.de
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	ce.lijit.com
1	stags.bluekai.com
1	sync.bfmio.com
1	pbid.pro-market.net
1	sync.intentiq.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	syndication.twitter.com	platform.twitter.com
1	pixel.quantserve.com	www.newser.com
1	mb.moatads.com	z.moatads.com
1	ping.chartbeat.net	www.newser.com
1	rules.quantcount.com	secure.quantserve.com
1	engine.4dsply.com	cdn.engine.4dsply.com
1	www.googleapis.com	www.newser.com
1	stats.g.doubleclick.net	www.newser.com
1	config.playwire.com	cdn.intergient.com
1	load77.exelator.com	www.newser.com
1	static.chartbeat.com	www.newser.com
1	cdn.engine.4dsply.com	www.newser.com
1	secure.quantserve.com	www.newser.com
1	api.ipify.org	static1-azrcdn.newser.com
1	newser.com	www.newser.com
1	loadus.exelator.com	www.newser.com
1	static2-azrcdn.newser.com	www.newser.com
291	72

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.microsoft.com

Subject Issuer	Validity	Valid
*.newser.com Go Daddy Secure Certificate Authority - G2	`2020-12-31` - `2022-02-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
static1-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-25` - `2022-06-25`	a year	crt.sh
static2-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-24` - `2022-06-24`	a year	crt.sh
cdn.intergient.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
cdn.intergi.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
img2-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-24` - `2022-06-24`	a year	crt.sh
img1-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-25` - `2022-06-25`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
4dsply.com Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-08` - `2022-02-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
1605158521.rsc.cdn77.org R3	`2021-12-22` - `2022-03-22`	3 months	crt.sh
*.playwire.com Amazon	`2021-04-12` - `2022-05-11`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-11` - `2022-07-10`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
kinesis.us-east-1.amazonaws.com Amazon	`2021-12-29` - `2022-12-08`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.newser.com/
Frame ID: 2AEABBE26F7B15490AAD8B42B847D613
Requests: 230 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.newser.com
Frame ID: D4859B056673C51D28410BC8BE58AA03
Requests: 2 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.6.33/iframe/iframe.html
Frame ID: D0A4C8B8D8C1795CD13ED7CA642096FD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: 10E70B0C8C45E0FF1377EB4BF99DC7E9
Requests: 1 HTTP requests in this frame

Frame: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BC3D0E52BAECE2DBF46EA0F7F7D0C6BA
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 593D2C20D078307362DF5719BD9E5806
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 8AE66E6FA6F308543284EC3DA8320B77
Requests: 1 HTTP requests in this frame

Frame: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C409404E882AD73DEC548372EA444C4D
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: EF52A2397474BC706458A906747A9161
Requests: 8 HTTP requests in this frame

Frame: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 86681E8E72589006117B1E9457822612
Requests: 19 HTTP requests in this frame

Frame: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A5891A19F9EDD1DEE3A3A5A7DE0ED9AC
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AA03D93D587754F9D9C790E2E7EFA6F5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4ACFB9E67963DE68574578D87E0F51EC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37EB83A8D49243BCB1DB5F62152CB529
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Newser | Headline News Summaries, World News, and Breaking News

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

291
Requests

92 %
HTTPS

51 %
IPv6

45
Domains

72
Subdomains

60
IPs

6
Countries

6538 kB
Transfer

10984 kB
Size

68
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://itunes.apple.com/us/app/newser/id334678577?mt=8&uo=4

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.newser2

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/store/apps/9NRBJ0VZQX72

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/newser/id334678577?mt=8

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 156

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=73558130&utmhn=www.newser.com&utme=8(PWA*ABTesting1*LastRefDomain*OrigRef*UserClassification)9(N*B*direct*direct*P)11(1*3!2*1*1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&utmhid=1684151837&utmr=-&utmp=%2F&utmht=1643558113755&utmac=UA-1055596-4&utmcc=__utma%3D116631449.1344959192.1643558114.1643558114.1643558114.1%3B%2B__utmz%3D116631449.1643558114.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1496878276&utmredir=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=1344959192.1643558114&jid=1496878276&_v=5.7.2&z=73558130

Request Chain 171

https://sb.scorecardresearch.com/b?c1=2&c2=6035830&ns__t=1643558114215&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1643558114215&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=

Request Chain 211

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=D55E32986792479B93629CFE38557712&dongle=yf3 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=D55E32986792479B93629CFE38557712&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=

Request Chain 212

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=D55E32986792479B93629CFE38557712

Request Chain 213

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=D55E32986792479B93629CFE38557712 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D55E32986792479B93629CFE38557712

Request Chain 214

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=D55E32986792479B93629CFE38557712 HTTP 302
https://d.agkn.com/pixel/10751/?che=1643558115&ip=217.64.151.29&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164871104047000344931 HTTP 302
https://um.simpli.fi/aa_px?sk=164871104047000344931

Request Chain 216

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D55E32986792479B93629CFE38557712

Request Chain 219

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=D55E32986792479B93629CFE38557712;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=D55E32986792479B93629CFE38557712;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=MTY2MjIyMTQyMTM4MTIzOTUzMQ== HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEKu6vSQEEWc8151cUcavKTg&google_cver=1

Request Chain 220

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=D55E32986792479B93629CFE38557712&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=D55E32986792479B93629CFE38557712&j=0&xl8blockcheck=1

Request Chain 222

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=D55E32986792479B93629CFE38557712

Request Chain 223

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=D55E32986792479B93629CFE38557712

Request Chain 224

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D55E32986792479B93629CFE38557712 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=D55E32986792479B93629CFE38557712

Request Chain 225

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D55E32986792479B93629CFE38557712

Request Chain 226

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=D55E32986792479B93629CFE38557712

Request Chain 227

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1643558114893&cv=7&fst=1643558114893&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=425303945&cv=7&fst=1643558114893&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=47T2YZ61AcXUx_APpuy5wAM&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=425303945&cv=7&fst=1643558114893&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=47T2YZ61AcXUx_APpuy5wAM&cid=CAQSKQCNIrLM2XW1jF4QNw8LFWrhh83QxG7xwCo22oS0HIM0ymZlhhWdAfph&random=2483892900 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=425303945&cv=7&fst=1643558114893&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=47T2YZ61AcXUx_APpuy5wAM&cid=CAQSKQCNIrLM2XW1jF4QNw8LFWrhh83QxG7xwCo22oS0HIM0ymZlhhWdAfph&random=2483892900&ipr=y&prhg=0

Request Chain 228

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=D55E32986792479B93629CFE38557712 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=D55E32986792479B93629CFE38557712&__user_check__=1&sync_id=03cfe71c-81e5-11ec-be4d-1be234f70406

Request Chain 229

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=D55E32986792479B93629CFE38557712 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD55E32986792479B93629CFE38557712

Request Chain 230

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D55E32986792479B93629CFE38557712&expires=365

Request Chain 231

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D55E32986792479B93629CFE38557712

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEJrZGC5-pm31C_ckjcub8tQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D55E32986792479B93629CFE38557712 HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 263

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbxsi7jQEQ6AIY6AIyCFR5nIyM6Xl- HTTP 301
https://tpc.googlesyndication.com/simgad/1855790038366648222

Request Chain 281

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

291 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.newser.com/ 258 KB
70 KB 717ms
382ms Document
text/html 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 53af68a0dfbd34bf45466d445459a7c07c935b6239a65e8482a23b2b31b84b8e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 30 Jan 2022 15:54:12 GMT
Vary: Accept-Encoding
Scheme: https
RawURL: /
Date: Sun, 30 Jan 2022 15:55:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
2 KB 205ms
74ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c8e2b63593c31e87391f96f1a9b4b1c19b67966e560256a40cea1ac6c51307b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 15:48:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 15:55:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 15:55:13 GMT

GET
H2 200 stylesheet.ashx
static1-azrcdn.newser.com/stylesheets/20220112_1100/ 131 KB
19 KB 230ms
69ms Stylesheet
text/css 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac95d8cf8cb82ae4d077cb942c54f3a130d83902cd407743a770c6b34c4d98b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:12 GMT
content-encoding: br
x-azure-ref-originshield: 0ZbD1YQAAAACb6xHl0O1qR5VTC3IswPiyQU1TMDRFREdFMTkxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
x-azure-ref: 04bT2YQAAAAAyRI7OkushQpHaTmFl/p7gRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/css; charset=utf-8
cache-control: public, max-age=2592000
scheme: https

GET
H2 200 jquery-1.12.4.min.js Show response
static1-azrcdn.newser.com/javascript/20220112_1100/ 114 KB
34 KB 295ms
135ms Script
text/javascript 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/jquery-1.12.4.min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:12 GMT
content-encoding: br
last-modified: Fri, 04 Dec 2020 19:36:38 GMT
x-azure-ref-originshield: 0e6P2YQAAAADoS4wVEz2OTouUi08AO6OAQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAADN/A1IRwuNR7+6bifG2GmTRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 javascript.ashx Show response
static1-azrcdn.newser.com/javascript/20220112_1100/ 209 KB
41 KB 298ms
138ms Script
text/javascript 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/javascript.ashx?file=newser.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9464c8837610579e5ac316fc46c1e136c65433f989cf1c6a30c62e840e258348

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:12 GMT
content-encoding: br
x-azure-ref-originshield: 0iY72YQAAAABMSQPdcxRaRKSgXAqactuNQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /javascript/20220112_1100/javascript.ashx?file=newser.js
x-azure-ref: 04bT2YQAAAAC/hY8u/LEgRZYXXvS4MaLMRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
scheme: https

GET
H2 200 modernizr-custom.js Show response
static2-azrcdn.newser.com/javascript/20220112_1100/ 2 KB
1 KB 237ms
89ms Script
text/javascript 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static2-azrcdn.newser.com/javascript/20220112_1100/modernizr-custom.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:12 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 18:04:17 GMT
x-azure-ref-originshield: 0inz2YQAAAAA2lCyUa2gFRYZPkH+ITJ6hQU1TMDRFREdFMTgxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAADJCUXSQ3aNSYMtbuq5n5VoRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 jcarousel_min.js Show response
static1-azrcdn.newser.com/javascript/20220112_1100/ 18 KB
5 KB 72ms
65ms Script
text/javascript 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/jcarousel_min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:12 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 18:04:17 GMT
x-azure-ref-originshield: 0D3H2YQAAAADDrzLT/HGeQoqYk+RKcEsLQU1TMDRFREdFMTkyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAABhaO0RmsJQRI0l7rgEsC1uRlJBRURHRTEwMTAAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 ramp.js Show response
cdn.intergient.com/ 139 KB
43 KB 453ms
302ms Script
application/javascript 2600:9000:2250:2400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/ramp.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a5a55d04b4ac5561544c97f9d552b1e45ecfdab797c37d2b1e5d941b8648c4ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=600, public, must-revalidate
content-encoding: br
x-amz-cf-id: umzvy5_XtVO1RD6sdLZqaJwKi0HEN-0jZF3WcqLphcTb0Agy-vgxHg==

GET
H2 200 pwnewser.min.js Show response
cdn.intergi.com/pubscripts/newser/ 8 KB
2 KB 236ms
85ms Script
text/javascript 2600:9000:223d:2e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/pubscripts/newser/pwnewser.min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 978f69abae4d7fa60114fcea9ee790caa3599e4aa961d630bf8204e8ceb883b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: N4oxotP37Mu.QJ88DREWNl2Vw79VR5j4
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 17:04:07 GMT
server: AmazonS3
age: 46899
etag: W/"f3e02b370de691b7b5bb3e271dddaf32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 03:47:23 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: hnr_zH55W-gZMPgaR07QNrGs9JpjfFdDbErWSfrPFI_Ju9c7v_oZQg==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 899ms
107ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sun, 30 Jan 2022 15:55:14 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 Back-Arrow-Button2.png
img2-azrcdn.newser.com/images/header/ 271 B
563 B 607ms
448ms Image
image/png 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/Back-Arrow-Button2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c0e2de1910c51b9146fec0cc847f64b28a62b86f030e1ea05a7d8b05c130dc9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0NWj2YQAAAAAi3hE4Xnq8QYW5THtXvq84QU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAAC+aozzkoCRTY/6qTiZ+gMcRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 271

GET
H2 200 logo_white_text4.png
img1-azrcdn.newser.com/images/ 5 KB
5 KB 553ms
394ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/logo_white_text4.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c00e4b444e4089660152f10bb0cf87d45be907756bf33150841afc2f8a69d791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Sat, 08 Aug 2020 15:47:42 GMT
x-azure-ref-originshield: 0xJ32YQAAAACIbhQb2/vSQISXiYgrUmvZQU1TMDRFREdFMTgwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAAAzJ3+AkazeTLuzTO7P1D0SRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5004

GET
H2 200 menu2.png
img1-azrcdn.newser.com/images/header/ 265 B
496 B 553ms
395ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/menu2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0orP2YQAAAABJk/sLFk5xQYlbc7d/qkfcQU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAAAuwP59rbEOTr6bGbjQPtW1RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 265

GET
H2 200 next-active.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 316ms
312ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/next-active.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0ZqT2YQAAAABNpLgdeKiPQqczM7/KBXR9QU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAADk0ynptKDyTqp4i0ohG2mdRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1304

GET
H2 200 next-inactive.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 317ms
313ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/next-inactive.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0Gqb2YQAAAADIc/INNHjQSo0nS0v0UihRQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAAC7AmRpG7sgSbEku1fTfjqLRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1096

GET
H2 200 prev-active.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 317ms
313ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/prev-active.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 08GX2YQAAAADE8oMtwFSaS5KPfLxs32kRQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAAA7zu6G0c5kTKTuWiO6VZAQRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1295

GET
H2 200 prev-inactive.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 317ms
313ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/prev-inactive.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0orP2YQAAAADVLx0O3mR6QpRpO9S4hz3hQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAADcUhwTIDxWQqr9fr8UwDTGRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1071

GET
H2 200 spacer.gif
img1-azrcdn.newser.com/images/ 43 B
283 B 317ms
314ms Image
image/gif 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/spacer.gif
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield: 0ELH1YQAAAADpd4D6Y/CYS5NfEVdrytlvQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAACxiRTgZRFLQ7ydbtGRZz1LRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 43

GET
H2 200 Suggest_Icon.png
img1-azrcdn.newser.com/images/ 723 B
955 B 318ms
314ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/Suggest_Icon.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref-originshield: 0Gqb2YQAAAABRIGHYE1fSSIccJhzZbKJ7QU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAABEPKpUMK3CSKXRa4kwlcMoRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 723

GET
H2 200 Apple.png
img1-azrcdn.newser.com/images/footer/ 511 B
719 B 318ms
314ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/footer/Apple.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0NWj2YQAAAADCsDstPooZR6A8YSDzPlp8QU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAABpGGqEInDdQpV7dgqomktbRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 511

GET
H2 200 Android.png
img1-azrcdn.newser.com/images/footer/ 647 B
856 B 318ms
315ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/footer/Android.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 08o72YQAAAABS3SKfnY2SQqzdUPYxaPSeQU1TMDRFREdFMTkxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAADMJISsKdv2RJA2qom78nB6RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 647

GET
H2 200 Windows.png
img1-azrcdn.newser.com/images/footer/ 573 B
782 B 319ms
315ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/footer/Windows.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0HKv2YQAAAACgfVI1EoMIT7rGr70TECYdQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAAAvd2WoLcK2TJP2g3/qLCzuRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 573

GET
H2 200 icon-72r2.png
img2-azrcdn.newser.com/images/pwa/ 2 KB
2 KB 221ms
217ms Image
image/png 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/pwa/icon-72r2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:15 GMT
x-azure-ref-originshield: 08o72YQAAAADOwRUajlqiTI5t7QsxByMiQU1TMDRFREdFMTkyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAADX24YQk3umT6giIGDJUPEJRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2120

GET
H2 200 logo-newser-top.jpg
img2-azrcdn.newser.com/images/ 28 KB
28 KB 343ms
228ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/logo-newser-top.jpg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d8f64ca73c0faaf5d9d1e56252a2d89a23262ea516e7d731adaf5f255d4081a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield: 08GX2YQAAAABDazI5UTrpRpiwNQtl7FAdQU1TMDRFREdFMTkxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAAC4hlMs4zZTQLmBsXohtDZWRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 28636

GET
H2 200 Grid_Icon.png
img2-azrcdn.newser.com/images/ 202 B
447 B 370ms
366ms Image
image/png 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/Grid_Icon.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3b556e6cee32c4b0c80ef893fd00eaea90330b3a127a8dffecabbedaf6aba7c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 04bT2YQAAAAAYCAkJkagQT6RtVCpIn7CHQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAACbDCG9ywctTrQJBs7nvPjMRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 202

GET
H2 200 Popular_Icon.png
img1-azrcdn.newser.com/images/ 1005 B
1 KB 319ms
315ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/Popular_Icon.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 316f775333e0567a2ea23141b96349652855962025964f0ba097c64c06fb639a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield: 0DnP2YQAAAAABSVw9pIyMT5ShPZgEaV/rQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAAAtpUc7LkqoQYY6MxjNOBIGRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1005

GET
H2 200 ny-nurses-accused-of-gaming-vaccination-system-for-cash.jpeg
img2-azrcdn.newser.com/square-image/316293-20220130095340-M/ 49 KB
49 KB 448ms
332ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316293-20220130095340-M/ny-nurses-accused-of-gaming-vaccination-system-for-cash.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 788111af235a3ca00adc2d2c6e7ae4acb58f6a091268468f64d74f86f7dae6db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 04bT2YQAAAADX94YKvqJgTKi8yUIx1l9vQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316293-20220130095340-M/ny-nurses-accused-of-gaming-vaccination-system-for-cash.jpeg
x-azure-ref: 04bT2YQAAAAD8cu9OXPxLT4lLxEHuIQhnRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50087
scheme: https

GET
H2 200 california-city-keeps-name-of-confederate-general.jpeg
img2-azrcdn.newser.com/square-image/316291-20220130092255-M/ 55 KB
55 KB 400ms
283ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316291-20220130092255-M/california-city-keeps-name-of-confederate-general.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 73f0cc9da2374ff54b9647526db4113ab88116b60f6e72ca118cd10b291fae24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0orP2YQAAAAAtUr6OlfeKSKaTMFtk8OUHQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316291-20220130092255-M/california-city-keeps-name-of-confederate-general.jpeg
x-azure-ref: 04bT2YQAAAAD8JgGX5r21TorqZvlr/eihRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 56056
scheme: https

GET
H2 200 in-5-hours-and-24-minutes-nadal-does-the-extraordinary.jpeg
img1-azrcdn.newser.com/square-image/316298-20220130085510-M/ 45 KB
45 KB 500ms
384ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316298-20220130085510-M/in-5-hours-and-24-minutes-nadal-does-the-extraordinary.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5d4fdbd46d6083390a561c90d45d68d23843ec3053b58e25fa3cc702a87b2b7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0HKv2YQAAAADzDwCnYQYPQaUTquK8B+GyQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316298-20220130085510-M/in-5-hours-and-24-minutes-nadal-does-the-extraordinary.jpeg
x-azure-ref: 04bT2YQAAAAAWlzo0NLfHTILW7dHyGfqiRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45785
scheme: https

GET
H2 200 after-plea-for-assistance-germany-offers-to-send-5k-helmets-to-ukraine.jpeg
img2-azrcdn.newser.com/square-image/316193-20220130082655-M/ 55 KB
55 KB 556ms
441ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316193-20220130082655-M/after-plea-for-assistance-germany-offers-to-send-5k-helmets-to-ukraine.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 134c165adca320e5fe0db5fa155e5bd92a55b44879c0dc3c6b9f0a9fe343d994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0caL2YQAAAAAOVylNCfgkTYhwycQOSvVeQU1TMDRFREdFMTkxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316193-20220130082655-M/after-plea-for-assistance-germany-offers-to-send-5k-helmets-to-ukraine.jpeg
x-azure-ref: 04bT2YQAAAABMMe+xg9mbQ5l/7+Qs2hGjRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 56203
scheme: https

GET
H2 200 man-needing-kidney-willing-to-die-rather-than-get-vaccinated.jpeg
img1-azrcdn.newser.com/square-image/316292-20220130081255-M/ 33 KB
33 KB 507ms
392ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316292-20220130081255-M/man-needing-kidney-willing-to-die-rather-than-get-vaccinated.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 798f04d4f989a6f4062a630a1e1d642749391b9d4d8ec416f6554c0bc3bbf408

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 03J72YQAAAADXiXn8MoMFS6s2yuGx1joMQU1TMDRFREdFMTkxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316292-20220130081255-M/man-needing-kidney-willing-to-die-rather-than-get-vaccinated.jpeg
x-azure-ref: 04bT2YQAAAABLp5nk43dTQ7o90LqYIgnQRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 33525
scheme: https

GET
H2 200 a-notorious-cocaine-dealer-vanished-for-a-time.jpeg
img1-azrcdn.newser.com/square-image/316174-20220130091303-M/ 53 KB
54 KB 408ms
292ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316174-20220130091303-M/a-notorious-cocaine-dealer-vanished-for-a-time.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e10b19c837b2c17d7e4b3cb62a9646323d4d0829b88bdb922aa6296dbca9e4cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0HKv2YQAAAAB8Ya+J6AL5Q7Q25O8vxRBWQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316174-20220130091303-M/a-notorious-cocaine-dealer-vanished-for-a-time.jpeg
x-azure-ref: 04bT2YQAAAACJ6F0MKp1hRa6EbDj09GjHRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 54700
scheme: https

GET
H2 200 nebraskas-mascot-loses-potentially-problematic-gesture.jpeg
img1-azrcdn.newser.com/square-image/316290-20220130071510-M/ 52 KB
52 KB 474ms
359ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316290-20220130071510-M/nebraskas-mascot-loses-potentially-problematic-gesture.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2dd76b128ad19839d224eb21e2f208e9894bea040b9429bf695eb32d511e6e21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0wZz2YQAAAABzSMEk7L+US5hg9cCrxR4DQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316290-20220130071510-M/nebraskas-mascot-loses-potentially-problematic-gesture.jpeg
x-azure-ref: 04bT2YQAAAAAKzXWbID/MSIlkNidXXcO8RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 52758
scheme: https

GET
H2 200 mass-casualty-crash-kills-9-in-north-las-vegas.jpeg
img1-azrcdn.newser.com/square-image/316296-20220130064640-M/ 40 KB
41 KB 502ms
387ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316296-20220130064640-M/mass-casualty-crash-kills-9-in-north-las-vegas.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d27516c986b068ec31188f9787d4489255df48361ff089c815b8c2aec5a1bb9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0Hav2YQAAAACusKIYU7LXR5l+JF8LFcuCQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316296-20220130064640-M/mass-casualty-crash-kills-9-in-north-las-vegas.jpeg
x-azure-ref: 04bT2YQAAAADdBTKncFZ6RZm05PraqoHqRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41197
scheme: https

GET
H2 200 governor-invites-critics-to-kiss-his-bulldogs-hiney.jpeg
img2-azrcdn.newser.com/square-image/316249-20220130061956-M/ 52 KB
53 KB 443ms
327ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316249-20220130061956-M/governor-invites-critics-to-kiss-his-bulldogs-hiney.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8cd898214e275702c8334ad5a771326582c3298ddf418760b09b8b6d043289d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0gIT2YQAAAABLwlKwTXycRbL17CtS5BIDQU1TMDRFREdFMTgxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316249-20220130061956-M/governor-invites-critics-to-kiss-his-bulldogs-hiney.jpeg
x-azure-ref: 04bT2YQAAAACmRXk8H4OjSq4g+j2qJ4vFRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 53749
scheme: https

