news1update.com Open in urlscan Pro
104.21.82.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://news1update.com/
Submission: On October 31 via automatic, source certstream-suspicious (October 31st 2021, 12:23:15 am UTC) — Scanned from DE

Summary HTTP 94 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 33 IPs in 8 countries across 40 domains to perform 94 HTTP transactions. The main IP is 104.21.82.81, located in United States and belongs to CLOUDFLARENET, US. The main domain is news1update.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 31st 2021. Valid for: a year.

This is the only time news1update.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	104.21.82.81 104.21.82.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
1	69.16.175.42 69.16.175.42	33438 (HIGHWINDS2) (HIGHWINDS2)
1	192.0.73.2 192.0.73.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	104.26.4.7 104.26.4.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
3	51.89.24.70 51.89.24.70	16276 (OVH) (OVH)
1	13.225.87.108 13.225.87.108	16509 (AMAZON-02) (AMAZON-02)
1	18.195.98.10 18.195.98.10	16509 (AMAZON-02) (AMAZON-02)
3	18.66.97.109 18.66.97.109	16509 (AMAZON-02) (AMAZON-02)
1	138.197.56.196 138.197.56.196	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
2	18.66.112.41 18.66.112.41	16509 (AMAZON-02) (AMAZON-02)
1	67.202.94.86 67.202.94.86	32748 (STEADFAST) (STEADFAST)
1	104.18.29.199 104.18.29.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1	208.100.17.181 208.100.17.181	32748 (STEADFAST) (STEADFAST)
11	63.35.242.195 63.35.242.195	16509 (AMAZON-02) (AMAZON-02)
1	172.67.220.51 172.67.220.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	104.16.91.60 104.16.91.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
3 3	54.170.158.38 54.170.158.38	16509 (AMAZON-02) (AMAZON-02)
2 2	52.30.48.112 52.30.48.112	16509 (AMAZON-02) (AMAZON-02)
1	51.144.7.192 51.144.7.192	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.31.165.105 52.31.165.105	16509 (AMAZON-02) (AMAZON-02)
1 1	69.169.86.38 69.169.86.38	29838 (AMC) (AMC)
1	64.58.232.180 64.58.232.180	13649 (ASN-VINS) (ASN-VINS)
1	52.211.195.119 52.211.195.119	16509 (AMAZON-02) (AMAZON-02)
6 7	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
2 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
2 2	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	72.251.241.204 72.251.241.204	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.124.143.99 3.124.143.99	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
94	33

35 104.21.82.81 (United States)

ASN13335 (CLOUDFLARENET, US)

news1update.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.4.7 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.24.70 (France)

ASN16276 (OVH, FR)
PTR: ip70.ip-51-89-24.eu

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.108 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-108.fra2.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.98.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-98-10.eu-central-1.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.109 (United States)

ASN16509 (AMAZON-02, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.197.56.196 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.90.192.27 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.148.16 (Norway) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.41 (United States)

ASN16509 (AMAZON-02, US)

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.29.199 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.32 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.181 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip181.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 63.35.242.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.220.51 (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.91.60 (United States)

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.126.47 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.170.158.38 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-158-38.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.48.112 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-48-112.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.144.7.192 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.165.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-165-105.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.86.38 (United States) 1 redirects

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.180 (United States)

ASN13649 (ASN-VINS, US)

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.195.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-195-119.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.184.216.10 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.13 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.248 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.49 (United States) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Southampton, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.141 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.143.99