GET
H2 200 north-korea-tests-missile-its-longest-range-since-2017.jpeg
img1-azrcdn.newser.com/square-image/316288-20220130054956-M/ 41 KB
41 KB 406ms
289ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316288-20220130054956-M/north-korea-tests-missile-its-longest-range-since-2017.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3aaa5c9fc7d99f8a956ca2481a72f36d142246ad42f68d6ba90ac4edb95a7515

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0Gqb2YQAAAADMqHVvMnZATq7Lju/3mXkvQU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316288-20220130054956-M/north-korea-tests-missile-its-longest-range-since-2017.jpeg
x-azure-ref: 04bT2YQAAAADG01bSWilIQ5WKKpr9PWBVRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41909
scheme: https

GET
H2 200 protest-convoy-reaches-ottawa.jpeg
img1-azrcdn.newser.com/square-image/316286-20220129193112-M/ 45 KB
45 KB 453ms
337ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316286-20220129193112-M/protest-convoy-reaches-ottawa.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bb9b673f70e36909c34e071263c99d8fdade84b1ced55968c3b658ea5c3f0fa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08Ir2YQAAAADikXXgi8z7ToUuupXDpKeoQU1TMDRFREdFMTgxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316286-20220129193112-M/protest-convoy-reaches-ottawa.jpeg
x-azure-ref: 04bT2YQAAAADZyJXUo8E8RJr52rvqL0/pRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 46080
scheme: https

GET
H2 200 irish-fishing-industry-objects-to-russian-navys-plans.jpeg
img2-azrcdn.newser.com/square-image/316169-20220129180520-M/ 52 KB
52 KB 476ms
360ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316169-20220129180520-M/irish-fishing-industry-objects-to-russian-navys-plans.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 41f9fdd28cd3937d5e42d631b42b9779215ffafe8bf13e9472c4583d94265f7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0Gab2YQAAAADGMP54Uwq9Q5InW5DoHRDEQU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316169-20220129180520-M/irish-fishing-industry-objects-to-russian-navys-plans.jpeg
x-azure-ref: 04bT2YQAAAABc3P/ank3ESIxBR1/pPoLBRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 52989
scheme: https

GET
H2 200 ContestsGrid2.png
img1-azrcdn.newser.com/images/contests/ 10 KB
10 KB 275ms
158ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/contests/ContestsGrid2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a67c13f917d49cb6abae4b521e55f61a83da2c4b5ba4393b4e59acc954be1c20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 01 Nov 2021 21:01:58 GMT
x-azure-ref-originshield: 0Hav2YQAAAAC5AC5Ae+vPSIy73biTzLOOQU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAABCiNMrjv1hTLF2UM/v1jJhRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9851

GET
H2 200 raducanu-says-stalker-took-her-freedom.jpeg
img1-azrcdn.newser.com/square-image/316280-20220129180956-M/ 38 KB
38 KB 345ms
228ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316280-20220129180956-M/raducanu-says-stalker-took-her-freedom.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 43a9d053c33ab061ab1cc70ddeebb86270a32c7db64742a1326852d81c0df9e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0eGv2YQAAAACltEHgFluJR4/qTLEW38nGQU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316280-20220129180956-M/raducanu-says-stalker-took-her-freedom.jpeg
x-azure-ref: 04bT2YQAAAABAXdT+Y9bBQI2dmrjHQ6kgRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 38446
scheme: https

GET
H2 200 russia-delivers-blood-supplies-to-border.jpeg
img1-azrcdn.newser.com/square-image/316260-20220129173956-M/ 59 KB
59 KB 460ms
345ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316260-20220129173956-M/russia-delivers-blood-supplies-to-border.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 059e5a44ec9f8bab93a45cbf617ac529605f99891cfe7f5e9cb19a5b4cf9cdfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08Ir2YQAAAAD8j1rJ6WxGTZm/qeHMD8veQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316260-20220129173956-M/russia-delivers-blood-supplies-to-border.jpeg
x-azure-ref: 04bT2YQAAAACvMiXsdIL+QJ7uIzj0lUZVRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 60296
scheme: https

GET
H2 200 playboy-strongly-supports-hugh-hefner-accusers.jpeg
img2-azrcdn.newser.com/square-image/316123-20220129164056-M/ 54 KB
54 KB 495ms
379ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316123-20220129164056-M/playboy-strongly-supports-hugh-hefner-accusers.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d8396d650599691373314b1cf6fb728df811aba509f8a9bfc0b2499a89da3aab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0eGv2YQAAAABB2oWk7hFDRYlXzhBGxpsiQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316123-20220129164056-M/playboy-strongly-supports-hugh-hefner-accusers.jpeg
x-azure-ref: 04bT2YQAAAAAwP5v+xU/aSraZv6Thr8NWRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55162
scheme: https

GET
H2 200 for-sale-former-cia-black-site.jpeg
img2-azrcdn.newser.com/square-image/316061-20220129163156-M/ 50 KB
51 KB 526ms
411ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316061-20220129163156-M/for-sale-former-cia-black-site.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4a5d81507b6b90d018c7b1ad981d08416582cd454c72a8d93ece700f92f24936

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0caL2YQAAAABQiL1x3+1gRrHIqit9wdDIQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316061-20220129163156-M/for-sale-former-cia-black-site.jpeg
x-azure-ref: 04bT2YQAAAAB+P7tNX4+EQpRggukSV9/IRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51525
scheme: https

GET
H2 200 9-officers-open-fire-on-man-standing-along-highway.jpeg
img1-azrcdn.newser.com/square-image/316274-20220129175636-M/ 43 KB
43 KB 456ms
341ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316274-20220129175636-M/9-officers-open-fire-on-man-standing-along-highway.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b4fb0434eba77c4e60becbf6a700e1b1f53f8ecc7331a59fb38f1d8771b7efa6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0DnP2YQAAAABIn02eAK9dSbyOHUzAPDTmQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316274-20220129175636-M/9-officers-open-fire-on-man-standing-along-highway.jpeg
x-azure-ref: 04bT2YQAAAAC0vq5HrP2MRrWYLfXWqzQURlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43839
scheme: https

GET
H2 200 tom-brady-wraps-up-career-with-record-7-super-bowl-titles.jpeg
img2-azrcdn.newser.com/square-image/316285-20220129183408-M/ 54 KB
55 KB 486ms
371ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316285-20220129183408-M/tom-brady-wraps-up-career-with-record-7-super-bowl-titles.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bd51c6d77f3f20cc41d472110d0bde8dbf406f754773eec6103d40bf5c9df0c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0Gab2YQAAAABDUG+VuD8TQJw2C9O2iK+JQU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316285-20220129183408-M/tom-brady-wraps-up-career-with-record-7-super-bowl-titles.jpeg
x-azure-ref: 04bT2YQAAAACEHtB2bVW8S5sd0eJLCcBgRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55518
scheme: https

GET
H2 200 kansas-man-accused-of-threatening-biden.jpeg
img1-azrcdn.newser.com/square-image/316266-20220129144511-M/ 45 KB
45 KB 495ms
380ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316266-20220129144511-M/kansas-man-accused-of-threatening-biden.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 04321424ef276f3762e2cc09dd99a03188d641f3a2cd02d0c8c08b7b95799f24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0caL2YQAAAACQ+h7e7TcCSqjGRf6hy50dQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316266-20220129144511-M/kansas-man-accused-of-threatening-biden.jpeg
x-azure-ref: 04bT2YQAAAAAFYcOWNSx+TaHzB2q464CVRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45899
scheme: https

GET
H2 200 china-is-snatching-up-cobalt-thats-where-idaho-comes-in.jpeg
img2-azrcdn.newser.com/square-image/316111-20220129140241-M/ 54 KB
55 KB 549ms
433ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316111-20220129140241-M/china-is-snatching-up-cobalt-thats-where-idaho-comes-in.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 02990729bbbb066fccf5f274626c1f0f7e7edbaeaa2d15451fb7062a7264377b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08o72YQAAAAAA+2NSrHQzQ4EBEVVBsZZvQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316111-20220129140241-M/china-is-snatching-up-cobalt-thats-where-idaho-comes-in.jpeg
x-azure-ref: 04bT2YQAAAACTcIcbnVnfTrj341YKJg9kRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55657
scheme: https

GET
H2 200 mitt-romney-has-covid-will-isolate-at-home.jpeg
img1-azrcdn.newser.com/square-image/316270-20220129133956-M/ 39 KB
40 KB 349ms
232ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316270-20220129133956-M/mitt-romney-has-covid-will-isolate-at-home.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7d900ebc614ac1d2adfe556578ff35cd8ba0b821dbf70aefe901684e22e29008

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0DnP2YQAAAABnqMGt3H4nSZ/CueZwVi86QU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316270-20220129133956-M/mitt-romney-has-covid-will-isolate-at-home.jpeg
x-azure-ref: 04bT2YQAAAACbYRuYptjRRb9SWiPlpPJnRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40268
scheme: https

GET
H2 200 surgeon-tried-to-sell-bataclan-survivors-x-ray-as-an-nft.jpeg
img2-azrcdn.newser.com/square-image/316035-20220129123556-M/ 39 KB
39 KB 481ms
365ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316035-20220129123556-M/surgeon-tried-to-sell-bataclan-survivors-x-ray-as-an-nft.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0e95603a1b75398990e8e6c8396068f556799d4efcbe58671ddceb1ab5ba0fc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0Hav2YQAAAABtZXaNVeEeSqtdLs/LWRdkQU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316035-20220129123556-M/surgeon-tried-to-sell-bataclan-survivors-x-ray-as-an-nft.jpeg
x-azure-ref: 04bT2YQAAAAB6usGXrgcxSp5t7BQxG0rQRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 39502
scheme: https

GET
H2 200 petition-questions-message-of-f-logo.jpeg
img2-azrcdn.newser.com/square-image/316279-20220129140526-M/ 49 KB
50 KB 540ms
425ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316279-20220129140526-M/petition-questions-message-of-f-logo.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d5ee43ffd22efce6a405cb805a86f3f6c28c7ed9b4a9427a2e10fad69accf2ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0mTj2YQAAAACvnGhn/9TCSqcZ+USMKCKyQU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316279-20220129140526-M/petition-questions-message-of-f-logo.jpeg
x-azure-ref: 04bT2YQAAAAAlrEoWADqGSbTzlA2+dIIyRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50549
scheme: https

GET
H2 200 college-student-dies-after-exposure-to-sub-zero-temps.jpeg
img2-azrcdn.newser.com/square-image/316267-20220129114126-M/ 50 KB
51 KB 532ms
417ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316267-20220129114126-M/college-student-dies-after-exposure-to-sub-zero-temps.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b889e344c4f8d84fbcb58cea388201a47caaab2ab9fcb6769a01b2152b9304e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0Hav2YQAAAACMNGuAF5fNSIVN7Lq/ZWK5QU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316267-20220129114126-M/college-student-dies-after-exposure-to-sub-zero-temps.jpeg
x-azure-ref: 04bT2YQAAAAAkl2s6fHMLTJOb9MEbsobgRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51652
scheme: https

GET
H2 200 house_grid_iphone.png
img2-azrcdn.newser.com/images/ 16 KB
16 KB 370ms
367ms Image
image/png 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/house_grid_iphone.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44da54fd69c8966482bc49d3744fff0a7fd944dc2dd5732d9f710da7df4329bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0l3z2YQAAAACmoso1ZY4fToWDxzg7sRY6QU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAACMKOeNT+gJQLKI7/yKEO8bRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 16207

GET
H2 200 his-brain-ailment-wasnt-cancer-it-was-mold.jpeg
img1-azrcdn.newser.com/square-image/316242-20220129111041-M/ 63 KB
64 KB 319ms
315ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316242-20220129111041-M/his-brain-ailment-wasnt-cancer-it-was-mold.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8db3cdae20a2cc55562a300687c0e6863a51e53c9735457ad313c09f501422c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0caL2YQAAAAAIgBgbEkF2Q4khGe5UZxvnQU1TMDRFREdFMTkxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316242-20220129111041-M/his-brain-ailment-wasnt-cancer-it-was-mold.jpeg
x-azure-ref: 04bT2YQAAAACt5/M8HQNRS5RZzySw/qr2RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 65001
scheme: https

GET
H2 200 britneys-new-message-to-sister-you-are-scum-jamie-lynn.jpeg
img1-azrcdn.newser.com/square-image/316278-20220129105241-M/ 46 KB
46 KB 327ms
324ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316278-20220129105241-M/britneys-new-message-to-sister-you-are-scum-jamie-lynn.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bddc841f91f5c39676abff8eed53be5c5a23cb2fde6051b72caf1b758e487d64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08Ir2YQAAAABWGSHoqr9ZSpvseGL4JFNFQU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316278-20220129105241-M/britneys-new-message-to-sister-you-are-scum-jamie-lynn.jpeg
x-azure-ref: 04bT2YQAAAAAkCb7WZDU2Tb58CyW76NW+RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47198
scheme: https

GET
H2 200 observant-mail-carrier-saves-homeowners-life.jpeg
img1-azrcdn.newser.com/square-image/316264-20220129104345-M/ 44 KB
44 KB 351ms
347ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316264-20220129104345-M/observant-mail-carrier-saves-homeowners-life.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ec80b688833a13ec1a4799e36cfb5d3d3cf8ce76917ad2b36a32cda0e9386c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 04bT2YQAAAADuSLgRPxwWTqua9mn0kKrWQU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316264-20220129104345-M/observant-mail-carrier-saves-homeowners-life.jpeg
x-azure-ref: 04bT2YQAAAACUMHK83It3SrDp097VEVBXRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44918
scheme: https

GET
H2 200 major-winter-storm-slams-east-coast.jpeg
img2-azrcdn.newser.com/square-image/316277-20220129094457-M/ 49 KB
49 KB 373ms
370ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316277-20220129094457-M/major-winter-storm-slams-east-coast.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 286e0981e7354c418fc0334ddf4b3b8fb930b623c5b67d41ed1a5bfe6fbaf2c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0caL2YQAAAADdreyioIFXQLWaUk8x6/csQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316277-20220129094457-M/major-winter-storm-slams-east-coast.jpeg
x-azure-ref: 04bT2YQAAAADXIv0dbK4CT62uvsNscr+KRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50377
scheme: https

GET
H2 200 joni-mitchell-im-leaving-spotify-too.jpeg
img1-azrcdn.newser.com/square-image/316262-20220129090111-M/ 49 KB
49 KB 357ms
354ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316262-20220129090111-M/joni-mitchell-im-leaving-spotify-too.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ff76febbb198182768c97dc65c99a48194b9f837e8aea60b94c6f9b776e51977

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0eWv2YQAAAABFN114emUwTIp1e/PLLW9rQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316262-20220129090111-M/joni-mitchell-im-leaving-spotify-too.jpeg
x-azure-ref: 04bT2YQAAAAAGTJwlPZvAQ7IEMeNPUU7QRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 49982
scheme: https

GET
H2 200 meet-the-great-lost-female-hacker-of-the-1980s.jpeg
img1-azrcdn.newser.com/square-image/316168-20220129083256-M/ 56 KB
56 KB 370ms
367ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316168-20220129083256-M/meet-the-great-lost-female-hacker-of-the-1980s.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fa2f0e9c789e85c558c08a5b84edbc14ebd795915d13987a53032214e8fc3b1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0orP2YQAAAACC7QFFHJbARZuoEIsay+s8QU1TMDRFREdFMTkxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316168-20220129083256-M/meet-the-great-lost-female-hacker-of-the-1980s.jpeg
x-azure-ref: 04bT2YQAAAACkMtKXTQU/SZHMQsUbN5C8RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 57340
scheme: https

GET
H2 200 stephen-breyer-its-been-a-great-honor.jpeg
img1-azrcdn.newser.com/square-image/316200-20220129081256-M/ 47 KB
48 KB 379ms
376ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316200-20220129081256-M/stephen-breyer-its-been-a-great-honor.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: af9661ddc030cee02bfbd41baf7608e14327ce95a3199e6714dd8d3a12f21c71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 04bT2YQAAAACo0BbITD8cSLeJv0z3sqG1QU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316200-20220129081256-M/stephen-breyer-its-been-a-great-honor.jpeg
x-azure-ref: 04bT2YQAAAAAlLQTXOiScSqYcQVOBeQsCRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48471
scheme: https

GET
H2 200 dads-life-changing-find-englands-oldest-gold-coin.jpeg
img1-azrcdn.newser.com/square-image/316086-20220129071430-M/ 57 KB
57 KB 385ms
381ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316086-20220129071430-M/dads-life-changing-find-englands-oldest-gold-coin.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 69c11828cc2905f5ddbfd2b0d8f78a685c5b7a3502f5235887a22c91b5da6ee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08o72YQAAAACcP4i4xeGqQqAvAjtAMdXoQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316086-20220129071430-M/dads-life-changing-find-englands-oldest-gold-coin.jpeg
x-azure-ref: 04bT2YQAAAADHfy+OyIOdSJ/GiJ8+bq41RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 58564
scheme: https

GET
H2 200 aussie-wins-australian-open-for-first-time-in-44-years.jpeg
img2-azrcdn.newser.com/square-image/316273-20220129074411-M/ 40 KB
41 KB 505ms
502ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316273-20220129074411-M/aussie-wins-australian-open-for-first-time-in-44-years.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: da4cf27b9fe0ae190ef96fdbd0d9cc1a69d561ae0172d4d38bf10380d4d33957

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08Ir2YQAAAAB3hcA38qu/RpOTcf5DBLTcQU1TMDRFREdFMTkxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316273-20220129074411-M/aussie-wins-australian-open-for-first-time-in-44-years.jpeg
x-azure-ref: 04bT2YQAAAACPdiYcqMMDS6Gv6ueP/LinRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41332
scheme: https

GET
H2 200 this-nation-kept-covid-out-now-a-state-of-disaster.jpeg
img2-azrcdn.newser.com/square-image/316269-20220129085739-M/ 45 KB
45 KB 508ms
505ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316269-20220129085739-M/this-nation-kept-covid-out-now-a-state-of-disaster.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cd894fd0d07d985171809c5a1bc653a3388ced6b2e32a44e53c63fc1ea30cec9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0jC72YQAAAABZ9Yt0ZFn3SZZmprI7b5KzQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316269-20220129085739-M/this-nation-kept-covid-out-now-a-state-of-disaster.jpeg
x-azure-ref: 04bT2YQAAAAAKY7DCz+pWRrEN5TKq66tARlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45569
scheme: https

GET
H2 200 joe-exotic-wants-your-prayers.jpeg
img2-azrcdn.newser.com/square-image/312977-20220129065556-M/ 45 KB
45 KB 523ms
520ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/312977-20220129065556-M/joe-exotic-wants-your-prayers.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c7dff2266b8de79be9543dc8c2aff1b841cdfd58ac0d59c082d9e6f3db5d43f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 04bT2YQAAAACDv2bXM3C+SrEMoleD0P97QU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/312977-20220129065556-M/joe-exotic-wants-your-prayers.jpeg
x-azure-ref: 04bT2YQAAAAAdpU8+hoAFS59+CkEC6EGNRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45743
scheme: https

GET
H2 200 biden-talks-infrastructure-after-bridge-collapses.jpeg
img2-azrcdn.newser.com/square-image/316259-20220128181740-M/ 53 KB
53 KB 528ms
524ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316259-20220128181740-M/biden-talks-infrastructure-after-bridge-collapses.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a62348491ab317874ea90c67adea37df3ca6ff3c768af7c293c019ebae858d42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0orP2YQAAAAB+Ow7kuO7KTJqvS81Bb5nhQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316259-20220128181740-M/biden-talks-infrastructure-after-bridge-collapses.jpeg
x-azure-ref: 04bT2YQAAAABSvbm5BTomQo4rkVm2SOY1RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 53805
scheme: https

GET
H2 200 house_grid_rundown.png
img1-azrcdn.newser.com/images/ 5 KB
5 KB 389ms
386ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/house_grid_rundown.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 21349b60e999f29bb11fd1384e57ea43faf7bb39d7822e81c1e30de505663228

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0Gqb2YQAAAAC1ORTdLeMFQ7AU3V2FyHeTQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAABnbg8tSFwyRojdR+hEpEYiRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5120

GET
H2 200 swastikas-appear-at-dcs-union-station.jpeg
img1-azrcdn.newser.com/square-image/316258-20220128171442-M/ 40 KB
41 KB 390ms
387ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316258-20220128171442-M/swastikas-appear-at-dcs-union-station.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 78df9e9e47f5809e3438e700f53dd96ae52a3751c8b6f15f68c16f98f8aab900

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0Gqb2YQAAAAAS+oKiq7+ATpZ1NWSsTN/OQU1TMDRFREdFMTkxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316258-20220128171442-M/swastikas-appear-at-dcs-union-station.jpeg
x-azure-ref: 04bT2YQAAAABbpAwSUuElT6PlVxdGyl5LRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41203
scheme: https

GET
H2 200 trial-in-notorious-jewel-heist-gets-underway.jpeg
img1-azrcdn.newser.com/square-image/316236-20220128164327-M/ 46 KB
47 KB 395ms
392ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316236-20220128164327-M/trial-in-notorious-jewel-heist-gets-underway.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4a517e84097a36e411922caf77510661b58ae21755bd2927057916420e0c4dc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0l3z2YQAAAACbPcnc3uGDTrg5cw9RcAn2QU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316236-20220128164327-M/trial-in-notorious-jewel-heist-gets-underway.jpeg
x-azure-ref: 04bT2YQAAAABa6YMv1pStQrrTlkrWtuIkRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47615
scheme: https

GET
H2 200 lawsuit-says-chris-brown-raped-woman-aboard-yacht.jpeg
img2-azrcdn.newser.com/square-image/316255-20220128160342-M/ 44 KB
45 KB 530ms
527ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316255-20220128160342-M/lawsuit-says-chris-brown-raped-woman-aboard-yacht.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: da8a4f547b33fd0f6139098d6945e4a4868fcad70204ab34aa4e49bb41a90c01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08o72YQAAAABq0SI/arfyQpdbHS9tFw0mQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316255-20220128160342-M/lawsuit-says-chris-brown-raped-woman-aboard-yacht.jpeg
x-azure-ref: 04bT2YQAAAABBzpP9KRNARpeKLr1/3x0wRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45407
scheme: https

GET
H2 200 apples-surge-helps-snap-markets-losing-streak.jpeg
img1-azrcdn.newser.com/square-image/316256-20220128155832-M/ 33 KB
33 KB 399ms
396ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316256-20220128155832-M/apples-surge-helps-snap-markets-losing-streak.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9a1c965417bb6122a80900a20c8fdfb7cf87cd495713c142d93d3c07a64e75cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0caL2YQAAAABWLxlmTjY+TaRV8ntdMNZWQU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316256-20220128155832-M/apples-surge-helps-snap-markets-losing-streak.jpeg
x-azure-ref: 04bT2YQAAAADn0N9eM+bgQpNFlaoAOcAmRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 33806
scheme: https

GET
H2 200 terrorists-note-on-doomed-pms-kidnapping-sells-for-big-bucks.jpeg
img2-azrcdn.newser.com/square-image/316221-20220128150542-M/ 54 KB
55 KB 530ms
527ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316221-20220128150542-M/terrorists-note-on-doomed-pms-kidnapping-sells-for-big-bucks.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0629f743a7f2e66a09dbb03908062b6a53a33133525eb19471b930a048e6aa43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08Ir2YQAAAABrV3fdWLihQZzZ3ZQG5lQSQU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316221-20220128150542-M/terrorists-note-on-doomed-pms-kidnapping-sells-for-big-bucks.jpeg
x-azure-ref: 04bT2YQAAAAA0cNj+Q82RToDn12yXGQ+XRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55737
scheme: https

GET
H2 200 man-going-to-prison-after-groping-flight-attendant.jpeg
img1-azrcdn.newser.com/square-image/316234-20220128143327-M/ 51 KB
51 KB 402ms
399ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316234-20220128143327-M/man-going-to-prison-after-groping-flight-attendant.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1fa72666b437fd3fc5a9283ad1b7d64ca681f2a4e7508d1de0eaad6e0bf10750

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0orP2YQAAAABlKTSiylEWRI6t79I7KYHGQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316234-20220128143327-M/man-going-to-prison-after-groping-flight-attendant.jpeg
x-azure-ref: 04bT2YQAAAAACsxkih8fNToGQl0aOvojjRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51945
scheme: https

GET
H2 200 pentagon-pressures-russia-to-walk-away.jpeg
img1-azrcdn.newser.com/square-image/316254-20220128142142-M/ 42 KB
42 KB 499ms
496ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316254-20220128142142-M/pentagon-pressures-russia-to-walk-away.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d4b287e248a1bb66341367e98c58dd2c3ea543ca857717ddb94485a174dcdb63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08o72YQAAAABF4ovVTwmURIml/787rmydQU1TMDRFREdFMTgxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316254-20220128142142-M/pentagon-pressures-russia-to-walk-away.jpeg
x-azure-ref: 04bT2YQAAAADojqdRgVzbRYzWFOb8FOEfRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 42802
scheme: https

GET
H2 200 dad-whose-kids-died-in-flood-charged-with-manslaughter.jpeg
img1-azrcdn.newser.com/square-image/289212-20220128141818-M/ 51 KB
51 KB 513ms
510ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/289212-20220128141818-M/dad-whose-kids-died-in-flood-charged-with-manslaughter.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f807b7652390cbf0f3caef0abc752e93c026cf7d2c46fa8e20b9e3f3a2dfd867

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0DnP2YQAAAADetildTbNyR4yiwxDozuwBQU1TMDRFREdFMTgxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/289212-20220128141818-M/dad-whose-kids-died-in-flood-charged-with-manslaughter.jpeg
x-azure-ref: 04bT2YQAAAADk/3ASOkcCRbD/9mlKzN3VRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51822
scheme: https

GET
H2 200 aid-ships-tonga-challenge-no-contact.jpeg
img1-azrcdn.newser.com/square-image/316228-20220128134242-M/ 44 KB
44 KB 518ms
515ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316228-20220128134242-M/aid-ships-tonga-challenge-no-contact.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b427bf3f448caf3677fabce3ccdbfd6b0d832362665297b8c392efec64c6ee4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0caL2YQAAAAAua62LfxvqT6Qn24pdD3vaQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316228-20220128134242-M/aid-ships-tonga-challenge-no-contact.jpeg
x-azure-ref: 04bT2YQAAAAATAVraymVNTo5mwzN83uYhRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45118
scheme: https

GET
H2 200 musk-supports-truckers-miffed-at-canadas-vax-mandate.jpeg
img1-azrcdn.newser.com/square-image/316248-20220128133427-M/ 39 KB
40 KB 535ms
532ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316248-20220128133427-M/musk-supports-truckers-miffed-at-canadas-vax-mandate.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 237a4fa7a3bc563cc5806f5d26917eb241fb6f2176fcc094e342c473016cedf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0IGX2YQAAAABeMCFSQNvuQ7lC+LYrxZoQQU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316248-20220128133427-M/musk-supports-truckers-miffed-at-canadas-vax-mandate.jpeg
x-azure-ref: 04bT2YQAAAACEdkPt4GS9RZaVTH5/xEPrRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40204
scheme: https

GET
H2 200 city-calls-out-fire-chief-who-nabbed-200k-in-injury-pay.jpeg
img2-azrcdn.newser.com/square-image/316201-20220128140222-M/ 35 KB
36 KB 531ms
528ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316201-20220128140222-M/city-calls-out-fire-chief-who-nabbed-200k-in-injury-pay.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e07fac4323e918dbe03b5112e649861c72aeb3e596ef9acbedeaaec547f529ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0caL2YQAAAACMT8yRf/0OTpSk10DRVwxIQU1TMDRFREdFMTkwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316201-20220128140222-M/city-calls-out-fire-chief-who-nabbed-200k-in-injury-pay.jpeg
x-azure-ref: 04bT2YQAAAACO7yMYebnhQJc2+FK5eS59RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 36265
scheme: https

GET
H2 200 toyota-working-on-a-moon-car.jpeg
img2-azrcdn.newser.com/square-image/316247-20220128124642-M/ 35 KB
35 KB 531ms
529ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316247-20220128124642-M/toyota-working-on-a-moon-car.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e40d12b256074d2ba43d1e8098a8bc039e3197ce0fd446a5ced2b9234f741d5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0DnP2YQAAAABYmw9UQ24sSpEkSEUCk4E/QU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316247-20220128124642-M/toyota-working-on-a-moon-car.jpeg
x-azure-ref: 04bT2YQAAAAAbJeMsS3ZYRITfF57OjthsRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 35631
scheme: https

GET
H2 200 / Show response
loadus.exelator.com/load/ 124 B
506 B 506ms
158ms Script
application/x-javascript 34.229.3.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://loadus.exelator.com/load/?p=320&g=001&c=700151&ctg=home&subctg=&ag=&gd=
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-3-43.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: 1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
content-type: application/x-javascript;charset=UTF-8
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 dpx.js Show response
i.simpli.fi/ 3 KB
4 KB 279ms
98ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=3056&m=1&referrer=http://www.newser.com

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Sun, 30 Jan 2022 15:55:13 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3095
x-request-id: Fs8XZXESSH-Qq1x-QmHB
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 abp.png
img2-azrcdn.newser.com/images/ 2 KB
2 KB 532ms
529ms Image
image/png 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/abp.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref-originshield: 0xZ32YQAAAAD9GO/yC9VFS4YSiQlhOB7hQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAAAnmxlaHj1cQafD/lXTUbZfRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1639

GET
H2 200 ubo.png
img2-azrcdn.newser.com/images/ 2 KB
2 KB 532ms
530ms Image
image/png 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/ubo.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref-originshield: 015f2YQAAAACxXQrEY30wR6p1YX2QsNHCQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAAAUKdl4TBANTJF/Ccwpp5XJRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1613

GET
H2 200 ghostery.png
img1-azrcdn.newser.com/images/ 2 KB
2 KB 537ms
534ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/ghostery.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0orP2YQAAAABDcoKhrzBrQ53Un76JaiZMQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAADBkPXJCFU7SozdKQgZ+v0yRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1612

GET
H/1.1 200
OK jfYYxHwzsD.js Show response
newser.com/HsF05_E/eTjWmafZYl/Awn/ 13 KB
6 KB 755ms
282ms Script
text/javascript 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://newser.com/HsF05_E/eTjWmafZYl/Awn/jfYYxHwzsD.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 789805032bf81ae4cfca389f685376469a23a1a8933fb5a87778db0286f63c21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:55:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
X-Tornado: yes
Content-Length: 5739

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 537ms
123ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/javascript.ashx?file=newser.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 15:55:13 GMT
Content-Encoding: gzip
Age: 114
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29180
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:22:23 GMT
Server: ECS (mil/6CE4)
Etag: "e92bd51c447ba1dbd509a1e23d3a8521+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
253 B 484ms
149ms XHR
application/json 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-59-199.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 67b41d54a56f1130d8b8b180a5c2fba8bc7bb6c2fc88beb6c8f5a25ba9d69532

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newser.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 15:55:13 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newser.com
Connection: keep-alive
Content-Length: 22

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 214ms
57ms Script
text/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3164
date: Sun, 30 Jan 2022 15:02:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sun, 30 Jan 2022 17:02:29 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 632ms
268ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sun, 06 Feb 2022 15:55:13 GMT

GET
H2 200 infinity.js.aspx Show response
cdn.engine.4dsply.com/Scripts/ 180 KB
57 KB 515ms
278ms Script
application/x-javascript 2606:4700::6810:9f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7a6ebc0a1f30c2c64f537a20c1035dd3f1ac5acf86363f72e5316b5beeb0bfa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 296
x-powered-by: ASP.NET
p3p: CP="CAO PSA OUR IND"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 30 Jan 2022 15:50:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=900
cf-ray: 6d5be2232b0a0f72-MXP
expires: Sun, 30 Jan 2022 16:10:13 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 335ms
242ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5eabdabdabc514c60283bda2ae406f2a04f7e8d94536f544b459accac0e86f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: qoGqCowkok2VGYa57uPt6A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sun, 30 Jan 2022 15:59:43 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: +9z1nnzCY6ATdwaWzD75e4yCRtI4YaEsJ/JZTUTvH6GF6d7EwI7p5UKL7IystQ3RomKZ8FuP0YmPvmFbbRpy5Q==
x-fb-trip-id: 686109401
x-fb-content-md5: b2a4a2e8c37b5451efa68d61a7c92bda
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 30 Jan 2022 15:55:13 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e8742c924c847fee60ca6ca819dcf7ae"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 newsern2.png
img2-azrcdn.newser.com/images/header/ 782 B
1 KB 230ms
83ms Image
image/png 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/newsern2.png
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3f9ebf128c9383c5fc8f3a73439f0e2dfb997f34318383e554b124e37c319c2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0NWj2YQAAAAABWhExVNaOQLG/NmmUyfqTQU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAADsvkEwnKOJQqpiVN3OMZMgRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 782

GET
H2 200 triangle_white_down.svg
img1-azrcdn.newser.com/images/header/ 618 B
943 B 305ms
157ms Image
image/svg+xml 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/triangle_white_down.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0jC72YQAAAABorklAzfQpR7Hl2nny8R+pQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAAC3KDm6i43HRK6oR9Xn8m0eRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 618

GET
H2 200 user_white.svg
img2-azrcdn.newser.com/images/header/ 1 KB
844 B 231ms
83ms Image
image/svg+xml 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/user_white.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0NWj2YQAAAAC8Xa5Df8s9RLMMLOZZefz1QU1TMDRFREdFMTgwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAACZFJ3gc+WgQLdYh7bw7sgwRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 search_white.svg
img2-azrcdn.newser.com/images/header/ 916 B
1 KB 231ms
83ms Image
image/svg+xml 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/search_white.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 08o72YQAAAADoM+yjpExQRZAhkLpUXmz/QU1TMDRFREdFMTkyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAAB55bgIF+0+QKEBan55QKEQRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 916

GET
H2 200 info-white.png
img2-azrcdn.newser.com/images/header/ 433 B
641 B 337ms
189ms Image
image/png 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/info-white.png
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0l3z2YQAAAADGTTPUVaL2QacUt6CTcqSdQU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAACTDnv2C5w/R6sD/mxPNkvHRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 433

GET
H2 200 settings2-white.jpg
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 306ms
158ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/settings2-white.jpg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0gJ/2YQAAAAAYaUh422zCSY3UhinH9FqsQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAAAwCwsEkajSRrq4nfPBNNWvRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1244

GET
H2 200 newsletter_white.svg
img2-azrcdn.newser.com/images/header/ 912 B
1 KB 338ms
190ms Image
image/svg+xml 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/newsletter_white.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 08Ir2YQAAAABB3pE/6vRYQZmXJf6nIjpoQU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAABG0y7WpPVoQriN1bpjk64KRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 912

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 735ms
583ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 416838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 20:07:55 GMT

GET
H2 200 calendar_close.png
img1-azrcdn.newser.com/images/ 303 B
559 B 936ms
935ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/calendar_close.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref-originshield: 0aqT2YQAAAABvgwAodQuSQLoLgdG9Vg9JQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAADIdx1HWORhR4YFQr8UBwO/RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 303

GET
H2 200 left_month.png
img1-azrcdn.newser.com/images/ 274 B
506 B 936ms
936ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/left_month.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield: 08o72YQAAAADdZ578E7TdTIvOUfkKyM6nQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAADgvR5XhtdqQaawm828v7ZwRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 274

GET
H2 200 right_month.png
img2-azrcdn.newser.com/images/ 259 B
515 B 776ms
776ms Image
image/png 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/right_month.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield: 0Hav2YQAAAABtK8JqQLi1T5d04O+h0IwaQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAABq3J2zrTODRrxKTOtr7QwBRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 259

GET
H/1.1 200
OK controlpage.aspx Show response
www.newser.com/ 83 KB
14 KB 265ms
265ms XHR
text/html 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/controlpage.aspx?control=storysquarecontainer&sectionid=1&SITEPAGENAME=Home&donotshowads=&gridrownum=49&squarewidth=320&squareheight=213&numgridrows=48&numgridcols=1&hardsoft=5&StartDate=&EndDate=&PickADate=&ShowPopular=N&PopularType=None&viewhardsoft=n&ajaxcall=y&autorefreshcall=n&lastrefreshdate=1/30/2022%209:55:12%20AM&firststorypubdate=1/30/2022%209:35:00%20AM&siteid=0&tagid=0&userid=0&taggroupid=0&type=&linkstorytype=&scrollcount=1&displayadsection=home&categoryid=0&channelid=0&ShowGridLeaderboardAds=false&ShowGridMobileAds=false&RenderUserFormat=false&StoryView=G&ShowStats=false&StoryId=0&ShowSimpleListView=True&ShowRolloversOverride=False&IsHeadlineTest=true&URLSubfolder=&Website=D&showipadads=N&ShowGridRepeatingAds=C1,C2,C4&GridFirstAdLocation=0&GridSubsequentAdLocation=0&OnClickOverride=&GridPositioning=&IsMobile=false
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 77c997e2ca9694c65e3ec1cbb1a8c7a82f6fbdfee8d560d36084bedf90e3cca7

Request headers

Accept: text/html
Referer: https://www.newser.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 15:55:12 GMT
Content-Encoding: gzip
max-age: 0
RawURL: /controlpage.aspx?control=storysquarecontainer&sectionid=1&SITEPAGENAME=Home&donotshowads=&gridrownum=49&squarewidth=320&squareheight=213&numgridrows=48&numgridcols=1&hardsoft=5&StartDate=&EndDate=&PickADate=&ShowPopular=N&PopularType=None&viewhardsoft=n&ajaxcall=y&autorefreshcall=n&lastrefreshdate=1/30/2022%209:55:12%20AM&firststorypubdate=1/30/2022%209:35:00%20AM&siteid=0&tagid=0&userid=0&taggroupid=0&type=&linkstorytype=&scrollcount=1&displayadsection=home&categoryid=0&channelid=0&ShowGridLeaderboardAds=false&ShowGridMobileAds=false&RenderUserFormat=false&StoryView=G&ShowStats=false&StoryId=0&ShowSimpleListView=True&ShowRolloversOverride=False&IsHeadlineTest=true&URLSubfolder=&Website=D&showipadads=N&ShowGridRepeatingAds=C1,C2,C4&GridFirstAdLocation=0&GridSubsequentAdLocation=0&OnClickOverride=&GridPositioning=&IsMobile=false
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Content-Length: 13381
Scheme: https

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 467ms
356ms Script
application/javascript 108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 08:25:36 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 42062
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: _xUjYP3yjuXN33IkyAuAQDRds4K4Pp7B5a4Um7ep5UWzaWQr71V1rg==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 433ms
333ms Script
application/x-javascript 2600:9000:2156:d000:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d000:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 14:50:12 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 06:48:52 GMT
server: nginx
age: 3901
etag: W/"61f391d4-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HHtYXDm29AAiJb6wKa81SMC7m96OK7zAQDRoA5ENsCy9xVE-Wq573Q==
expires: Sun, 30 Jan 2022 16:50:12 GMT

GET
H2 200 just-shy-of-2-texas-boy-saves-family-from-fire.jpeg
img2-azrcdn.newser.com/square-image/316231-20220128121027-M/ 40 KB
40 KB 478ms
475ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316231-20220128121027-M/just-shy-of-2-texas-boy-saves-family-from-fire.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c14bc74eb84a60374cafb46143c0b2ea118ce9622b75c12cd7196fc129cd8a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 05rH1YQAAAADNPcEgDepCRZ1IHdbthqm3QU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316231-20220128121027-M/just-shy-of-2-texas-boy-saves-family-from-fire.jpeg
x-azure-ref: 04bT2YQAAAAA0lbJtvS95RLKMvJy0+p+ARlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40990
scheme: https

GET
H2 200 beware-east-coast-here-comes-kenan.jpeg
img2-azrcdn.newser.com/square-image/316245-20220128115012-M/ 44 KB
45 KB 479ms
474ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316245-20220128115012-M/beware-east-coast-here-comes-kenan.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0b7fd6d5e58c021a19ea46b59a1f91f7596fe7e5df982282a2f3a70b3e35638c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0mTj2YQAAAAANVsKsqk8PT6xXQxy9L3SGQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316245-20220128115012-M/beware-east-coast-here-comes-kenan.jpeg
x-azure-ref: 04bT2YQAAAAAZdxnEm6ydQZmSYyPfYQr8RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45413
scheme: https

GET
H2 200 domain-name-shift-may-have-leaked-teams-new-name.jpeg
img2-azrcdn.newser.com/square-image/316241-20220128112612-M/ 51 KB
51 KB 480ms
474ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316241-20220128112612-M/domain-name-shift-may-have-leaked-teams-new-name.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9da3111da1b3998343d9494f461bc6d38b46947e5651ad71e5c455f9713f7cb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0caL2YQAAAACxgK/18+ThSojuYRC/fA1xQU1TMDRFREdFMTkxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316241-20220128112612-M/domain-name-shift-may-have-leaked-teams-new-name.jpeg
x-azure-ref: 04bT2YQAAAACPKnzz2DU2SbMAVPkao/WIRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51728
scheme: https

GET
H2 200 green-gaiter-bandit-wanted-in-string-of-bank-robberies.jpeg
img1-azrcdn.newser.com/square-image/316246-20220128111827-M/ 40 KB
41 KB 483ms
475ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316246-20220128111827-M/green-gaiter-bandit-wanted-in-string-of-bank-robberies.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3740532989eefa6c15895ca294973e460770de8e660850efc95cd560d817a1bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0orP2YQAAAADSF1CB8JowRbXo+RFIqhD7QU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316246-20220128111827-M/green-gaiter-bandit-wanted-in-string-of-bank-robberies.jpeg
x-azure-ref: 04bT2YQAAAABBSXKbLpuJSarJQWI3gVkhRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41258
scheme: https

GET
H2 200 heres-how-the-major-us-airlines-rank.jpeg
img1-azrcdn.newser.com/square-image/316240-20220128103927-M/ 43 KB
43 KB 493ms
485ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316240-20220128103927-M/heres-how-the-major-us-airlines-rank.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d97e795abc94a584e788c78eaa25a21d61935d7d514fa04655ddadd8e0a44896

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0cqL2YQAAAABeVWUsBQinQpk/TKf332ACQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316240-20220128103927-M/heres-how-the-major-us-airlines-rank.jpeg
x-azure-ref: 04bT2YQAAAAAyzKQqsZ3WRolpmdXIu4G2RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43611
scheme: https

GET
H2 200 bloodthirsty-attack-leaves-dog-walker-with-horrific-injuries.jpeg
img2-azrcdn.newser.com/square-image/316235-20220128101942-M/ 52 KB
52 KB 506ms
499ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316235-20220128101942-M/bloodthirsty-attack-leaves-dog-walker-with-horrific-injuries.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8eef6ec74a5d580cc3f8147131f97094fed7507ad69b79c23fc74f7bde66f421

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0cqL2YQAAAACsipPQTgA5QKSmUdO6HjXJQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316235-20220128101942-M/bloodthirsty-attack-leaves-dog-walker-with-horrific-injuries.jpeg
x-azure-ref: 04bT2YQAAAADIH+zyMNLMRaRZs1sZ5DX7RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 53149
scheme: https

GET
H2 200 guy-claims-he-broke-a-world-record-a-week-in-2021.jpeg
img1-azrcdn.newser.com/square-image/316220-20220128100427-M/ 47 KB
47 KB 495ms
488ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316220-20220128100427-M/guy-claims-he-broke-a-world-record-a-week-in-2021.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ca7cd2a4608296a9ff32e81e120d27a5a37a77f7e67079efba169b43a8743ea2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0Hqv2YQAAAABZo6puHM9tQpynS7ag0DgrQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316220-20220128100427-M/guy-claims-he-broke-a-world-record-a-week-in-2021.jpeg
x-azure-ref: 04bT2YQAAAADMm/qpX9QUQaJUPmrceh5IRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48326
scheme: https

GET
H2 200 key-inflation-gauge-hasnt-risen-this-much-since-1982.jpeg
img2-azrcdn.newser.com/square-image/316243-20220128094127-M/ 45 KB
45 KB 512ms
505ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316243-20220128094127-M/key-inflation-gauge-hasnt-risen-this-much-since-1982.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9d5019bd2fae955cf530cf7f1a6d48a40595abadfa86a956c118b2c97e9d4779

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0cqL2YQAAAAAZ1AjCEGBlRL+7Ois/83u8QU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316243-20220128094127-M/key-inflation-gauge-hasnt-risen-this-much-since-1982.jpeg
x-azure-ref: 04bT2YQAAAABc2RsQmxsVSLtANv+spwB7RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45739
scheme: https

GET
H2 200 10-hurt-as-bridge-collapses-in-pittsburgh.jpeg
img1-azrcdn.newser.com/square-image/316238-20220128092010-M/ 56 KB
57 KB 495ms
488ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316238-20220128092010-M/10-hurt-as-bridge-collapses-in-pittsburgh.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 65db3d75c61bd51568b39a016efa0cb90f3df0514fcfb6ca65c83892d66e1691

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0orP2YQAAAABek1ZNkhW8TYgrACqe+jtAQU1TMDRFREdFMTgwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316238-20220128092010-M/10-hurt-as-bridge-collapses-in-pittsburgh.jpeg
x-azure-ref: 04bT2YQAAAACY1I91/rnaSIklO8GssmGtRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 57676
scheme: https

GET
H2 200 anti-maskers-cause-10-day-shutdown-at-kids-museum.jpeg
img1-azrcdn.newser.com/square-image/316230-20220128085212-M/ 38 KB
38 KB 495ms
488ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316230-20220128085212-M/anti-maskers-cause-10-day-shutdown-at-kids-museum.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 97dde2799af977e4004e45c29b84b8be9b26ed417ef708b702b34af287ff254d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 04bT2YQAAAABAMkkABLW6TZDgdJGGLTJfQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316230-20220128085212-M/anti-maskers-cause-10-day-shutdown-at-kids-museum.jpeg
x-azure-ref: 04bT2YQAAAAAo2b1vVEJGTLSuh+4jEENORlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 39032
scheme: https

GET
H2 200 father-to-bes-shooting-death-called-a-modern-day-lynching.jpeg
img1-azrcdn.newser.com/square-image/316232-20220128082827-M/ 40 KB
40 KB 496ms
489ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316232-20220128082827-M/father-to-bes-shooting-death-called-a-modern-day-lynching.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c0d8c7a6bf76c57da334c1b75724fbb20f592e5040c9088779bc21ed33b177a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0eWv2YQAAAADiU4+RZ/+WT7YqLdFXbYTPQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316232-20220128082827-M/father-to-bes-shooting-death-called-a-modern-day-lynching.jpeg
x-azure-ref: 04bT2YQAAAAAqznvs4c7OSLnN71/PukKuRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40473
scheme: https

GET
H2 200 scientists-rogan-podcast-now-spouting-climate-anti-science.jpeg
img1-azrcdn.newser.com/square-image/316222-20220128081142-M/ 36 KB
36 KB 496ms
490ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316222-20220128081142-M/scientists-rogan-podcast-now-spouting-climate-anti-science.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 23248ff4b7464d9f03a44d8ca0738f1c418f0e002b3431a33eb78da15eea8d03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0D3P2YQAAAAAjypR6yHKtT5cmPJy1LwnTQU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316222-20220128081142-M/scientists-rogan-podcast-now-spouting-climate-anti-science.jpeg
x-azure-ref: 04bT2YQAAAAChy4DEaNlcQKT9gO7Xxa/8RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 36458
scheme: https

GET
H2 200 america-now-has-a-first-cat.jpeg
img2-azrcdn.newser.com/square-image/316229-20220128075857-M/ 40 KB
41 KB 865ms
858ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316229-20220128075857-M/america-now-has-a-first-cat.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e4ad92e954944eac3807c7f50b2c213d8ddc2bc8a1324ed8986a733d4196e94a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0Hqv2YQAAAACjj6rPfbkwTrF4DhYAnWbUQU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316229-20220128075857-M/america-now-has-a-first-cat.jpeg
x-azure-ref: 04bT2YQAAAAB5bHasXmpFTbpM0mZrwKDSRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41446
scheme: https

GET
H2 200 theres-something-weird-about-djokovics-covid-test.jpeg
img2-azrcdn.newser.com/square-image/316233-20220128072957-M/ 49 KB
50 KB 865ms
859ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316233-20220128072957-M/theres-something-weird-about-djokovics-covid-test.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 49f8584d1d0dbff1c1347ad1db13ef74f8edd89e3f6ccdb5636e3c7b0ca8ea6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08Ir2YQAAAACW8zStwX/2RpE0hWJP5zDzQU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316233-20220128072957-M/theres-something-weird-about-djokovics-covid-test.jpeg
x-azure-ref: 04bT2YQAAAABLxy5gbZQ4RJrDv7a4sTDHRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50474
scheme: https

GET
H2 200 stormy-daniels-michael-avenatti-clash-in-court.jpeg
img2-azrcdn.newser.com/square-image/316217-20220128071557-M/ 57 KB
57 KB 866ms
859ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316217-20220128071557-M/stormy-daniels-michael-avenatti-clash-in-court.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0c82e3739d9fd652c6ac2d8a3745d4a35fbd7a9277b0ef2b2885c1db030c3cb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0eWv2YQAAAAD5Qs5VRZe/S6cOWn9eM1fiQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316217-20220128071557-M/stormy-daniels-michael-avenatti-clash-in-court.jpeg
x-azure-ref: 04bT2YQAAAAD17Z/hG2EPSICf1vhLEIk7RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 57975
scheme: https

GET
H2 200 race-for-sunken-f35-is-hunt-for-red-october-meets-the-abyss.jpeg
img2-azrcdn.newser.com/square-image/316215-20220128060457-M/ 54 KB
55 KB 866ms
860ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316215-20220128060457-M/race-for-sunken-f35-is-hunt-for-red-october-meets-the-abyss.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a162db4d4ec665954b0c34e7fdec5dc2c7f1f42b54072683b5d5cccfcaf3b11d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0cqL2YQAAAADVpe6cD2oiQbahjQea7nmnQU1TMDRFREdFMTkxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316215-20220128060457-M/race-for-sunken-f35-is-hunt-for-red-october-meets-the-abyss.jpeg
x-azure-ref: 04bT2YQAAAADKs21OjX9vTKeAearonk2YRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55613
scheme: https

GET
H2 200 4-including-baby-freeze-to-death-in-attempt-to-enter-us.jpeg
img1-azrcdn.newser.com/square-image/315928-20220128053209-M/ 54 KB
55 KB 497ms
491ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/315928-20220128053209-M/4-including-baby-freeze-to-death-in-attempt-to-enter-us.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bf93cf51f40cdffc7e84c2267d234704d29fe9941fd22a738c0fea22f221f82b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0D3P2YQAAAADXOLulZ96PQoPN0i4B8FOnQU1TMDRFREdFMTgxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/315928-20220128053209-M/4-including-baby-freeze-to-death-in-attempt-to-enter-us.jpeg
x-azure-ref: 04bT2YQAAAADC9Z3uoIuES49TN7TlFPMTRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55527
scheme: https

GET
H2 200 evangeline-lilly-says-she-was-at-rfk-jr-anti-vax-rally.jpeg
img1-azrcdn.newser.com/square-image/316218-20220128053740-M/ 42 KB
43 KB 497ms
491ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316218-20220128053740-M/evangeline-lilly-says-she-was-at-rfk-jr-anti-vax-rally.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4e5703b23d96dbffc24fa6f316bad0cfc3d8221f487d45fdbeceb8b26c85b14b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0Gqb2YQAAAAA5wOVtgr36TIFtoY3C/y69QU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316218-20220128053740-M/evangeline-lilly-says-she-was-at-rfk-jr-anti-vax-rally.jpeg
x-azure-ref: 04bT2YQAAAACaFwdrvFP/QqJlCnrfcRvTRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43151
scheme: https

GET
H2 200 alabama-inmate-executed-after-scotus-clears-way.jpeg
img1-azrcdn.newser.com/square-image/316224-20220128054042-M/ 47 KB
48 KB 497ms
492ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316224-20220128054042-M/alabama-inmate-executed-after-scotus-clears-way.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8b38afb8226ce92ae65edd3bb8011a83628178ca577ef4a2148f0c99a1d80e4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08472YQAAAACEMfrFn5eXRb/IOcVNUf8yQU1TMDRFREdFMTgxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316224-20220128054042-M/alabama-inmate-executed-after-scotus-clears-way.jpeg
x-azure-ref: 04bT2YQAAAACFR1jNXDhCQpTxzUXjVK15RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48492
scheme: https

GET
H2 200 michael-madsen-loses-26-year-old-son-hudson.jpeg
img2-azrcdn.newser.com/square-image/316107-20220128024457-M/ 45 KB
45 KB 866ms
860ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316107-20220128024457-M/michael-madsen-loses-26-year-old-son-hudson.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4e7fc8052650e22f03ac26e86cb617119d57ec5d3198b8559e3cf433b279e99f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08Ir2YQAAAAAlTrYqNcodTYFKraZ2edVsQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316107-20220128024457-M/michael-madsen-loses-26-year-old-son-hudson.jpeg
x-azure-ref: 04bT2YQAAAAAqm9qhQF7gQ5ZIcVg9zrDGRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45803
scheme: https

GET
H2 200 bills-want-couple-prosecuted-over-allegedly-fake-vaccine-cards.jpeg
img2-azrcdn.newser.com/square-image/316223-20220128021458-M/ 70 KB
70 KB 866ms
861ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316223-20220128021458-M/bills-want-couple-prosecuted-over-allegedly-fake-vaccine-cards.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 594deea2cdcf15cb176a4cf6bcfb074ba22cc55c698833db25a8ac30d5ede92c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0mzj2YQAAAADAyRLwbhg4RIFFjr6k/IL2QU1TMDRFREdFMTgxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316223-20220128021458-M/bills-want-couple-prosecuted-over-allegedly-fake-vaccine-cards.jpeg
x-azure-ref: 04bT2YQAAAAA/C9h/q8AzTqoBE2mnCgYJRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 71283
scheme: https

GET
H2 200 judge-hands-green-advocates-big-win-on-offshore-drilling.jpeg
img2-azrcdn.newser.com/square-image/316225-20220128052934-M/ 42 KB
42 KB 872ms
866ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316225-20220128052934-M/judge-hands-green-advocates-big-win-on-offshore-drilling.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c3a99bb651bce59ca498c2c9c97290408da53d49dc917232ed4a0dadf10a57e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0orP2YQAAAACU0xbgdxdrQJlzr7DQFgReQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316225-20220128052934-M/judge-hands-green-advocates-big-win-on-offshore-drilling.jpeg
x-azure-ref: 04bT2YQAAAADZG547g+vWRK28yx1H926PRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 42934
scheme: https

GET
H2 200 6th-victim-added-to-tally-of-1970s-doodler-serial-killer.jpeg
img2-azrcdn.newser.com/square-image/316219-20220128080349-M/ 42 KB
43 KB 872ms
867ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316219-20220128080349-M/6th-victim-added-to-tally-of-1970s-doodler-serial-killer.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f414033c9b93d7223d3651dc723bf66c6c368d2a6616f4500b300e805efc4419

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 057H1YQAAAABitU4ljD5eQKoVWu9GO332QU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316219-20220128080349-M/6th-victim-added-to-tally-of-1970s-doodler-serial-killer.jpeg
x-azure-ref: 04bT2YQAAAAC+E7X+54MeTL0jUIHSGYVqRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43501
scheme: https

GET
H2 200 ukraine-hears-discouraging-assessments.jpeg
img1-azrcdn.newser.com/square-image/316212-20220127201058-M/ 54 KB
54 KB 497ms
492ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316212-20220127201058-M/ukraine-hears-discouraging-assessments.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bc779eca15675ccd4bf6aa23f0e6d04638f805f346d46092add71be913fa621d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08472YQAAAAAuxgdGxsCbTaSHRwETiengQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316212-20220127201058-M/ukraine-hears-discouraging-assessments.jpeg
x-azure-ref: 04bT2YQAAAAA1QjhWSVh2RpUKGXwapvVERlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55344
scheme: https

GET
H2 200 house_grid_morning.png
img1-azrcdn.newser.com/images/ 33 KB
34 KB 498ms
493ms Image
image/png 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/house_grid_morning.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 185b7539076b9f8d807c5740180aac4e2a4b3bc2912b4e9485950ccddb4cb39e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0Gqb2YQAAAAAMy0iaXiIbSYdhUyH5Y82wQU1TMDRFREdFMTkwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 04bT2YQAAAADrS37IuIJ+QLfdbFcIeGx7RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 34113

GET
H2 200 chiefs-fans-honor-bills-by-donating-to-hospital.jpeg
img2-azrcdn.newser.com/square-image/316209-20220128044834-M/ 43 KB
43 KB 872ms
867ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316209-20220128044834-M/chiefs-fans-honor-bills-by-donating-to-hospital.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cba00eeef256b0662dfe41916464ddbd5c1b30f701e8373b760e0cbaf425c98e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 04bT2YQAAAAB4+t2Foi9WSKX7BelHsea0QU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316209-20220128044834-M/chiefs-fans-honor-bills-by-donating-to-hospital.jpeg
x-azure-ref: 04bT2YQAAAACm1CqSXE1bQZzIhMEgasluRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44210
scheme: https

GET
H2 200 after-testing-positive-palin-causes-a-stir-at-restaurants.jpeg
img1-azrcdn.newser.com/square-image/316206-20220127184443-M/ 37 KB
37 KB 498ms
493ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316206-20220127184443-M/after-testing-positive-palin-causes-a-stir-at-restaurants.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 51b3d1a2d7433f93d0cd3dfcf5838e7221e07329c4806adc9d860e788a17d4fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08Ir2YQAAAACP2WZqlvC3Rrg8ngdAgRv2QU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316206-20220127184443-M/after-testing-positive-palin-causes-a-stir-at-restaurants.jpeg
x-azure-ref: 04bT2YQAAAADCq6Pb2XdcSbYPhuNmThrURlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 38086
scheme: https

GET
H2 200 gunfire-hits-bushs-car-without-her-in-it.jpeg
img2-azrcdn.newser.com/square-image/316207-20220127181358-M/ 40 KB
41 KB 880ms
876ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316207-20220127181358-M/gunfire-hits-bushs-car-without-her-in-it.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dd93a97df4a101c9d0b60d1e6ab6ce5a33c8e00b10d4f2f0fdba7554faffd73b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0Gab2YQAAAADvX1Ykig0tT46/t8zbdWUNQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316207-20220127181358-M/gunfire-hits-bushs-car-without-her-in-it.jpeg
x-azure-ref: 04bT2YQAAAADfzwy1Pjf+QrEieND6SKfXRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41320
scheme: https

GET
H2 200 schools-sends-errant-you-won-a-scholarship-notices.jpeg
img1-azrcdn.newser.com/square-image/316204-20220127175358-M/ 58 KB
58 KB 498ms
493ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316204-20220127175358-M/schools-sends-errant-you-won-a-scholarship-notices.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a5e0a2f44a9b19aab51c0429ab10594535ded41e004c5dc2ebdcf022b84b1944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0IGX2YQAAAACXsAw7apIiRaI2dOufXRFmQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316204-20220127175358-M/schools-sends-errant-you-won-a-scholarship-notices.jpeg
x-azure-ref: 04bT2YQAAAABE/2LPU/11TZ2UKuVASKi4RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 59134
scheme: https

GET
H2 200 one-joke-crypto-coin-begets-another.jpeg
img2-azrcdn.newser.com/square-image/316205-20220127172128-M/ 40 KB
41 KB 885ms
881ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316205-20220127172128-M/one-joke-crypto-coin-begets-another.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9dd77e07919ca643d4e7976497fda21e4484c64936e15b54ad6c348257af48f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 04bT2YQAAAADTui5lybW+SIedRvaMHIwMQU1TMDRFREdFMTgxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316205-20220127172128-M/one-joke-crypto-coin-begets-another.jpeg
x-azure-ref: 04bT2YQAAAAAYiunLrlz/S5Y9EGz+3VOVRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41423
scheme: https

GET
H2 200 rally-fades-as-reality-on-interest-rates-sinks-in.jpeg
img2-azrcdn.newser.com/square-image/316211-20220127170358-M/ 48 KB
48 KB 889ms
885ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316211-20220127170358-M/rally-fades-as-reality-on-interest-rates-sinks-in.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ee860898fcc938895b1b12a278cb8f997f65b23214b102ba2c42738a028f1a17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0wZz2YQAAAAAzIl3oDLLNRr6d+EUEDYtrQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316211-20220127170358-M/rally-fades-as-reality-on-interest-rates-sinks-in.jpeg
x-azure-ref: 04bT2YQAAAABH9N6dGeCLTbZAwb+bdVmoRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48934
scheme: https

GET
H2 200 its-an-obamacare-enrollment-record.jpeg
img1-azrcdn.newser.com/square-image/316182-20220129052210-M/ 46 KB
46 KB 564ms
560ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316182-20220129052210-M/its-an-obamacare-enrollment-record.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 486ab000e859d030da7f768b4c96401d995b79f5b8620eefaafcc2cfcbdd057c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0wZz2YQAAAAAVVyf3jmZBRb02pj0Za+LLQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316182-20220129052210-M/its-an-obamacare-enrollment-record.jpeg
x-azure-ref: 04bT2YQAAAAAuv/GHScmLS4F0pzi5Akm+RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47293
scheme: https

GET
H2 200 coast-guard-nears-end-of-search-for-migrants.jpeg
img1-azrcdn.newser.com/square-image/316210-20220127160813-M/ 40 KB
41 KB 568ms
565ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316210-20220127160813-M/coast-guard-nears-end-of-search-for-migrants.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0d06df2e703c6ea6489fa19139cfd5f375495183c4145762127dfb5208f2540d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0Gqb2YQAAAAAi2fjtF0LFRrMjEfPTmZpaQU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316210-20220127160813-M/coast-guard-nears-end-of-search-for-migrants.jpeg
x-azure-ref: 04bT2YQAAAAC6fzzYKgTqQrJ85gWCk/MJRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41337
scheme: https

GET
H2 200 salary-of-nyc-mayors-brother-is-cut-from-210k-to-1.jpeg
img1-azrcdn.newser.com/square-image/316208-20220127151543-M/ 55 KB
56 KB 569ms
566ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316208-20220127151543-M/salary-of-nyc-mayors-brother-is-cut-from-210k-to-1.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1b38f2172e240cd582d97f048c5e8cb35554e3c405d03fa229b4e82c3f01438a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0orP2YQAAAADh4icV5xBsTpbxbf5j1ahGQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316208-20220127151543-M/salary-of-nyc-mayors-brother-is-cut-from-210k-to-1.jpeg
x-azure-ref: 04bT2YQAAAABPelHtdCmtQJe9L1YDT72QRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 56760
scheme: https

GET
H2 200 twin-of-man-jailed-for-murder-since-03-i-did-it.jpeg
img2-azrcdn.newser.com/square-image/231609-20220127144758-M/ 43 KB
44 KB 893ms
889ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/231609-20220127144758-M/twin-of-man-jailed-for-murder-since-03-i-did-it.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9769b09b9532fb94b22909364ad7ab7dc2683f4575ef1ee606cb3a6db73748f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 057H1YQAAAADBNfvFP4YAQYcmbg+Bt/0VQU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/231609-20220127144758-M/twin-of-man-jailed-for-murder-since-03-i-did-it.jpeg
x-azure-ref: 04bT2YQAAAADM+SsM9abZSLrQSWcLbxm0RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44477
scheme: https

GET
H2 200 mellow-methuselah-is-worlds-oldest-aquarium-fish.jpeg
img2-azrcdn.newser.com/square-image/316183-20220127142458-M/ 38 KB
38 KB 895ms
892ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316183-20220127142458-M/mellow-methuselah-is-worlds-oldest-aquarium-fish.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4e7305acb88ef6d07c54958cfa21ab76ce94e637678140ac4abf5ebc3ae76a92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08Ir2YQAAAADAJoQnoJeIS5A5q0EElf4iQU1TMDRFREdFMTgxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316183-20220127142458-M/mellow-methuselah-is-worlds-oldest-aquarium-fish.jpeg
x-azure-ref: 04bT2YQAAAAAcMHZsAUoGTpCpJpsXcnzQRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 38731
scheme: https

GET
H2 200 dont-expect-big-fight-over-pick-for-supreme-court.jpeg
img1-azrcdn.newser.com/square-image/316184-20220127135658-M/ 46 KB
46 KB 569ms
566ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316184-20220127135658-M/dont-expect-big-fight-over-pick-for-supreme-court.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3bbf185a378e69925f774e6d5844a9884d37561698c585cc9b748cea127c2c2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0mHz2YQAAAABkyDOct8MVRa5EcH5LU24OQU1TMDRFREdFMTkxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316184-20220127135658-M/dont-expect-big-fight-over-pick-for-supreme-court.jpeg
x-azure-ref: 04bT2YQAAAACaMcJnDbgETLPGS36VNVfdRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47185
scheme: https

GET
H2 200 janet-jackson-addresses-old-secret-baby-rumors.jpeg
img2-azrcdn.newser.com/square-image/316199-20220127130913-M/ 37 KB
37 KB 902ms
899ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316199-20220127130913-M/janet-jackson-addresses-old-secret-baby-rumors.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3ff1c2b22a22f605896511bca1355785ea2ed61d904a4220c49da9112008fc0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08472YQAAAAC6B5CFcs6KSb/3urEDc3fLQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316199-20220127130913-M/janet-jackson-addresses-old-secret-baby-rumors.jpeg
x-azure-ref: 04bT2YQAAAADE93k6qK+ZRbZi9gsPKTPTRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 37467
scheme: https

GET
H2 200 strange-case-of-teens-gym-mat-death-reopened.jpeg
img2-azrcdn.newser.com/square-image/303499-20220127124428-M/ 51 KB
51 KB 907ms
904ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/303499-20220127124428-M/strange-case-of-teens-gym-mat-death-reopened.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d7996ae15bbdf9fa23302679f82c6341f27dcbf3709e6d033c3e3f3ae7876b24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0eWv2YQAAAAAsi17+96QsT4l7DrL4knxwQU1TMDRFREdFMTkxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/303499-20220127124428-M/strange-case-of-teens-gym-mat-death-reopened.jpeg
x-azure-ref: 04bT2YQAAAAA5xraii/+cS5f6CAME4ieBRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51754
scheme: https

GET
H2 200 he-found-his-parents-via-social-media-then-tragedy.jpeg
img1-azrcdn.newser.com/square-image/316158-20220127114913-M/ 43 KB
43 KB 569ms
567ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316158-20220127114913-M/he-found-his-parents-via-social-media-then-tragedy.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4d51312ee5a72f1a96b6b5dc7c3bad427a65c0cab8812e49bb40018919232f67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0D3P2YQAAAACGKVvmjR/eT7Gd8sczuLnNQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316158-20220127114913-M/he-found-his-parents-via-social-media-then-tragedy.jpeg
x-azure-ref: 04bT2YQAAAABByMHSn18vTreky7RGKcOURlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43902
scheme: https

GET
H2 200 in-our-galactic-backyard-signals-never-seen-before.jpeg
img1-azrcdn.newser.com/square-image/316156-20220127114511-M/ 38 KB
38 KB 573ms
571ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316156-20220127114511-M/in-our-galactic-backyard-signals-never-seen-before.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 50bd57f4bdc1ee6ea9a3457cd38b3c0cb3f8293230f579da45e43fb5d66d5fca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08Ir2YQAAAACi2nPHEDxKQ7XNkqoXDSOBQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316156-20220127114511-M/in-our-galactic-backyard-signals-never-seen-before.jpeg
x-azure-ref: 04bT2YQAAAAB0Rb1gL4bgSZ/wFWPh9d1ZRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 39025
scheme: https

GET
H2 200 tenn-school-board-bans-holocaust-graphic-novel.jpeg
img2-azrcdn.newser.com/square-image/316187-20220127111058-M/ 44 KB
44 KB 911ms
909ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316187-20220127111058-M/tenn-school-board-bans-holocaust-graphic-novel.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8c853ed75b7345b3d2d9f5af9fb56be87fef7bcf2863f8836345ec318396758d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0eWv2YQAAAAArSR944wbKS5TeMjZrSH2vQU1TMDRFREdFMTgxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316187-20220127111058-M/tenn-school-board-bans-holocaust-graphic-novel.jpeg
x-azure-ref: 04bT2YQAAAABQxptBAYujRKzAq8qShscqRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44902
scheme: https

GET
H2 200 guy-who-jumped-from-plane-allegedly-smoked-a-lot-of-meth.jpeg
img2-azrcdn.newser.com/square-image/307971-20220127110745-M/ 43 KB
43 KB 915ms
913ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307971-20220127110745-M/guy-who-jumped-from-plane-allegedly-smoked-a-lot-of-meth.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4aa42d7442c394096d40efad6d8d533232c025738083b5c07b34691696888dd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0eWv2YQAAAAAP7DLGzq5YRqDaixDZF5XkQU1TMDRFREdFMTkxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307971-20220127110745-M/guy-who-jumped-from-plane-allegedly-smoked-a-lot-of-meth.jpeg
x-azure-ref: 04bT2YQAAAABdoNWuCwhXTrNrODVK69JJRlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43826
scheme: https

GET
H2 200 ben-roethlisberger-retires-after-18-years-in-nfl.jpeg
img2-azrcdn.newser.com/square-image/316195-20220127101843-M/ 47 KB
47 KB 918ms
915ms Image
image/jpeg 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316195-20220127101843-M/ben-roethlisberger-retires-after-18-years-in-nfl.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 41fa061fd8a72f16e9eee21d78b071c6bca68ddc63ca4df9588986ecc62dae28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08Ir2YQAAAACBh1FGIjyhSYkY4WkhDTMjQU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316195-20220127101843-M/ben-roethlisberger-retires-after-18-years-in-nfl.jpeg
x-azure-ref: 04bT2YQAAAAD5b6JV2KyAQqUt4JJOCEl8RlJBRURHRTEwMTIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47983
scheme: https

GET
H2 200 hiker-falls-700-feet-trying-to-snap-midnight-selfie.jpeg
img1-azrcdn.newser.com/square-image/316188-20220127095758-M/ 61 KB
62 KB 576ms
574ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316188-20220127095758-M/hiker-falls-700-feet-trying-to-snap-midnight-selfie.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c86dd20594d0c4ac6874b84f72ca727f390e0c2948807088a789ddaf38ea5f07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0cqL2YQAAAAArCvdH1bvIRaoFUQtAqsqmQU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316188-20220127095758-M/hiker-falls-700-feet-trying-to-snap-midnight-selfie.jpeg
x-azure-ref: 04bT2YQAAAADcf2L6Lg4EQaCJD7a/5O6oRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 62787
scheme: https

GET
H2 200 man-in-camp-auschwitz-shirt-has-been-arrested.jpeg
img1-azrcdn.newser.com/square-image/301272-20220128011039-M/ 48 KB
49 KB 582ms
580ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/301272-20220128011039-M/man-in-camp-auschwitz-shirt-has-been-arrested.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 04230c3031ba7b616cd9f7c720d87023387dd16cf74c56188edc2049de753bc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0IGX2YQAAAACgn5LZQgJkTp1tcOstVbbrQU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/301272-20220128011039-M/man-in-camp-auschwitz-shirt-has-been-arrested.jpeg
x-azure-ref: 04bT2YQAAAACKVnnprK/1QK7t+fkUzOz2RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 49660
scheme: https

GET
H2 200 statue-of-kobe-gianna-unveiled-at-crash-site.jpeg
img1-azrcdn.newser.com/square-image/316190-20220127092143-M/ 45 KB
45 KB 586ms
584ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316190-20220127092143-M/statue-of-kobe-gianna-unveiled-at-crash-site.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1794ce66c6f7b83e3a027cc5b104ad113159a32529a70e3380d47f6e09dbfff5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08Ir2YQAAAAASfU1t3lEqRqZUGFYeCo6UQU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316190-20220127092143-M/statue-of-kobe-gianna-unveiled-at-crash-site.jpeg
x-azure-ref: 04bT2YQAAAACU3VKQ+woXRq03buKf1PYBRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45898
scheme: https

GET
H2 200 us-economy-grew-in-2021-at-fastest-pace-since-reagan-years.jpeg
img1-azrcdn.newser.com/square-image/316192-20220127085258-M/ 50 KB
51 KB 590ms
588ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316192-20220127085258-M/us-economy-grew-in-2021-at-fastest-pace-since-reagan-years.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 034b0077589cb2fdf5f045f587740877d385374de54fb733c7626bb1119a67ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 08472YQAAAAAtmewS9qkhRbl8VVxn3V48QU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316192-20220127085258-M/us-economy-grew-in-2021-at-fastest-pace-since-reagan-years.jpeg
x-azure-ref: 04bT2YQAAAAC8uoRxkYpXTpBkoLYi4SGZRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51467
scheme: https

GET
H2 200 texas-man-arrested-in-connection-with-synagogue-standoff.jpeg
img1-azrcdn.newser.com/square-image/316166-20220127084058-M/ 59 KB
59 KB 639ms
637ms Image
image/jpeg 2620:1ec:46::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316166-20220127084058-M/texas-man-arrested-in-connection-with-synagogue-standoff.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4475d2347dac904117a6f94f0c6ae4de9c7c022f44731afa213e4ea9ae86c0a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:13 GMT
x-azure-ref-originshield: 0orP2YQAAAADw3YonCY/iTJkLCYOZuH+HQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316166-20220127084058-M/texas-man-arrested-in-connection-with-synagogue-standoff.jpeg
x-azure-ref: 04bT2YQAAAACjMRyuGkRAQKKFqhJCTDcrRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 59992
scheme: https

GET
H2 200 pixel.gif
load77.exelator.com/ 43 B
334 B 422ms
29ms Image
image/gif 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ryxeB4///rIJAA==
x-accel-expires: @1643959268
date: Sun, 30 Jan 2022 15:55:14 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: dyT76ZfO498=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 635646
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

GET
H2 200 videoCard.1451368a7b5e945a3252.js Show response
cdn.intergient.com/pageos/1.6.33/ 551 B
999 B 34ms
34ms Script
application/javascript 2600:9000:2250:2400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/videoCard.1451368a7b5e945a3252.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 411626d5e8eb3616fad95e39e91afe59dcfd424b9492c2c43c76a5199dc69768

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 20:00:58 GMT
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 14:32:29 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578741/ctime:1639578741/gid:20/gname:staff/md5:bfb44d87e9e552efe6f335d770ab135a/mode:33188/mtime:1639578741/uid:501/uname:thomascreamer
age: 71656
etag: "bfb44d87e9e552efe6f335d770ab135a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 551
x-amz-cf-id: on26sy_V972UrPzxpBmE5aC17qxUdy0gCFHvEUzL4aOUOzKDUR1Q1w==

GET
H2 200 batchHandler.cf8da702ed619bc8d371.js Show response
cdn.intergient.com/pageos/1.6.33/ 3 KB
2 KB 34ms
34ms Script
application/javascript 2600:9000:2250:2400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/batchHandler.cf8da702ed619bc8d371.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ff8684ee0e3acfe08494f09ab05494bc7cc842af6834e3877eb160a949f0c7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 02:45:35 GMT
content-encoding: br
last-modified: Wed, 15 Dec 2021 14:32:24 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578741/ctime:1639578741/gid:20/gname:staff/md5:edd43592b91921f505b47b87a549edb8/mode:33188/mtime:1639578741/uid:501/uname:thomascreamer
age: 47379
etag: W/"edd43592b91921f505b47b87a549edb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: dbTY-2lZ5H9ES4-XUuVNqiIXy6qiDuHOvUv0vYIZfCRw6tEl4G_mfA==

GET
H2 200 banner.json Show response
config.playwire.com/1024100/v2/websites/72343/ 568 KB
9 KB 354ms
268ms XHR
application/json 2600:9000:223c:6400:1a:1459:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.playwire.com/1024100/v2/websites/72343/banner.json
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6400:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: fe443970eb7a49a4749815af2e1002e4b65aac7635a1ea7a92b9ef708e3cac4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 23:18:32 GMT
via: 1.1 vegur, 1.1 0c688bb347bc402edc1209f13e04d88c.cloudfront.net (CloudFront)
vary: Accept-Encoding
age: 59800
x-cache: Hit from cloudfront
content-encoding: br
server: Cowboy
access-control-max-age: 1728000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: hw-country-code
cache-control: public, max-age=600
hw-country-code: DE
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 4nHjgZG5kyNb6NqyFau5RCb98UnjVjmoAKrKToL8guHZCJlP23a6ow==

GET
H2 200 moatheader.js Show response
z.moatads.com/playwireprebidheader597261727146/ 214 KB
75 KB 266ms
79ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 714f7ca1e900b9c6cb9e4f395e0c18198004690a6ee756a416a172c2ed9414eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:14 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 15:44:49 GMT
server: AmazonS3
x-amz-request-id: 0795258WH5WKK1NJ
etag: "9a60387f389992f2729ab6cb9f623571"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37115
accept-ranges: bytes
content-length: 76469
x-amz-id-2: 9MGlKaUDTWI2SSXeh+Pyjy1UnAv5cC3Fs7rCHR87vygv/NkfMEcB4QjwK2beenPQL9Eqrchar8U=

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=73558130&utmhn=www.newser.com&utme=8(PWA*ABTesting1*LastRefDomain*OrigRef*UserClassification)9(N*B*direct*direct*P)11(1*3!2*1*1)...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=1344959192.1643558114&jid=1496878276&_v=5.7.2&z=73558130

35 B
430 B

296ms
104ms

Image
image/gif

2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=1344959192.1643558114&jid=1496878276&_v=5.7.2&z=73558130

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 30 Jan 2022 15:55:14 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:13 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=1344959192.1643558114&jid=1496878276&_v=5.7.2&z=73558130
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
110 B 82ms
82ms Image
image/gif 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=660415304&utmhn=www.newser.com&utme=8(PWA*ABTesting1*LastRefDomain*OrigRef*UserClassification)9(N*B*direct*direct*P)11(1*3!2*1*1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&utmhid=1684151837&utmr=-&utmp=%2F&utmht=1643558113764&utmac=UA-1055596-9&utmcc=__utma%3D116631449.1344959192.1643558114.1643558114.1643558114.1%3B%2B__utmz%3D116631449.1643558114.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=117623477&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aws-sdk-kinesis.min.js Show response
cdn.intergient.com/pageos/js/libs/ 227 KB
67 KB 85ms
85ms Script
text/javascript 2600:9000:2250:2400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.6.33/batchHandler.cf8da702ed619bc8d371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 01:37:30 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 13:03:16 GMT
server: AmazonS3
age: 51554
etag: W/"dd4723e36a9cd5d1d04946ad79b9dfe6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: 4a1oPVYw2JhhQHvVq8Z9u5naUVjFwJ9Hw7ehLxhc8dfeaf1o7qQzHQ==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 209ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newser.com
URL: https://newser.com/HsF05_E/eTjWmafZYl/Awn/jfYYxHwzsD.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ec30cf425c189a966b4ae2c12c20feee3b2d0e50a18cefb0e411d4db2d5b0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52052
x-xss-protection: 0
server: cafe
etag: 17116393991651126264
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Jan 2022 15:55:14 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
595 B 242ms
64ms Script
application/javascript 2606:4700:3035::6815:40f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: newser.com
URL: https://newser.com/HsF05_E/eTjWmafZYl/Awn/jfYYxHwzsD.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:40f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30286
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9
last-modified: Sun, 30 Jan 2022 07:30:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHDjOJc7tG4bu7ISBkeyBJBqtHNw%2BfGQiICByQtwduNI9CKi3eEcG85yvQajHigTaVsIHqUmLo1t20LHfZqvAWeGYeYnki8nwXlfl0lkRcepQRcxe4QOt5c9PFt%2BjQqQrKxzTsrgMUrs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6d5be225ebda72d8-LHR

GET
H2 200 adcode.png
rddywd.com/ 43 B
628 B 266ms
83ms Image
image/gif 2606:4700:3035::6815:40f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:40f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newser.com/
Origin: https://www.newser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66659
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvtohBjjhtnSIE5u%2F2Gf06mpeapI%2BBVTtYIOJFqk3KiZZkfwwKbcvFxQsQ5TBg8vqTY6kfzP1eFTO%2F%2FS9jSC9kdI%2FPnXDRKcleVqYfr%2BYUsjaypGYJZnlifh3IN5fSua2fNrp26O17pW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6d5be2261d4bf91f-MXP

GET
H2 204 generate_204
www.googleapis.com/ 0
178 B 108ms
18ms Image
text/plain 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html Show response
platform.twitter.com/widgets/ Frame D485 319 KB
104 KB 112ms
111ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.newser.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF6) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 229731
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 30 Jan 2022 15:55:14 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 19 Jan 2022 19:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF6)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 Tag.engine Show response
engine.4dsply.com/ 2 KB
2 KB 266ms
265ms Script
application/json 2606:4700::6810:9f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.4dsply.com/Tag.engine?time=0&id=7f1a7287-2f7e-4f83-800d-06bd711ee14e&rand=67326&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.newser.com%2F&kw=
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 58accf1edfa236b2860d1f18df8f39c05d3f2e3fb87f3fd98ffeecb21795b337

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: private, no-transform
cf-ray: 6d5be22588240f72-MXP
content-type: application/json; charset=utf-8

GET
H2 200 vendors~gdpr.f92225b828d740c7c57f.js Show response
cdn.intergient.com/pageos/1.6.33/ 65 KB
17 KB 55ms
54ms Script
application/javascript 2600:9000:2250:2400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/vendors~gdpr.f92225b828d740c7c57f.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a87d4c2682d10f0750f0e1142e25fce055f0ae596c7a277bbaf2427ddae146bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 18:09:14 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 14:32:29 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578741/ctime:1639578741/gid:20/gname:staff/md5:9b5e3fdd31d877679a5666fe44299ea9/mode:33188/mtime:1639578741/uid:501/uname:thomascreamer
age: 78360
etag: W/"9b5e3fdd31d877679a5666fe44299ea9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: dIeuHTLC6_mwt7fljsC2qlvyLJUmyjrtwAAGZjhqlCO8_cRskIv_jQ==

GET
H2 200 gdpr.c3cd42c3b61853b20836.js Show response
cdn.intergient.com/pageos/1.6.33/ 9 KB
3 KB 56ms
55ms Script
application/javascript 2600:9000:2250:2400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/gdpr.c3cd42c3b61853b20836.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5aefa167c7b8f3305b610d93f3a198818ade815d5f9150df9fbedf00b34b705a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 03:06:36 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 14:32:28 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578741/ctime:1639578741/gid:20/gname:staff/md5:b8e305f83486f7ae9d609860bb488fd6/mode:33188/mtime:1639578741/uid:501/uname:thomascreamer
age: 46119
etag: W/"b8e305f83486f7ae9d609860bb488fd6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: dBX7imNK_uP_9N3FOhjIYp2WXSI_h_RfEubMYXyucZtbaAnCuyaaRg==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 78ms
29ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1f70bd487935938cbc930fe03f210b36

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

82f2bec34a3844a9ef5967820c4848ea385eb51ef9f8dba37dc8863a63f17089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.newser.com/
Origin: https://www.newser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ESablCoaMwUKu+qO4/drGA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 30 Jan 2023 15:32:20 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82045
x-fb-rlafr: 0
x-fb-debug: x0X/We/v1ST1sTArEljyTUo6nQJR0zPpzBFMBNr6Nm2lQ6eOnYmXl021+N03sJWkuEUg+YDVSzlvTR5mMLsJ5A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 3b226529237a87ab675d787438213caf
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 15:55:14 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c657ac27941ebcdb7336758b7045d61c"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 rules-p-8dMeaPxgtnRKk.js Show response
rules.quantcount.com/ 3 B
429 B 82ms
13ms Script
application/javascript 2600:9000:223c:4200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8dMeaPxgtnRKk.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 07:26:04 GMT
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
age: 30551
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:13:40 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: nx75M7A1bcIIwXCDZDWZD-ctRE2i0YJVeN6zfHFTE6Fakax6mDumbQ==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 315ms
103ms Image
image/gif 18.211.139.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newser.com&p=%2F&u=CV3AxZCeJ9XLDmkef0&d=newser.com&g=19359&g0=Home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2851&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2052&t=UnRoxiSw0yBigQNVBx5764DcXFR4&V=129&i=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&tz=0&sn=1&sv=B0A8JqDcrnPDBsHLdZCK5iy4g77Hr&sd=1&im=062b073f&_
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.139.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-139-241.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:14 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1 200
OK utility.aspx Show response
www.newser.com/ 0
482 B 161ms
161ms XHR
text/html 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/utility.aspx?function=metricsab&b=false&platform=D&visitorid=1558941875&visitorclassification=P
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.newser.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:55:13 GMT
RawURL: /utility.aspx?function=metricsab&b=false&platform=D&visitorid=1558941875&visitorclassification=P
Content-Type: text/html
Cache-Control: private, no-store
Scheme: https
Content-Length: 0
Expires: Sun, 30 Jan 2022 15:54:14 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035830&ns__t=1643558114215&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1643558114215&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2...

0
224 B

19ms
19ms

Image
text/plain

108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1643558114215&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Server: 108.157.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:14 GMT
via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: EhXs5y994AcfbaBxfekLpQJV-Ir2rB-Uw4AHmx-CCyEByNipk9I3vw==
x-cache: Miss from cloudfront

Redirect headers

date: Sun, 30 Jan 2022 15:55:14 GMT
via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1643558114215&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=
content-length: 241
x-amz-cf-id: hDLxKvrKDDlUZ4e5CIBUYijMZ5Yv2gDPRtPbLIw2xl4tcIPzYJmL1Q==

GET
H2 200 iframe.html Show response
cdn.intergient.com/pageos/1.6.33/iframe/ Frame D0A4 542 B
981 B 13ms
13ms Document
text/html 2600:9000:2250:2400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/iframe/iframe.html
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6147bd9ef55a8d63dc00d57f9bbf6aa9577e5baff33b6a0e11242b1ee588294

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

content-type: text/html
content-length: 542
last-modified: Wed, 15 Dec 2021 14:32:28 GMT
x-amz-meta-s3cmd-attrs: atime:1639578738/ctime:1639578738/gid:20/gname:staff/md5:bbee404d3593d86503e44f89a385794c/mode:33188/mtime:1639578738/uid:501/uname:thomascreamer
accept-ranges: bytes
server: AmazonS3
date: Sun, 30 Jan 2022 02:42:19 GMT
etag: "bbee404d3593d86503e44f89a385794c"
x-cache: Hit from cloudfront
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: 3iBAjjZogIagpBu9d5r85tWlResag76O7qs6AqyrVF3PpCGbpENURA==
age: 47810

GET
H2 200 stickyVideo.cb12701cdcec7f559c8b.js Show response
cdn.intergient.com/pageos/1.6.33/ 10 KB
4 KB 15ms
14ms Script
application/javascript 2600:9000:2250:2400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/stickyVideo.cb12701cdcec7f559c8b.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13aff0812c49276fdb1ef2b2292b396ce5e3325a7c13e9582212577d2f0ce975

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 03:20:46 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 14:32:29 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578741/ctime:1639578741/gid:20/gname:staff/md5:ec2da3bd6d30c123d732f4b65cb1f2df/mode:33188/mtime:1639578741/uid:501/uname:thomascreamer
age: 47579
etag: W/"ec2da3bd6d30c123d732f4b65cb1f2df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: h4fnSqafV7eZDG0BUiS4YNM_UvSoSOM_gIyhntDf0Pbz-Dib8lU8aA==

GET
H2 200 tyche.js Show response
cdn.intergi.com/hera/releases/4.4.29/ 1 KB
974 B 13ms
12ms Script
application/javascript 2600:9000:223d:2e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e755eee43bcdcb69b3f7b2dbff081a9af26e9da32c92ec2f175ac0efe0f51423

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 0qxthXTXeoc5PRlEsFiNVKZOVGERs_w6
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:395fd1c8bfff848b8f9889b4fb81cc09/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 35771
etag: W/"395fd1c8bfff848b8f9889b4fb81cc09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 05:59:03 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: diwG8hdveiJI0AQoIJp15Rqhg_GNPI9oU5kjB03tR156LYOP3la44w==

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 439 B
614 B 96ms
33ms Script
text/html 3.11.115.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-1mxZu%2FMUA%2BNI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-7b7RCmgcJXlbBw%3D%3D&sc=1&os=1-5Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.newser.com%2F&pcode=playwireprebidheader597261727146&rx=368933403202&callback=MoatNadoAllJsonpRequest_74354953
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.115.229 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-115-229.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 7bd9b6d9279d3d2d77ab0c8566cab2c396cd9aab088b3a0276cfc7ddae994467

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:14 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "d5d038aaf0835834ffe6ead9a2682eb00de5181c"
content-length: 439
content-type: text/html; charset=UTF-8

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 18ms
18ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:14 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: CD83941857724976
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=11146
accept-ranges: bytes
content-length: 948
x-amz-id-2: 0ZTpgIpnUMxQCBXeH9ew/82I9oq7GJ2Gfze78bXzMcqS1BRoWTIwh8fvZ+vN96IwbFGZ6f5C0Hk=

GET
H2 200 pixel;r=885634333;rf=0;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=1;fpa=P0-359219440-1643558114329;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=newser.com...
pixel.quantserve.com/ 35 B
372 B 19ms
16ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=885634333;rf=0;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=1;fpa=P0-359219440-1643558114329;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=newser.com;je=0;sr=1600x1200x24;dst=0;et=1643558114329;tzo=0;ogl=

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 runtime.eb7abf17bcce520541c8.js Show response
cdn.intergi.com/hera/releases/4.4.29/ 2 KB
2 KB 12ms
9ms Script
application/javascript 2600:9000:223d:2e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/runtime.eb7abf17bcce520541c8.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8f20718bcf79ae5797599afb4e59612f2bb75334dc8d40aa8a56d21417ac73c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: nsHome9btOvv.SKdK3Rpl_8W8qit3rOP
content-encoding: br
last-modified: Tue, 25 Jan 2022 21:03:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:471e1f82e1db56b5f90638c4e15c5280/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 37118
etag: W/"471e1f82e1db56b5f90638c4e15c5280"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 05:36:37 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: nrFhP7k8H4gF4qVSbfbxM3xxpQqSwKuk8VkuqX7z_VLx5OAOAZ-thw==

GET
H2 200 npm.core-js.ffb4b0a70697fbafb4fe.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 24 KB
9 KB 21ms
19ms Script
application/javascript 2600:9000:223d:2e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.core-js.ffb4b0a70697fbafb4fe.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb0da9c5679e4e04fe036c10e42d93ed5a9a3a8f632db1cfdcdf6352ee4ff789

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: GHlCKVDIBfBStDhRzJSZKeqjiBt8htMF
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:804f5a4d76247f98873a77739d825de0/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 52046
etag: W/"804f5a4d76247f98873a77739d825de0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 14:04:21 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: Mm_OQe_8wLw-_cG0r_iW9reBQbq8Kn8EKQMwnSzW-yw7gAHO45uElQ==

GET
H2 200 npm.babel.e42d14b31536f4c718ea.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 2 KB
1 KB 22ms
20ms Script
application/javascript 2600:9000:223d:2e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.babel.e42d14b31536f4c718ea.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f33f6446320fb034227d51337ec86a0f263cb1ed53e4275cae2fb55b322504cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: z3_tSBHIn0fzmcblAfWrNkzzM7z0jySj
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:f3bb19c23da5015c288c890ccb181355/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 40513
etag: W/"f3bb19c23da5015c288c890ccb181355"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 04:40:01 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: HS18Iie72CdaNNIaBxVS4piR3K7KmLXMxQOLJk6TOvjEs3l2dRuZiw==

GET
H2 200 npm.lodash.922cd3f43a34caef1c38.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 3 KB
2 KB 23ms
21ms Script
application/javascript 2600:9000:223d:2e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.lodash.922cd3f43a34caef1c38.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2cddcc76dd7b01e07130b647637c2c81f27ab4a0214973a010e712813f311138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: ddE0OhkjsnffGGVdrfYcFTUAmSPYT4n0
content-encoding: br
last-modified: Tue, 25 Jan 2022 21:03:39 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:0c61d46da45d9ab039a485d6e9e04701/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 37118
etag: W/"0c61d46da45d9ab039a485d6e9e04701"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 05:36:37 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: QrB7lNnWloSUhpESIiMV0DmD4ClVSZz1xTReSGAyCTPeGl4mFgeQww==

GET
H2 200 npm.intersection-observer.8aa2efdfa26796cda0fc.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 9 KB
3 KB 25ms
23ms Script
application/javascript 2600:9000:223d:2e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.intersection-observer.8aa2efdfa26796cda0fc.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e990f8a7023db06444f9552e7bde007060d0e1e86b72ae845f24471bce3339e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 8VyNV.luapStoTkHzHDTrT_DHzWs1.kH
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:2be2cdb69171257c85e47d90ae2f6b2f/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 37614
etag: W/"2be2cdb69171257c85e47d90ae2f6b2f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 05:28:21 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: p9RJ7dptw0JpIeVwSp5BlCTnaL-bj9zJlbejIB-QVWmjjFByGIIYjA==

GET
H2 200 npm.process.940d3a7ac2b6ed08f335.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 2 KB
1 KB 27ms
25ms Script
application/javascript 2600:9000:223d:2e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.process.940d3a7ac2b6ed08f335.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5122ba93a9303c1dd09b760b3195122db1beef3b3d673b2274ec5ff2e8512ad1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: ASdNZtyXCyog2RHiR_n3fHyqimVVVUBO
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:39 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:c3f55d7eac6bd8289f3c5184e9fd1118/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 49972
etag: W/"c3f55d7eac6bd8289f3c5184e9fd1118"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 02:02:22 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: OYnP89FuFz875bGMXSivwZoTRp9QCFWS1D7rSChcSXR6kN9_yYerlQ==

GET
H2 200 npm.webpack.1e0f2b4c3cee24713006.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 231 B
720 B 27ms
26ms Script
application/javascript 2600:9000:223d:2e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.webpack.1e0f2b4c3cee24713006.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bed31c2062d8bcd1167d1be160c5d65dbf8b1ea2a75fe7f91a5396fe71e51cc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: HbzQivus2B4S.Fxidin0LQ7upfj1Sh9h
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jan 2022 21:03:39 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:436272b3faaa8c97115625bc8504abbf/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 37114
etag: "436272b3faaa8c97115625bc8504abbf"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 30 Jan 2022 05:36:41 GMT
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 231
x-amz-cf-id: DZQqLVxCbpT_YQmvi_6S9kRsCDVHl2GLVSo3oddOlmoPGxBdY8aNIQ==

GET
H2 200 lib-main.aa0becec495b9d9b6de4.js Show response
cdn.intergi.com/hera/releases/4.4.29/lib/ 4 KB
3 KB 29ms
27ms Script
application/javascript 2600:9000:223d:2e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/lib/lib-main.aa0becec495b9d9b6de4.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5347c78f51c7cf4a4e84d4be12317338a93ff8da7df24519360728769e48a91b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 5jFob_TgduaPlHTsFdJOT6O3LAhV7BRF
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:30 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:4f9983efbe731c3569545c1c49d9a965/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 49482
etag: W/"4f9983efbe731c3569545c1c49d9a965"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 02:10:33 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: hil5Rz66j2F6GtqX5M79XR_LRW4fzC_Q6bUJGsuvxsXGu5n-vCDhFg==

GET
H2 200 main.3b43c80328deaa9a5b3e.js Show response
cdn.intergi.com/hera/releases/4.4.29/ 101 KB
30 KB 40ms
39ms Script
application/javascript 2600:9000:223d:2e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/main.3b43c80328deaa9a5b3e.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23130a986b2d780260ca7295774432d7c5ee94cf277a8052a136b910b05f120e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: nQbStFD0ZKksS3LkjA_aMNGxhaRs5E8v
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:31 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:aebdf745bda3a8d0841a0fc45c877fe8/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 42172
etag: W/"aebdf745bda3a8d0841a0fc45c877fe8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 04:12:23 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: 3XSGWVV2oDyL5jmJI7M59HeCPB20ZtNjIghaYBwYcfdaRN1ED8y7Yg==

GET
H2 200 lib.55782284870bfbbd6c84.js Show response
cdn.intergi.com/hera/releases/4.4.29/lib/ 138 B
629 B 49ms
48ms Script
application/javascript 2600:9000:223d:2e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/lib/lib.55782284870bfbbd6c84.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94360a6ab3ea5a75cb34a06ef2ff905d7ea0a7dc43eefcff9b6f90e737fa4e41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: mxAZFLZqBALnmIchlVccFp46LdnVBg4k
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jan 2022 21:03:30 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:64d609d6dc753b7c1abf5d5d2b095aa1/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 35641
etag: "64d609d6dc753b7c1abf5d5d2b095aa1"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 30 Jan 2022 06:01:14 GMT
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 138
x-amz-cf-id: 50HqkIuqrwo4nOD0eGW-PROUZ4UWKxQ9tAsOwJ6ipF2aPj9YWintLw==

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame 10E7 10 KB
5 KB 51ms
10ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:52:32 GMT
expires: Sun, 13 Feb 2022 15:52:32 GMT
cache-control: public, max-age=1209600
age: 162
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 iframe.js Show response
cdn.intergient.com/pageos/1.6.33/iframe/ Frame D0A4 18 KB
7 KB 19ms
15ms Script
application/javascript 2600:9000:2250:2400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/iframe/iframe.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.6.33/iframe/iframe.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba7d96e96816ad55477d28aa986a4a867c7531d2168feb5066585dd94195743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.intergient.com/pageos/1.6.33/iframe/iframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 03:52:06 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 14:32:28 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578738/ctime:1639578738/gid:20/gname:staff/md5:288ed62918bdae27ff8a6aa679b002bb/mode:33188/mtime:1639578738/uid:501/uname:thomascreamer
age: 43389
etag: W/"288ed62918bdae27ff8a6aa679b002bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: 8hdJvubAJ5BPSnE9bwjgusXZ1tqcBTPiyVTDCaIhUGiAJLKj55hA2g==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame D485 232 B
448 B 150ms
125ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=94e7039dc781f21dcf9337a3516ae78264c34f5a

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.newser.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 108
date: Sun, 30 Jan 2022 15:55:13 GMT
content-encoding: gzip
last-modified: Sun, 30 Jan 2022 15:55:14 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: e781dd320889d733c7ba8d2dde71fe3847cb1e804d466b64d7547f465f2bd6be
content-length: 166

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 55ms
29ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/main.3b43c80328deaa9a5b3e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7339a6b01e1dacaab8094bf1b1fc3edb7beda9bf32124a95c54534444f3c0caf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27247
x-xss-protection: 0
server: sffe
etag: "1117 / 851 of 1000 / last-modified: 1643411190"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 30 Jan 2022 15:55:14 GMT

GET
H2 200 prebid.js Show response
cdn.intergi.com/prebid/ 549 KB
145 KB 10ms
10ms Script
text/javascript 2600:9000:223d:2e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/prebid/prebid.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be045d5a8274db64724bbb9a8c2846e2247c17ec9ea7e13f2a319dde7626ec8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: LSF1tThV78k3KjASeXY49GwSspH8LIVR
content-encoding: br
last-modified: Wed, 15 Dec 2021 17:37:45 GMT
server: AmazonS3
age: 45603
etag: W/"d1d699f254dc61269af62c40328a924d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 03:15:12 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: pvMlPSLfonNkmM89JPhUlPlWXVpwAqhx5AOIP1ac2QXgDzDyPUiKrA==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 42ms
18ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/main.3b43c80328deaa9a5b3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding: gzip
etag: 8d3665a9b316600491247ca6d78c204c
age: 782
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0BYKPC23MJBH7X3GSMQP
date: Sun, 30 Jan 2022 15:42:12 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: yVwe4pXl8Aa8N-ugFJ42XGDeRLyca4wYw_b0SytV2_f1T8YEppdnaw==

GET
H3 200 pubads_impl_2022012701.js Show response
securepubads.g.doubleclick.net/gpt/ 355 KB
120 KB 50ms
26ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2863
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122333
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 09:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 30 Jan 2023 15:07:31 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 122ms
48ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 02:10:32 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 49483
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: _vvNTmZJg_MXvy2RB8Qif-b2ui7XCR-LQrkSyhQV2e9wFL9j2yaNTQ==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 46ms
45ms XHR
text/plain 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.newser.com&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 12:03:22 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
server: Server
age: 13912
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.newser.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: CA7yLJB-ePQgR8OWvr259Ih1hDBUdFqAJSfofkn3NMkTn57EsEG3dw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
493 B 157ms
154ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.newser.com%2F&pid=QXn4mjHbDXGGj&cb=0&ws=1600x1200&v=7.72.0&t=2500&slots=%5B%7B%22sd%22%3A%22leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf3%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%5D&schain=1.0%2C1!playwire.com%2C72343%2C1%2C%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-109-174.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:14 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: SSZD24ETEBEBK1BHFPEN
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.newser.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: nFGqnjjWuy0Lue5IpZVUW_RoRCURsqIXgCdTmMA0VOy0vK2ng3hzgw==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 159ms
55ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.newser.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 15:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 159ms
56ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newser.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 15:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 91 KB
23 KB 516ms
515ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1390277935478781&correlator=3362298249723632&output=ldjh&impl=fifs&eid=31064601&vrg=2022012701&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20220130&iu_parts=154013155%3A1028224%2C1024100%2C72343%2C1024100-72343-desktop_leaderboard%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90&prev_scp=pos%3Datf%26slot_id%3Dleaderboard_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DCP%255Bhome%255D%26lld_id%3D809cfef2a9e94b8fb174a641ad688e6758114625%26amznbid%3D1%26amznp%3D1%26in_view%3Dtrue&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_death_injury%252Cgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26sitecont_cat%3Dnews%252Cbusiness_and_finance%252Cbusiness_and_finance%252Centertainment%26hour%3D15%26day%3DSunday%26OS%3DWindows%252010%26browser%3DChrome%252097%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.4.29%26kver%3Dv1%26ab_test%3Dna_A%26got_consent%3Dfalse%26page_focus%3Dtrue&cookie_enabled=1&bc=31&abxe=1&dt=1643558114662&lmt=1643558114&dlt=1643558112848&idt=1763&frm=20&biw=1600&bih=1200&oid=2&adxs=561&adys=55&adks=2039480262&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.newser.com%2F&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1344959192.1643558114&ga_sid=1643558114&ga_hid=1684151837&ga_fc=true&fws=4&ohw=728&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d0c379b08c40f7d7958dbea5824d8b0e580e06cd5d1bf18bb08970de6c543687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23890
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newser.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 86 KB
23 KB 432ms
431ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1390277935478781&correlator=1374125757085791&output=ldjh&impl=fifs&eid=31064601&vrg=2022012701&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20220130&iu_parts=154013155%3A1028224%2C1024100%2C72343%2C1024100-72343-desktop_leaderboard%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90&prev_scp=pos%3Dbtf%26slot_id%3Dleaderboard_btf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DCP%255Bhome%255D%26lld_id%3D53d76b717346499291862475027088ed58114626%26amznbid%3D1%26amznp%3D1%26in_view%3Dtrue&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_death_injury%252Cgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26sitecont_cat%3Dnews%252Cbusiness_and_finance%252Cbusiness_and_finance%252Centertainment%26hour%3D15%26day%3DSunday%26OS%3DWindows%252010%26browser%3DChrome%252097%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.4.29%26kver%3Dv1%26ab_test%3Dna_A%26got_consent%3Dfalse%26page_focus%3Dtrue&cookie_enabled=1&bc=31&abxe=1&dt=1643558114666&lmt=1643558114&dlt=1643558112848&idt=1763&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=684&adks=2039479053&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.newser.com%2F&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1344959192.1643558114&ga_sid=1643558114&ga_hid=1684151837&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3d2fe7927de1ade22c1d5cd7c8ab7fbe231dcf8c30d4f93c79ed7b51b38b88d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23051
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newser.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 115 KB
31 KB 328ms
327ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1390277935478781&correlator=711483263440942&output=ldjh&impl=fifs&eid=31064601&vrg=2022012701&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20220130&iu_parts=154013155%3A1028224%2C1024100%2C72343%2Cpublisher%3A1024100-website%3A72343-web_interstitial%2Cpublisher%3A1024100-website%3A72343-web_interstitial-CP%2Cpublisher%3A1024100-website%3A72343-web_interstitial-CP-home&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=pos%3DFIXED%26slot_id%3Dweb_interstitial%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DCP%255Bhome%255D%26lld_id%3Db8819e9b1e2f4895a6ebc181b2dd31ac58114640&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_death_injury%252Cgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26sitecont_cat%3Dnews%252Cbusiness_and_finance%252Cbusiness_and_finance%252Centertainment%26hour%3D15%26day%3DSunday%26OS%3DWindows%252010%26browser%3DChrome%252097%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.4.29%26kver%3Dv1%26ab_test%3Dna_A%26got_consent%3Dfalse%26page_focus%3Dtrue&cookie_enabled=1&bc=31&abxe=1&dt=1643558114669&lmt=1643558114&dlt=1643558112848&idt=1763&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3239307466&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.newser.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1344959192.1643558114&ga_sid=1643558114&ga_hid=1684151837&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1d7ee54bb2d9ca3caf3f169834fb0eac83eb175d64a5bb86e811a0a4653d087c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31217
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newser.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BC3D 6 KB
4 KB 176ms
43ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 30 Jan 2022 15:55:14 GMT
expires: Mon, 30 Jan 2023 15:55:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2022012701.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 43ms
43ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022012701.js?cb=31064601

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7cefc858d85c1be3b1006736f82477a156c2477fff473e9f4e58df38655a3308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 11:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12998
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 09:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 27 Jan 2023 11:45:41 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/newser/ 1005 B
556 B 228ms
228ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/newser/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 870c196156856ec66eb4e1d7b376eca50e218883c93775524484b4fe4603f5ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
content-encoding: gzip
etag: -1912583789--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 379

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 201ms
171ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61f6b4e2ac92a3d3&bkl=0&bl=1&pdt=856&sid=61f6b4e2ac92a3d3&pub=newser&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.newser.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1643558114869&jsl=143521&uvs=61f6b4e234187290000&skipb=1&callback=addthis.cbs.jsonp__174347947830056030
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d94cabd1c80c323bb4c523bca18208d8d4091358ccff756018cc265f73bbbf8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:15 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 593D 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 8AE6 71 KB
26 KB 54ms
54ms Document
text/html 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 30 Jan 2022 15:55:14 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 p Show response
i.simpli.fi/ 774 B
1 KB 44ms
44ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp

Requested by

Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=3056&m=1&referrer=http://www.newser.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

9195243b049b9bfc32faab0eddd92a137ad4189ca95532921f53dd3057d40d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Sun, 30 Jan 2022 15:55:14 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 87ms
48ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

416584210870f8e300bce5c552bfbe4d5b1e43274c75233f63c4e7716f15e573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 15:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=D55E32986792479B93629CFE38557712&dongle=yf3
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=D55E32986792479B93629CFE38557712&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=

37 B
354 B

42ms
42ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=D55E32986792479B93629CFE38557712&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7969&xuid=D55E32986792479B93629CFE38557712&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=
date: Sun, 30 Jan 2022 15:55:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=D55E32986792479B93629CFE38557712

43 B
183 B

376ms
115ms

Image
image/gif

2600:1f18:612b:4200:9a2f:8341:7f9b:9de
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=D55E32986792479B93629CFE38557712
Protocol: H2
Server: 2600:1f18:612b:4200:9a2f:8341:7f9b:9de Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=D55E32986792479B93629CFE38557712
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:55:15 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=D55E32986792479B93629CFE38557712
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D55E32986792479B93629CFE38557712

95 B
427 B

45ms
45ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D55E32986792479B93629CFE38557712

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D55E32986792479B93629CFE38557712
date: Sun, 30 Jan 2022 15:55:15 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=D55E32986792479B93629CFE38557712
https://d.agkn.com/pixel/10751/?che=1643558115&ip=217.64.151.29&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164871104047000344931
https://um.simpli.fi/aa_px?sk=164871104047000344931

43 B
361 B

38ms
38ms

Image
image/gif

159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164871104047000344931

Protocol

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:55:14 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164871104047000344931
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nexage
um.simpli.fi/ 43 B
409 B 147ms
49ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 29 Jan 2022 15:55:15 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D55E32986792479B93629CFE38557712

0
0

108ms
35ms

Image
text/html

52.222.214.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D55E32986792479B93629CFE38557712
Protocol: H2
Server: 52.222.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-42.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D55E32986792479B93629CFE38557712
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:55:15 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 62ms
59ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 29 Jan 2022 15:55:15 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 62ms
59ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 29 Jan 2022 15:55:15 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=D55E32986792479B93629CFE38557712;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=D55E32986792479B93629CFE38557712;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=MTY2MjIyMTQyMTM4MTIzOTUzMQ==
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEKu6vSQEEWc8151cUcavKTg&google_cver=1

43 B
389 B

54ms
44ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEKu6vSQEEWc8151cUcavKTg&google_cver=1
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEKu6vSQEEWc8151cUcavKTg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=D55E32986792479B93629CFE38557712&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=D55E32986792479B93629CFE38557712&j=0&xl8blockcheck=1

0
2 KB

159ms
159ms

Image
text/plain

52.26.6.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=D55E32986792479B93629CFE38557712&j=0&xl8blockcheck=1
Protocol: H2
Server: 52.26.6.186 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-26-6-186.us-west-2.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sun, 30 Jan 2022 15:55:15 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=D55E32986792479B93629CFE38557712&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 63ms
60ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 29 Jan 2022 15:55:15 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=D55E32986792479B93629CFE38557712

0
421 B

467ms
114ms

Image
text/plain

34.192.117.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=D55E32986792479B93629CFE38557712
Protocol: HTTP/1.1
Server: 34.192.117.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-117-147.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 30 Jan 2022 15:55:15 GMT

Redirect headers

date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=D55E32986792479B93629CFE38557712
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:55:15 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=D55E32986792479B93629CFE38557712

62 B
603 B

287ms
207ms

Image
image/gif

104.90.192.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=D55E32986792479B93629CFE38557712
Protocol: HTTP/1.1
Server: 104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 15:55:15 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=D55E32986792479B93629CFE38557712
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:55:15 GMT

GET
H2

200

tpid=D55E32986792479B93629CFE38557712
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D55E32986792479B93629CFE38557712
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=D55E32986792479B93629CFE38557712

49 B
737 B

59ms
59ms

Image
image/gif

52.19.22.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=D55E32986792479B93629CFE38557712
Protocol: H2
Server: 52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:15 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.21.228
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:15 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=D55E32986792479B93629CFE38557712
cache-control: no-cache
x-server: 10.45.29.20
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=D55E32986792479B93629CFE38557712

0
348 B

147ms
37ms

Image
text/plain

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D55E32986792479B93629CFE38557712
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:55:15 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=D55E32986792479B93629CFE38557712
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:55:15 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=D55E32986792479B93629CFE38557712

0
66 B

120ms
38ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=D55E32986792479B93629CFE38557712
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=D55E32986792479B93629CFE38557712
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:55:15 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1643558114893&cv=7&fst=1643558114893&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=425303945&cv=7&fst=1643558114893&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
https://www.google.com/pagead/1p-conversion/1026675585/?random=425303945&cv=7&fst=1643558114893&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
https://www.google.de/pagead/1p-conversion/1026675585/?random=425303945&cv=7&fst=1643558114893&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...

42 B
548 B

131ms
51ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=425303945&cv=7&fst=1643558114893&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=47T2YZ61AcXUx_APpuy5wAM&cid=CAQSKQCNIrLM2XW1jF4QNw8LFWrhh83QxG7xwCo22oS0HIM0ymZlhhWdAfph&random=2483892900&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=425303945&cv=7&fst=1643558114893&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=47T2YZ61AcXUx_APpuy5wAM&cid=CAQSKQCNIrLM2XW1jF4QNw8LFWrhh83QxG7xwCo22oS0HIM0ymZlhhWdAfph&random=2483892900&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=D55E32986792479B93629CFE38557712
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=D55E32986792479B93629CFE38557712&__user_check__=1&sync_id=03cfe71c-81e5-11ec-be4d-1be234f70406

43 B
548 B

35ms
35ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=D55E32986792479B93629CFE38557712&__user_check__=1&sync_id=03cfe71c-81e5-11ec-be4d-1be234f70406
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 15:55:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 56
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sun, 30 Jan 2022 15:55:15 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=D55E32986792479B93629CFE38557712&__user_check__=1&sync_id=03cfe71c-81e5-11ec-be4d-1be234f70406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 142
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=D55E32986792479B93629CFE38557712
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD55E32986792479B93629CFE38557712

43 B
1 KB

145ms
144ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD55E32986792479B93629CFE38557712

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:55:15 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: adcc555c-2e4d-46a2-a7fc-20c4da34fbb2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:55:15 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8ba97966-15c8-49a4-bbd5-d940c289482f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD55E32986792479B93629CFE38557712
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D55E32986792479B93629CFE38557712&expires=365

0
239 B

149ms
46ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D55E32986792479B93629CFE38557712&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D55E32986792479B93629CFE38557712&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:55:15 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D55E32986792479B93629CFE38557712

43 B
274 B

110ms
35ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=D55E32986792479B93629CFE38557712
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:15 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=D55E32986792479B93629CFE38557712
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:55:15 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEJrZGC5-pm31C_ckjcub8tQ&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D55E32986792479B93629CFE38557712
https://um.simpli.fi/g_match?id=

0
320 B

77ms
77ms

Image
text/plain

159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 29 Jan 2022 15:55:15 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 158ms
76ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 15:55:15 GMT

GET
H3 200 container.html Show response
f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C409 6 KB
3 KB 70ms
32ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:55:14 GMT
expires: Mon, 30 Jan 2023 15:55:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 39ms
39ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 30 Jan 2022 15:55:15 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3 200 css2
fonts.googleapis.com/ Frame C409 4 KB
634 B 96ms
51ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 14:19:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 15:55:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 15:55:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EF52 8 KB
888 B 85ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 14:22:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 15:55:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 15:55:15 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame EF52 1 KB
954 B 109ms
75ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:50:55 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame EF52 18 KB
8 KB 69ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:52:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame EF52 2 KB
1 KB 107ms
75ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:54:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF52 123 KB
38 KB 131ms
44ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 15:55:15 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame EF52 14 KB
6 KB 76ms
44ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:51:51 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame EF52 0
0 126ms
40ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-dIqRED1SgsMBDBgAi_nMx6DaWJA9jfne5Wc_hEqtiH7PIwlxhwrjRtc3UhDCl-RRi0hE
Requested by: Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame EF52 27 KB
12 KB 121ms
35ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 16:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 02:23:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 16:51:03 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame C409 18 KB
8 KB 77ms
48ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7952
x-xss-protection: 0
server: cafe
etag: 4804491876264876803
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:19:21 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C409 205 B
520 B 124ms
41ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:11:23 GMT
x-content-type-options: nosniff
age: 146632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 Jan 2023 23:11:23 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C409 604 B
694 B 124ms
41ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 14:59:41 GMT
x-content-type-options: nosniff
age: 3334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 30 Jan 2023 14:59:41 GMT

GET
H3 200 container.html Show response
f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8668 6 KB
3 KB 34ms
34ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:55:14 GMT
expires: Mon, 30 Jan 2023 15:55:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame 8668 2 KB
532 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 15:36:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 15:55:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 15:55:15 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 8668 1 KB
909 B 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:50:55 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8668 0
0 75ms
75ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIkrj4rT2YbC2LImprASMp7T4BpyY7o5itdWCwoUMl8W-3csYEAEg-5vVSWCV6vuBlAegAePAq8cDyAEJqQIyRTgm4bOyPuACAKgDAcgDmwSqBIECT9Bx698Dp33kAkt5FN6cfJVQHbfHy_3j04bYMiG92HwhslUf1ccFn8ZEIcM1PQMulqZJg0xJ3xZ1I_fLAuOjwxOWXpOM213vVA8D0nfoBLvxCqc5aBiuRHc_NZmgCXfJqRh0my9t9ubebj9Dlw8rXkjYujVjLHcxJy-wkfqvIEPUxZxSY1hLiO3XN5RZGKgc4Ht56dzpIpa1ST0qG5VAvnEd9pDUm5oyd141Gds857GMeaBGPGaBKEGGsBWIpyYwEMN1wacsBYgBSPbvkVPygDlnvlyAS2MoCjBpgNCvLCI3OMgyaW7RiLlodI0j1Ku1mzko99_-tTpYPPOD9oRn3YPABKSqotm_AuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfR_4wmqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEMu3AtIICQiI4YBwEAEYHYAKA8gLAdgTC4gUAtAVAYAXAbIXHgocCAASFHB1Yi01ODEyMzU3MzUyMzM1MDc1GNuiIQ&sigh=dfijGs60FTU&uach_m=[UACH]&template_id=494
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 8668 18 KB
8 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:52:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 8668 2 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:54:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8668 123 KB
37 KB 100ms
78ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 15:55:15 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 8668 14 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:51:51 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8668 0
0 62ms
39ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyIBdYLA0qqCuP1u01krVh1cOgY8KMLpabOkom8eGxyV8oGVe2xbwf1L3ux4eS1MIR5aGP
Requested by: Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 4b5ee2b4ff5a9298bcc39e4df8189ef4.js Show response
www.gstatic.com/mysidia/ Frame 8668 27 KB
11 KB 63ms
41ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 16:51:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11337
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 01:51:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 16:51:04 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 8668 17 KB
17 KB 146ms
44ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT8kEVpiysKOhMSEB5lTjmspsQ-XogLLjA56QhogSkAA-j_xxo&usqp=CAI

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c964727531aee103f3354a6963e788ff1134736554a674418101f753d092d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 14:10:47 GMT
x-content-type-options: nosniff
age: 92668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17109
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 05:28:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 29 Jan 2023 14:10:47 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8668 13 KB
14 KB 128ms
39ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQh6iMktcd2raoIuorGhTaOk4nFWXqeB0k6Db08QsObDyrsW16I&usqp=CAI

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb4de3219f3172598a654936fb43f09992a57d9169b94f4f4abb1e08f554b34e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 06:10:46 GMT
x-content-type-options: nosniff
age: 467069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 14:25:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 25 Jan 2023 06:10:46 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8668 9 KB
10 KB 130ms
41ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTeLV9Opj2FT4D5RF2q9n2r8qJPbR7AcFvp6yAF1xiCEN1Xmlq0&usqp=CAI

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2af754c993f8edc0beebe165a82680c8d7c85854a1fde7085b8228068d106dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 17:24:44 GMT
x-content-type-options: nosniff
age: 81031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9176
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:21:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 29 Jan 2023 17:24:44 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8668 10 KB
10 KB 137ms
48ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTXtlc84ZPzFhidTAkRvDr8c9Fu_gk6z4TKtm9iwJ4oIlMymZfT&usqp=CAI

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d69291819d847fed994ee4f0ca9578a6780dec5b3f9826b28b5a4f5c03acd65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 20:30:14 GMT
x-content-type-options: nosniff
age: 69901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9874
x-xss-protection: 0
last-modified: Sun, 09 Feb 2020 11:22:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 29 Jan 2023 20:30:14 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8668 12 KB
12 KB 142ms
53ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTVr3L6na6tLmDmXKdZiR3LHg0dB0_opkwxCOrCEpbmN8cv0x12&usqp=CAI

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9886f0efcb0eb4cadf9541aa2029b88e9d900dd8c4f395fc2f91ff6691b8455b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 16:12:05 GMT
x-content-type-options: nosniff
age: 171790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12099
x-xss-protection: 0
last-modified: Mon, 26 Aug 2019 11:32:36 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 28 Jan 2023 16:12:05 GMT

GET
H3

200

1855790038366648222
tpc.googlesyndication.com/simgad/ Frame 8668
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbxsi7jQEQ6AIY6AIyCFR5nIyM6Xl-
https://tpc.googlesyndication.com/simgad/1855790038366648222

2 KB
2 KB

88ms
57ms

Image
image/png

2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1855790038366648222

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d02526cbaad695117721d111752936444366ac35fec7d36bf8d5fb2aab3094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 02:53:20 GMT
x-content-type-options: nosniff
age: 392515
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1882
x-xss-protection: 0
last-modified: Wed, 17 Apr 2019 14:59:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Jan 2023 02:53:20 GMT

Redirect headers

date: Sun, 30 Jan 2022 04:55:15 GMT
x-content-type-options: nosniff
server: cafe
age: 39600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/1855790038366648222
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Mar 2022 04:55:15 GMT

GET
H3 200 container.html Show response
f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A589 6 KB
3 KB 37ms
35ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:55:14 GMT
expires: Mon, 30 Jan 2023 15:55:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AA03 143 B
163 B 35ms
35ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:03:04 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 3131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4ACF 13 KB
5 KB 75ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:55:04 GMT
expires: Mon, 30 Jan 2023 15:55:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 37EB 783 B
950 B 36ms
35ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3e86d587123901c7f69c6bcf1a190e243b29f792e1d4261ddc5dcfd4e044b66

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SVzH0rHelFaitor6gYh64g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 30 Jan 2022 15:55:15 GMT
date: Sun, 30 Jan 2022 15:55:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-SVzH0rHelFaitor6gYh64g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame A589 8 KB
888 B 44ms
44ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 14:13:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 15:55:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 15:55:15 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame A589 1 KB
875 B 70ms
59ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:50:55 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A589 0
0 79ms
79ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cgk2z4rT2YdraLKTH3gP9noKoBovEiuBnv_u-rfAPZBABIPub1Ulgler7gZQHoAHZ0uTPA8gBCakCMkU4JuGzsj7gAgCoAwHIA5sEqgSJAk_Qbx5nSI-lM7ADkMYkCY4BkmZEJLeARLByfeiKRts94ykWgS9-I2OJ3pNtdBLvwgea1sbgARqq_JDWpJ_lApbewwaRvQGycJGlxbvlxL39dV3G9LNtsz1kfr49ST5VhVIbyBOsqn3hkr9zd5Tj7FnEV5oZMqRP_IYtoREGc1XVaqcA1N5floD_7wBHMx7cQkr-Xa1DCxnYv0PmgApkn7nHECzES_XWWDUcIXj1gzkG4hEWcshyuTH9nfxE_mWwwERueKIGplswHY25Vhtm71KTOXZmXFj_3iYUYTXN-x72nu-jqWIkpNXVxXGGt8nxR6hGy1HvpEub2u0eY79-z_YmItorIFleKovABN35pZHnA-AEAZIFBAgEGAGSBQQIBRgEoAYugAf4sa01qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwMQ8C7SCAkIiOGAcBABGB2ACgPICwGYDJqCl5zbA7gTgwTYEw7QFQGAFwGyFx4KHAgAEhRwdWItNTgxMjM1NzM1MjMzNTA3NRjboiE&sigh=mtHo_E5E_dE&uach_m=[UACH]&template_id=515
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame A589 18 KB
7 KB 58ms
48ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:52:12 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame A589 2 KB
1 KB 69ms
60ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:54:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A589 123 KB
37 KB 93ms
50ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 15:55:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame A589 14 KB
6 KB 62ms
53ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:50:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:50:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A589 0
0 92ms
45ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaToYhWKMOmJ_51lE_Er2zpT3tTqbbyBDH9qMzOrKsOuK72Z2ZyqqKE0OEGsjB4egY5owoRQ
Requested by: Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame A589 27 KB
11 KB 81ms
38ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 16:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 02:23:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 16:51:03 GMT

GET
H3 200 10074023703360132787
tpc.googlesyndication.com/simgad/ Frame A589 3 KB
3 KB 67ms
60ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10074023703360132787?w=100&h=100

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4aadb2562ca721cfd827a843b4f98758939082377413f3b915114e1a4753922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 13:01:01 GMT
x-content-type-options: nosniff
age: 356054
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 09:21:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Jan 2023 13:01:01 GMT

GET
DATA 200
OK truncated
/ Frame A589 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A589 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A589 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AA03
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

86ms
85ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
URL: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 30 Jan 2022 15:55:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Jan 2022 15:55:15 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 30 Jan 2022 15:55:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8668 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37ddc50e52e750a906e5b42418e1a4e43ed850845269861e2a4a60f19f2a1f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 8668 20 KB
20 KB 60ms
28ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:31:22 GMT
x-content-type-options: nosniff
age: 332633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 19:31:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 37EB 0
0 79ms
78ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012701&jk=1390277935478781&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 OQeXulqavt2yHYod1yFVtMfB5cE7WnIBzfht8HOtA8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 4ACF 35 KB
13 KB 22ms
22ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OQeXulqavt2yHYod1yFVtMfB5cE7WnIBzfht8HOtA8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

390797ba5a9abeddb21d8a1dd72155b4c7c1e5c13b5a7201cdf86df073ad03c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13499
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 15:10:35 GMT

GET
DATA 200
OK truncated
/ Frame A589 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 763c78b733637f947959089c8b8727a6b15a6b275f6eb49aa7bcfcc6a6409b64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame A589 28 KB
28 KB 33ms
33ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 18:12:51 GMT
x-content-type-options: nosniff
age: 423744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 18:12:51 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4ACF 0
9 B 24ms
23ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lq2gJg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:55:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 58ms
58ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012701&jk=1390277935478781&bg=!5eal5qLNAAY6OBv_Ojg7ACkAdvg8WgcJNeOmTHZni2TI9S32ATv79-qkt7-F2fB64PcG3s2KV-FotAIAAABkUgAAAANoAQeZArpenQtTo9Nxf8TTnKZ1vhiGDqv2nbiWqchjDNOG5sIHuSJ-pB9Qb4ZgWRYIiy0F-9B9X2PsWDAopdufqJjve14xl76PnMiwZHLXBih8qlXkRAkmRWJwPuJCnJQuj5GwW3Ka5tl7uFZR7jVq_CqTvauVo4DjoxN5qEKW4TPacWmYtA9Pafjj6vm6FqEISTKggwFQ2tjHz1OmM4Thpu7xpfhgCDu4z82voXV1mX-SZFxhX7CpWkr2wrNZSUPxwLFccRGDyDKrcmqYEKyeyDcjo4I9JEPumG-oENVAs2weYUmUxwKnW6hNizPiB74BcyO50iuEZzaKmgwvgxbhXADlEgriu2QGRy4jCK6qWdFcz7bUVenazfJhpFDOa5-fPkCwcJMZZCX3B5UjoPTk-Y0KGlYwPWTaftay-x1PT7vRqWr84N7WXXf5umTaVWdQGh6NQqKFDNnrGMkQta08KtxI-7qZW1HahTVdvpDru2lYYhWVIBmf2sNT6SCxXYkogr7rIrV6SoNZ4XnRUcJTL4usTIG-AQzF1rk66GPtesq3N0ePPy53xGCcNiIRz-qCrzv0ITCNKDNOxgWthf7few9rOhC4utRJz7dQFwG1IRe0YfsTQnu0KSXst0PdbBwm8mNWWZno2H1C1Tgn7Kp3KBMpKkgmUQNe6tvC-D7niy76CHf0Rc0hCsCc2liB0Q17JnC4y3wrOup6tlCXDQpHvl7IpobJeAaS2GjPMYs_whSIQyrdfn7Z8X-FkM1u1EQUvpLhYpQPZuGG1QkwcnDkV0EhZOWvCSX4-quZD9_q4AAXCkRmonzhOsNTbhSujV6x8g8pTOhzt-AHgK1Z5_rCmqFfInk3V0NY0NKMGfKYGJfOAAKINE9TAUQhDkgHDXtH2RsU7u2uTxbR1RT2y9hMlDUhx_CnxaRBkg54Yuh4ug

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8668 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKY_LoNtbl-1xT32OWSHkICtf29jvIoV7HPl5TpVjH1_Nh8xlKtQsFDSXZHxI0EHWsKGY2C4hFG_kip8qPIybJN4E5-l_0z3pwdaUAe3j3RV45L_OXfQ&sai=AMfl-YRfq6Xq1fxppHVSn-jIgRuaNLy4_U5m12QXJTg0HNQbEMDuqg01_Z-N98uyir09xTAD1nXv_8lPbwJTfoCQqSZ0WiKjhMSKLYHBdC1Dq7ldpGJqIOWCffAkWneBJSA&sig=Cg0ArKJSzDCJATSWmwglEAE&cid=CAASPeRoVNY15Chf0NKpm_qiqK1lMrI1X_ivdtUHpq4oESnk72mcTKhZZgZxdZq15f3ICL4rZojcX_o7ccd_T1E&id=lidar2&mcvt=1000&p=684,315,774,1043&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2039479053&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643558115129&rpt=308&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A589 0
0 69ms
53ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CU7nB4rT2YdraLKTH3gP9noKoBovEiuBnv_u-rfAPZBABIPub1Ulgler7gZQHoAHZ0uTPA8gBCakCMkU4JuGzsj7gAgCoAwGqBIkCT9BvHmdIj6UzsAOQxiQJjgGSZkQkt4BEsHJ96IpG2z3jKRaBL34jY4nek210Eu_CB5rWxuABGqr8kNakn-UClt7DBpG9AbJwkaXFu-XEvf11Xcb0s22zPWR-vj1JPlWFUhvIE6yqfeGSv3N3lOPsWcRXmhkypE_8hi2hEQZzVdVqpwDU3l-WgP_vAEczHtxCSv5drUMLGdi_Q-aACmSfuccQLMRL9dZYNRwhePWDOQbiERZyyHK5Mf2d_ET-ZbDARG54ogamWzAdjblWG2bvUpM5dmZcWP_eJhRhNc37Hvae76OpYiSk1dXFcYa3yfFHqEbLUe-kS5va7R5jv37P9iYi2isgWV4qi8AE3fmlkecD4AQBkgUECAQYAZIFBAgFGASgBi6AB_ixrTWoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHAxDwLtIICQiI4YBwEAEYHYAKA8gLAZgMmoKXnNsDuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi01ODEyMzU3MzUyMzM1MDc1GNuiIQ&sigh=mz8MneGQKnw&vt=1&template_id=515&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A589 42 B
64 B 89ms
89ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9b3wEp7L-KtvXxr4Z61Kf2lguvUXs1-0jUp9EsKXZ2Nf1rqEgy8tv8JSWwEjtomam52sbje-KBBABuFS9IyT0kKO0Ia3lutKAssFp1Fs572bl8eCY78ZWTaL0lhizlzhn0y5HTU8-VPm6liwAq_Uf-fiU4GHqrA&sai=AMfl-YRVTssKxrcPTFiw8WnPKKUUxVccAe20dXEvSPehOAWP0-6AlmckMqMDxRhYN29pVpbcRkNrlmR5JKlz7k_HaeVuenAUAH8Fhlzv_pZ3sy_FdNdA3hmK2rGz5ld1IME&sig=Cg0ArKJSzJ9MEMwOU6ATEAE&cid=CAASPeRo7iu5Cvkg3DXb4s7p9kKx39hpRV-JbWrlHmoCJwgutCow6xe5jjTGwcmOx_sCuaSifhy6GZKrcZu7qyo&id=lidar2&mcvt=1000&p=55,561,145,1289&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2039480262&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&pay=1&rst=1643558115201&rpt=251&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:55:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ 146 B
594 B 118ms
118ms XHR
application/x-amz-json-1.1 3.91.171.215

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.215 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e54700d13ce0f8330e84a54b8f90b7c001be13158afe64266bbf44b42c76a32f

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIA44GIABD57PYVUX6G/20220130/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=0cda7a7495e9bb4394cf263c746cff7fde47bb4e5396c09ddbe3c9a6af2437cc
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 08559d5a082e4188e44ff4994a92e5a57ec5505def899d22f9cab36b1a82be1f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer: https://www.newser.com/
X-Amz-Target: Kinesis_20131202.PutRecords
X-Amz-Date: 20220130T155519Z
X-Amz-User-Agent: aws-sdk-js/2.387.0 callback

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
x-amzn-RequestId: d984bb53-66bf-2c81-83f4-0c742e9f6713
Date: Sun, 30 Jan 2022 15:55:19 GMT
Content-Length: 146
x-amz-id-2: Y8ll5yvK58Pb+Iw5MkLsgGeQvwYZMMLZd/QOCYIGrXqQUPo1PRoR0JP3hbIzYfvayvbC7yj+JmJgxALdnzdGHvxtS/vr/xU5cxsVseAmnb0=
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 319ms
108ms Preflight 3.91.171.215

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.215 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Origin: https://www.newser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-amzn-RequestId: de5c013b-a926-ce67-842c-b61ce10685f5
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Date: Sun, 30 Jan 2022 15:55:19 GMT
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

634 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.newser.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: aqzt2k1if0j0epxo5gc13ejq
www.newser.com/	1970-01-23 16:08:38	Name: USERCREDENTIALS Value: EMAIL=&PASSWORD=&USERID=0&VISITORID=1558941875&VISITORCLASSIFICATION=P
.simpli.fi/	1970-01-20 09:19:40	Name: suid Value: D55E32986792479B93629CFE38557712
.newser.com/	1970-01-20 18:03:50	Name: __utma Value: 116631449.1344959192.1643558114.1643558114.1643558114.1
.newser.com/	1969-12-31 23:59:59	Name: __utmc Value: 116631449
.newser.com/	1970-01-20 04:55:26	Name: __utmz Value: 116631449.1643558114.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.newser.com/	1970-01-20 18:03:50	Name: __utmv Value: 116631449.\|1=PWA=N=1^4=OrigRef=direct=1^5=UserClassification=P=1
.newser.com/	1970-01-20 00:32:38	Name: __utmt_pageTracker Value: 1
.newser.com/	1970-01-20 00:32:38	Name: __utmt_eventTracker Value: 1
.newser.com/	1970-01-20 00:32:39	Name: __utmb Value: 116631449.2.10.1643558114
www.newser.com/	1970-01-23 16:08:38	Name: PWA Value: N
www.newser.com/	1969-12-31 23:59:59	Name: g36FastPopSessionRequestNumber Value: 1
www.newser.com/	1970-01-20 09:54:14	Name: usprivacy Value: 1---
www.newser.com/	1970-01-20 10:01:26	Name: _cb_ls Value: 1
www.newser.com/	1970-01-20 10:01:26	Name: _cb Value: CV3AxZCeJ9XLDmkef0
www.newser.com/	1970-01-20 10:01:26	Name: _chartbeat2 Value: .1643558114165.1643558114165.1.B0A8JqDcrnPDBsHLdZCK5iy4g77Hr.1
www.newser.com/	1970-01-20 00:32:39	Name: _cb_svref Value: null
www.newser.com/	1970-01-23 16:08:38	Name: AB Value: N
.scorecardresearch.com/	1970-01-20 17:49:26	Name: UID Value: 170fab204e517076295e61d1643558114
.quantserve.com/	1970-01-20 10:02:52	Name: mc Value: 61f6b4e2-541d7-93f21-f35f7
.newser.com/	1970-01-20 09:57:06	Name: __qca Value: P0-359219440-1643558114329
engine.4dsply.com/	1969-12-31 23:59:59	Name: IKSR Value: {}
engine.4dsply.com/	1969-12-31 23:59:59	Name: INF_DFL8 Value: false
engine.4dsply.com/	1970-01-23 16:11:30	Name: IUID Value: 4c928583-144c-489b-aece-8f9269bf4217
engine.4dsply.com/	1969-12-31 23:59:59	Name: ISSH Value: 60F35B
engine.4dsply.com/	1969-12-31 23:59:59	Name: VMI Value:
engine.4dsply.com/	1970-01-23 16:11:30	Name: CHN Value: #[]
engine.4dsply.com/	1970-01-23 16:11:30	Name: MSSH Value: #{}
engine.4dsply.com/	1970-01-23 16:11:30	Name: MSRH Value: #{}
engine.4dsply.com/	1970-01-23 16:11:30	Name: ILP Value: null
engine.4dsply.com/	1970-01-23 16:11:30	Name: ILPLU Value: #1/1/0001 12:00:00 AM
engine.4dsply.com/	1970-01-23 16:11:30	Name: ILEALC Value: #1/1/0001 12:00:00 AM
engine.4dsply.com/	1970-01-20 00:32:52	Name: ILMPF Value: #False
engine.4dsply.com/	1970-01-23 16:11:30	Name: IPMPLU Value: #
engine.4dsply.com/	1970-01-23 16:11:30	Name: IPMUID Value: #
engine.4dsply.com/	1970-01-23 16:11:30	Name: BSWUID Value: #
engine.4dsply.com/	1970-01-23 16:11:30	Name: IBL Value: #[]
engine.4dsply.com/	1970-01-23 16:11:30	Name: ISH Value: #{"1148":[{"SId":"60F35B","D":"22/1/30T7:55:14"}]}
engine.4dsply.com/	1970-01-23 16:11:30	Name: ISH_Q Value: #[1148]
.newser.com/	1970-01-20 00:42:42	Name: __asAB Value: false
www.newser.com/	1970-01-20 10:02:52	Name: __atuvc Value: 1%7C5
www.newser.com/	1970-01-20 00:32:39	Name: __atuvs Value: 61f6b4e234187290000
.simpli.fi/	1970-01-20 00:42:42	Name: uid_syncd_secure Value: true
.addthis.com/	1970-01-20 10:02:52	Name: uvc Value: 1%7C5
.addthis.com/	1970-01-20 10:02:52	Name: loc Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==
.doubleclick.net/	1970-01-20 09:54:14	Name: IDE Value: AHWqTUmq1btN7edRmIf_nz8IsEcufWGf2NbrJCfILypaf4EYPIRRGYe0-vaWr2dQ
.3lift.com/	1970-01-20 02:42:14	Name: tluid Value: 4452292609422945931315
.tapad.com/	1970-01-20 01:59:02	Name: TapAd_TS Value: 1643558115164
.tapad.com/	1970-01-20 01:59:02	Name: TapAd_DID Value: 505a51aa-8f45-4014-b539-a8465cb52d95
.newser.com/	1970-01-20 09:54:14	Name: __gads Value: ID=7cf6689fa9ed8804-22467ae62fcd00bc:T=1643558114:S=ALNI_MaS6MO25yMEp0j7ynWO3U6VwTKETQ
.agkn.com/	1970-01-20 09:18:14	Name: ab Value: 0001%3AvOKqz0hCEN6WNgAcJ3EXmmKqrz%2FarmSn
.tapad.com/	1970-01-20 01:59:02	Name: TapAd_3WAY_SYNCS Value:
.spotxchange.com/	1970-01-20 09:18:18	Name: audience Value: 03cfe6d8-81e5-11ec-be4d-1be234f70406
.pro-market.net/	1970-01-20 01:15:50	Name: anHistory Value: "cmmwbf653mqz+2+!#7%.!A#'Wl"
.agkn.com/	1970-01-20 09:18:14	Name: u Value: C\|0AAAAAAAAKYlxYwAAAAAA
.adnxs.com/	1970-01-20 02:42:14	Name: uuid2 Value: 2405381491252867701
.crwdcntrl.net/	1970-01-20 07:01:23	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 07:01:23	Name: _cc_id Value: e247cb915f3609718733f5d435b94823
.crwdcntrl.net/	1970-01-20 07:01:26	Name: _cc_cc Value: "ACZ4XmNQSDUyMU9OsjQ0TTM2M7A0N7QwNzZOM00xMTZNsjSxMDJmAILEb1seg2goAABJpwrx"
.crwdcntrl.net/	1970-01-20 07:01:26	Name: _cc_aud Value: "ABR4XmNgYGBI%2FLblMZCCAgAkDwLv"
.pro-market.net/	1970-01-20 04:51:50	Name: anProfile Value: "cmmwbf653mqz+1+1f=1+1g=1+1j=41+rs=s+rt=20010AC800203A001012428E1274C6AF+s2=(r6j5k3)+vm=24-D55E32986792479B93629CFE38557712:53-CAESEKu6vSQEEWc8151cUcavKTg"
.adnxs.com/	1970-01-20 02:42:14	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2E?it'-Z!!]tbPl1N!7OnM$=BWXxjGI6ridf8eieFEcieOvngkN8hh14MejG@>2hv--ggCSub(j#iP(Md+>)fy7G+!FF
.doubleclick.net/	1970-01-20 00:32:41	Name: DSID Value: NO_DATA
.bfmio.com/	1970-01-20 09:18:14	Name: __141_cid Value: D55E32986792479B93629CFE38557712
.bfmio.com/	1970-01-20 09:18:14	Name: __io_cid Value: cd1244462a295bd8c46716a0225f16cf49e66948
.exelator.com/	1970-01-20 03:25:26	Name: EE Value: "e7f10cd398b4ed3437ecdb811b20bd13"
.exelator.com/	1970-01-20 03:25:26	Name: udo Value: "gAAAAAQAAATtKLUv%252FWDtA20aAJZuqkcAjVgH%252FDv9%252F826KjMHIFDPcVKfxxBfBZ414E7ok45hz%252BxK3S3K%252BwhSbPSOn6niF%252BxsoUH1Bp3ZYti3rZp6sADRcBtgkpPKUpcAlQCVANoDMrkGRw4d8i%252FEMFvK1OVms7m5IZ5g2QVfaFNWpUBSbv6FXFb1UvuSwBEQZ9z4Nvz7cLmlwxlEmp3PBks2bcMwHjifWW7PB8ybN50NcpA5gnxrkcsmCt7EGq8fqZQPuaP%252BBZjeQQKQAKJJ5beIE%252F9P8S0tLS1v4P8BOHgWELmjdDiP1LdNkXAI0cJA8U8CjmcEb5dRIgHlVnUowfFrvT32cEtt6FpPtoXf7kE5SdkTTc%252F2RVmm7rCwDeXt8IX21bC4LMtw3HbBZCSx%252FLodIQ9VhJMON8g%252FTX4mq5IOr6fIg7k1m%252BTlWJLG69VdtNJKJDfrZOeQ3BRAWqNcRTiReiTJj1XP0lU6r%252Fj1EHWw5ytCITnZGURuUZsfqPmULT1q7A2OhKN84rZxB9xDVRYr6UlFxT1p0E4ZTKAv5BzT5KIuWyYNLno4B0dV4E188HnDMEynjXwbIXpecY%252FVd9RjVr1YV25DeMpRS5g7exQ1uWUpimlolmXQNNS77bKl%252FYJmvC0NYZmo69ezhOMH1XkzqTlWI1aN4ZYEqrBJj5Z1HcdlNr0BPQ2zeRqvu2heh8l42qY5LryeZWNTXjCt5Knq0VIFv6HiX%252BVJhFiEWIw48CXSkYtKcUsqyuSG5q1C5OL%252FFwx4Ak%252FxFBUij5G5ZFxGimJkGAnOEGFAeBaRCF1dF9cJy2uAZVh40FMGOrzoKQix83H491GRYrYttVI6SDAplVKGY4jFCsgZvvAqg3FcKrN%252BXICs6pmyTKoUmD37Cq6nGuouXNKhM2r4BltvgnqCZnNSlx%252BT%252Fw0VK6NTSEAoQAJClKorDxFwPIzVEJEUW7YDVIUDS4opjLVGSiUj0aEJO2xEKnDvbq4MIfqArhx0CviaxopDmbSY6GXJKpwv%252FmILDV87DY60lDTXVj8rkEXpQcWhaNmPgg9QAnghLmR9CL1gRNp%252BR8U0X3CTgDXXRvzq6QrNGx5opRzeYU64fgPzfLA1%252BnpZ%252Fp8zrT%252B0UcH6xgnPoUJTIfzL4tDT5%252B4T"
.exelator.com/	1970-01-20 03:25:26	Name: ud Value: "eJxrXxzq6XKLQSHVPM3QIDnF2NIiySQ1xdjE2Dw1OSXJwtAwycggKcXQeHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ8SX5RZvoiF9fFRSlpDItKik8F7w%252B9CQCc%252FCqt"

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D55E32986792479B93629CFE38557712 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=D55E32986792479B93629CFE38557712 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
adservice.google.com
adservice.google.de
api.ipify.org
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn.engine.4dsply.com
cdn.intergi.com
cdn.intergient.com
ce.lijit.com
cm.g.doubleclick.net
config.playwire.com
connect.facebook.net
d.agkn.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
engine.4dsply.com
f5c75bd43cedba760199b3fd12a32090.safeframe.googlesyndication.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
img1-azrcdn.newser.com
img2-azrcdn.newser.com
kinesis.us-east-1.amazonaws.com
load77.exelator.com
loadm.exelator.com
loadus.exelator.com
m.addthis.com
mb.moatads.com
newser.com
pagead2.googlesyndication.com
pbid.pro-market.net
ping.chartbeat.net
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
rddywd.com
rules.quantcount.com
s7.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
ssl.google-analytics.com
stags.bluekai.com
static.chartbeat.com
static1-azrcdn.newser.com
static2-azrcdn.newser.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
syndication.twitter.com
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
v1.addthisedge.com
www.google.com
www.google.de
www.googleadservices.com
www.googleapis.com
www.googletagservices.com
www.gstatic.com
www.newser.com
z.moatads.com
s7.addthis.com
104.244.42.200
104.90.192.27
108.157.4.38
142.250.184.226
142.250.185.226
142.250.185.98
159.122.14.34
169.50.137.176
18.135.35.213
18.196.159.27
18.211.139.241
18.66.109.174
184.30.24.121
185.33.220.243
185.94.180.125
216.52.2.30
2600:1901:0:8eee::
2600:1f18:612b:4200:9a2f:8341:7f9b:9de
2600:9000:2156:d000:18:1fcd:34f:cdc1
2600:9000:223c:4200:6:44e3:f8c0:93a1
2600:9000:223c:6400:1a:1459:5cc0:93a1
2600:9000:223d:2e00:14:2602:6e80:93a1
2600:9000:2250:2400:12:4abd:d340:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:3035::6815:40f1
2606:4700::6810:9f11
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:46::69
2620:1ec:bdf::69
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9c
2a02:6ea0:c700::1
2a03:2880:f01c:8012:face:b00c:0:3
3.11.115.229
3.91.171.215
34.192.117.147
34.229.3.43
35.227.248.159
35.244.159.8
35.244.174.68
40.114.51.62
52.19.22.209
52.222.214.42
52.26.6.186
54.91.59.199
69.173.144.139
72.247.226.64
76.223.111.18
02990729bbbb066fccf5f274626c1f0f7e7edbaeaa2d15451fb7062a7264377b
034b0077589cb2fdf5f045f587740877d385374de54fb733c7626bb1119a67ce
04230c3031ba7b616cd9f7c720d87023387dd16cf74c56188edc2049de753bc8
04321424ef276f3762e2cc09dd99a03188d641f3a2cd02d0c8c08b7b95799f24
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
059e5a44ec9f8bab93a45cbf617ac529605f99891cfe7f5e9cb19a5b4cf9cdfe
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
0629f743a7f2e66a09dbb03908062b6a53a33133525eb19471b930a048e6aa43
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b7fd6d5e58c021a19ea46b59a1f91f7596fe7e5df982282a2f3a70b3e35638c
0c82e3739d9fd652c6ac2d8a3745d4a35fbd7a9277b0ef2b2885c1db030c3cb8
0d06df2e703c6ea6489fa19139cfd5f375495183c4145762127dfb5208f2540d
0e95603a1b75398990e8e6c8396068f556799d4efcbe58671ddceb1ab5ba0fc8
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ec30cf425c189a966b4ae2c12c20feee3b2d0e50a18cefb0e411d4db2d5b0db
1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a
11d02526cbaad695117721d111752936444366ac35fec7d36bf8d5fb2aab3094
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
134c165adca320e5fe0db5fa155e5bd92a55b44879c0dc3c6b9f0a9fe343d994
13aff0812c49276fdb1ef2b2292b396ce5e3325a7c13e9582212577d2f0ce975
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1794ce66c6f7b83e3a027cc5b104ad113159a32529a70e3380d47f6e09dbfff5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185b7539076b9f8d807c5740180aac4e2a4b3bc2912b4e9485950ccddb4cb39e
1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0
1b38f2172e240cd582d97f048c5e8cb35554e3c405d03fa229b4e82c3f01438a
1ba7d96e96816ad55477d28aa986a4a867c7531d2168feb5066585dd94195743
1d7ee54bb2d9ca3caf3f169834fb0eac83eb175d64a5bb86e811a0a4653d087c
1fa72666b437fd3fc5a9283ad1b7d64ca681f2a4e7508d1de0eaad6e0bf10750
21349b60e999f29bb11fd1384e57ea43faf7bb39d7822e81c1e30de505663228
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
23130a986b2d780260ca7295774432d7c5ee94cf277a8052a136b910b05f120e
23248ff4b7464d9f03a44d8ca0738f1c418f0e002b3431a33eb78da15eea8d03
237a4fa7a3bc563cc5806f5d26917eb241fb6f2176fcc094e342c473016cedf2
286e0981e7354c418fc0334ddf4b3b8fb930b623c5b67d41ed1a5bfe6fbaf2c8
2af754c993f8edc0beebe165a82680c8d7c85854a1fde7085b8228068d106dcf
2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762
2cddcc76dd7b01e07130b647637c2c81f27ab4a0214973a010e712813f311138
2dd76b128ad19839d224eb21e2f208e9894bea040b9429bf695eb32d511e6e21
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba
2ff8684ee0e3acfe08494f09ab05494bc7cc842af6834e3877eb160a949f0c7e
307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb
316f775333e0567a2ea23141b96349652855962025964f0ba097c64c06fb639a
31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346
3740532989eefa6c15895ca294973e460770de8e660850efc95cd560d817a1bc
390797ba5a9abeddb21d8a1dd72155b4c7c1e5c13b5a7201cdf86df073ad03c1
3aaa5c9fc7d99f8a956ca2481a72f36d142246ad42f68d6ba90ac4edb95a7515
3b556e6cee32c4b0c80ef893fd00eaea90330b3a127a8dffecabbedaf6aba7c5
3bbf185a378e69925f774e6d5844a9884d37561698c585cc9b748cea127c2c2f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f9ebf128c9383c5fc8f3a73439f0e2dfb997f34318383e554b124e37c319c2e
3ff1c2b22a22f605896511bca1355785ea2ed61d904a4220c49da9112008fc0a
411626d5e8eb3616fad95e39e91afe59dcfd424b9492c2c43c76a5199dc69768
416584210870f8e300bce5c552bfbe4d5b1e43274c75233f63c4e7716f15e573
41f9fdd28cd3937d5e42d631b42b9779215ffafe8bf13e9472c4583d94265f7c
41fa061fd8a72f16e9eee21d78b071c6bca68ddc63ca4df9588986ecc62dae28
43a9d053c33ab061ab1cc70ddeebb86270a32c7db64742a1326852d81c0df9e0
4475d2347dac904117a6f94f0c6ae4de9c7c022f44731afa213e4ea9ae86c0a1
44da54fd69c8966482bc49d3744fff0a7fd944dc2dd5732d9f710da7df4329bf
486ab000e859d030da7f768b4c96401d995b79f5b8620eefaafcc2cfcbdd057c
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
49f8584d1d0dbff1c1347ad1db13ef74f8edd89e3f6ccdb5636e3c7b0ca8ea6b
4a517e84097a36e411922caf77510661b58ae21755bd2927057916420e0c4dc4
4a5d81507b6b90d018c7b1ad981d08416582cd454c72a8d93ece700f92f24936
4aa42d7442c394096d40efad6d8d533232c025738083b5c07b34691696888dd1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d51312ee5a72f1a96b6b5dc7c3bad427a65c0cab8812e49bb40018919232f67
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5703b23d96dbffc24fa6f316bad0cfc3d8221f487d45fdbeceb8b26c85b14b
4e7305acb88ef6d07c54958cfa21ab76ce94e637678140ac4abf5ebc3ae76a92
4e7fc8052650e22f03ac26e86cb617119d57ec5d3198b8559e3cf433b279e99f
50bd57f4bdc1ee6ea9a3457cd38b3c0cb3f8293230f579da45e43fb5d66d5fca
5122ba93a9303c1dd09b760b3195122db1beef3b3d673b2274ec5ff2e8512ad1
51b3d1a2d7433f93d0cd3dfcf5838e7221e07329c4806adc9d860e788a17d4fc
5347c78f51c7cf4a4e84d4be12317338a93ff8da7df24519360728769e48a91b
53af68a0dfbd34bf45466d445459a7c07c935b6239a65e8482a23b2b31b84b8e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c964727531aee103f3354a6963e788ff1134736554a674418101f753d092d4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58accf1edfa236b2860d1f18df8f39c05d3f2e3fb87f3fd98ffeecb21795b337
594deea2cdcf15cb176a4cf6bcfb074ba22cc55c698833db25a8ac30d5ede92c
5aefa167c7b8f3305b610d93f3a198818ade815d5f9150df9fbedf00b34b705a
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c8e2b63593c31e87391f96f1a9b4b1c19b67966e560256a40cea1ac6c51307b
5d4fdbd46d6083390a561c90d45d68d23843ec3053b58e25fa3cc702a87b2b7a
5eabdabdabc514c60283bda2ae406f2a04f7e8d94536f544b459accac0e86f72
5ec80b688833a13ec1a4799e36cfb5d3d3cf8ce76917ad2b36a32cda0e9386c1
607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba
65db3d75c61bd51568b39a016efa0cb90f3df0514fcfb6ca65c83892d66e1691
67b41d54a56f1130d8b8b180a5c2fba8bc7bb6c2fc88beb6c8f5a25ba9d69532
69c11828cc2905f5ddbfd2b0d8f78a685c5b7a3502f5235887a22c91b5da6ee9
6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14
714f7ca1e900b9c6cb9e4f395e0c18198004690a6ee756a416a172c2ed9414eb
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7339a6b01e1dacaab8094bf1b1fc3edb7beda9bf32124a95c54534444f3c0caf
73f0cc9da2374ff54b9647526db4113ab88116b60f6e72ca118cd10b291fae24
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
763c78b733637f947959089c8b8727a6b15a6b275f6eb49aa7bcfcc6a6409b64
77c997e2ca9694c65e3ec1cbb1a8c7a82f6fbdfee8d560d36084bedf90e3cca7
788111af235a3ca00adc2d2c6e7ae4acb58f6a091268468f64d74f86f7dae6db
789805032bf81ae4cfca389f685376469a23a1a8933fb5a87778db0286f63c21
78df9e9e47f5809e3438e700f53dd96ae52a3751c8b6f15f68c16f98f8aab900
798f04d4f989a6f4062a630a1e1d642749391b9d4d8ec416f6554c0bc3bbf408
7a6ebc0a1f30c2c64f537a20c1035dd3f1ac5acf86363f72e5316b5beeb0bfa3
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bd9b6d9279d3d2d77ab0c8566cab2c396cd9aab088b3a0276cfc7ddae994467
7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95
7cefc858d85c1be3b1006736f82477a156c2477fff473e9f4e58df38655a3308
7d900ebc614ac1d2adfe556578ff35cd8ba0b821dbf70aefe901684e22e29008
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
82f2bec34a3844a9ef5967820c4848ea385eb51ef9f8dba37dc8863a63f17089
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
870c196156856ec66eb4e1d7b376eca50e218883c93775524484b4fe4603f5ed
8b38afb8226ce92ae65edd3bb8011a83628178ca577ef4a2148f0c99a1d80e4f
8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192
8c853ed75b7345b3d2d9f5af9fb56be87fef7bcf2863f8836345ec318396758d
8cd898214e275702c8334ad5a771326582c3298ddf418760b09b8b6d043289d8
8d69291819d847fed994ee4f0ca9578a6780dec5b3f9826b28b5a4f5c03acd65
8db3cdae20a2cc55562a300687c0e6863a51e53c9735457ad313c09f501422c7
8eef6ec74a5d580cc3f8147131f97094fed7507ad69b79c23fc74f7bde66f421
9195243b049b9bfc32faab0eddd92a137ad4189ca95532921f53dd3057d40d33
94360a6ab3ea5a75cb34a06ef2ff905d7ea0a7dc43eefcff9b6f90e737fa4e41
9464c8837610579e5ac316fc46c1e136c65433f989cf1c6a30c62e840e258348
9769b09b9532fb94b22909364ad7ab7dc2683f4575ef1ee606cb3a6db73748f2
978f69abae4d7fa60114fcea9ee790caa3599e4aa961d630bf8204e8ceb883b4
97dde2799af977e4004e45c29b84b8be9b26ed417ef708b702b34af287ff254d
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
9886f0efcb0eb4cadf9541aa2029b88e9d900dd8c4f395fc2f91ff6691b8455b
996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269
9a1c965417bb6122a80900a20c8fdfb7cf87cd495713c142d93d3c07a64e75cb
9d5019bd2fae955cf530cf7f1a6d48a40595abadfa86a956c118b2c97e9d4779
9da3111da1b3998343d9494f461bc6d38b46947e5651ad71e5c455f9713f7cb3
9dd77e07919ca643d4e7976497fda21e4484c64936e15b54ad6c348257af48f8
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86
a162db4d4ec665954b0c34e7fdec5dc2c7f1f42b54072683b5d5cccfcaf3b11d
a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a5a55d04b4ac5561544c97f9d552b1e45ecfdab797c37d2b1e5d941b8648c4ff
a5e0a2f44a9b19aab51c0429ab10594535ded41e004c5dc2ebdcf022b84b1944
a62348491ab317874ea90c67adea37df3ca6ff3c768af7c293c019ebae858d42
a67c13f917d49cb6abae4b521e55f61a83da2c4b5ba4393b4e59acc954be1c20
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a87d4c2682d10f0750f0e1142e25fce055f0ae596c7a277bbaf2427ddae146bc
a8f20718bcf79ae5797599afb4e59612f2bb75334dc8d40aa8a56d21417ac73c
a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac95d8cf8cb82ae4d077cb942c54f3a130d83902cd407743a770c6b34c4d98b9
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc
af9661ddc030cee02bfbd41baf7608e14327ce95a3199e6714dd8d3a12f21c71
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
b427bf3f448caf3677fabce3ccdbfd6b0d832362665297b8c392efec64c6ee4b
b4fb0434eba77c4e60becbf6a700e1b1f53f8ecc7331a59fb38f1d8771b7efa6
b889e344c4f8d84fbcb58cea388201a47caaab2ab9fcb6769a01b2152b9304e2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9b673f70e36909c34e071263c99d8fdade84b1ced55968c3b658ea5c3f0fa8
bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703
bc779eca15675ccd4bf6aa23f0e6d04638f805f346d46092add71be913fa621d
bd51c6d77f3f20cc41d472110d0bde8dbf406f754773eec6103d40bf5c9df0c1
bddc841f91f5c39676abff8eed53be5c5a23cb2fde6051b72caf1b758e487d64
be045d5a8274db64724bbb9a8c2846e2247c17ec9ea7e13f2a319dde7626ec8e
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bed31c2062d8bcd1167d1be160c5d65dbf8b1ea2a75fe7f91a5396fe71e51cc0
bf93cf51f40cdffc7e84c2267d234704d29fe9941fd22a738c0fea22f221f82b
c00e4b444e4089660152f10bb0cf87d45be907756bf33150841afc2f8a69d791
c0d8c7a6bf76c57da334c1b75724fbb20f592e5040c9088779bc21ed33b177a7
c0e2de1910c51b9146fec0cc847f64b28a62b86f030e1ea05a7d8b05c130dc9f
c14bc74eb84a60374cafb46143c0b2ea118ce9622b75c12cd7196fc129cd8a5c
c3a99bb651bce59ca498c2c9c97290408da53d49dc917232ed4a0dadf10a57e5
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c6147bd9ef55a8d63dc00d57f9bbf6aa9577e5baff33b6a0e11242b1ee588294
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7dff2266b8de79be9543dc8c2aff1b841cdfd58ac0d59c082d9e6f3db5d43f2
c86dd20594d0c4ac6874b84f72ca727f390e0c2948807088a789ddaf38ea5f07
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7cd2a4608296a9ff32e81e120d27a5a37a77f7e67079efba169b43a8743ea2
cba00eeef256b0662dfe41916464ddbd5c1b30f701e8373b760e0cbaf425c98e
cd894fd0d07d985171809c5a1bc653a3388ced6b2e32a44e53c63fc1ea30cec9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c379b08c40f7d7958dbea5824d8b0e580e06cd5d1bf18bb08970de6c543687
d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572
d27516c986b068ec31188f9787d4489255df48361ff089c815b8c2aec5a1bb9c
d4b287e248a1bb66341367e98c58dd2c3ea543ca857717ddb94485a174dcdb63
d5ee43ffd22efce6a405cb805a86f3f6c28c7ed9b4a9427a2e10fad69accf2ef
d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857
d7996ae15bbdf9fa23302679f82c6341f27dcbf3709e6d033c3e3f3ae7876b24
d8396d650599691373314b1cf6fb728df811aba509f8a9bfc0b2499a89da3aab
d8f64ca73c0faaf5d9d1e56252a2d89a23262ea516e7d731adaf5f255d4081a3
d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211
d94cabd1c80c323bb4c523bca18208d8d4091358ccff756018cc265f73bbbf8d
d97e795abc94a584e788c78eaa25a21d61935d7d514fa04655ddadd8e0a44896
da4cf27b9fe0ae190ef96fdbd0d9cc1a69d561ae0172d4d38bf10380d4d33957
da8a4f547b33fd0f6139098d6945e4a4868fcad70204ab34aa4e49bb41a90c01
dd93a97df4a101c9d0b60d1e6ab6ce5a33c8e00b10d4f2f0fdba7554faffd73b
e07fac4323e918dbe03b5112e649861c72aeb3e596ef9acbedeaaec547f529ef
e10b19c837b2c17d7e4b3cb62a9646323d4d0829b88bdb922aa6296dbca9e4cc
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e37ddc50e52e750a906e5b42418e1a4e43ed850845269861e2a4a60f19f2a1f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc
e3d2fe7927de1ade22c1d5cd7c8ab7fbe231dcf8c30d4f93c79ed7b51b38b88d
e40d12b256074d2ba43d1e8098a8bc039e3197ce0fd446a5ced2b9234f741d5c
e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca
e4aadb2562ca721cfd827a843b4f98758939082377413f3b915114e1a4753922
e4ad92e954944eac3807c7f50b2c213d8ddc2bc8a1324ed8986a733d4196e94a
e54700d13ce0f8330e84a54b8f90b7c001be13158afe64266bbf44b42c76a32f
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e755eee43bcdcb69b3f7b2dbff081a9af26e9da32c92ec2f175ac0efe0f51423
e990f8a7023db06444f9552e7bde007060d0e1e86b72ae845f24471bce3339e5
eb4de3219f3172598a654936fb43f09992a57d9169b94f4f4abb1e08f554b34e
ee860898fcc938895b1b12a278cb8f997f65b23214b102ba2c42738a028f1a17
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f33f6446320fb034227d51337ec86a0f263cb1ed53e4275cae2fb55b322504cc
f3e86d587123901c7f69c6bcf1a190e243b29f792e1d4261ddc5dcfd4e044b66
f414033c9b93d7223d3651dc723bf66c6c368d2a6616f4500b300e805efc4419
f807b7652390cbf0f3caef0abc752e93c026cf7d2c46fa8e20b9e3f3a2dfd867
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fa2f0e9c789e85c558c08a5b84edbc14ebd795915d13987a53032214e8fc3b1a
fb0da9c5679e4e04fe036c10e42d93ed5a9a3a8f632db1cfdcdf6352ee4ff789
fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fe443970eb7a49a4749815af2e1002e4b65aac7635a1ea7a92b9ef708e3cac4a
febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8
ff76febbb198182768c97dc65c99a48194b9f837e8aea60b94c6f9b776e51977

www.newser.com Open in urlscan Pro 40.114.51.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

291 Requests

92 %HTTPS

51 %IPv6

45 Domains

72 Subdomains

60 IPs

6 Countries

6538 kBTransfer

10984 kBSize

68 Cookies

4 Outgoing links

Redirected requests

291 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newser.com Open in urlscan Pro
40.114.51.62 Public Scan

Screenshot
Live screenshot

Full Image

291
Requests

92 %
HTTPS

51 %
IPv6

45
Domains

72
Subdomains

60
IPs

6
Countries

6538 kB
Transfer

10984 kB
Size

68
Cookies

291 HTTP transactions
5 data transactions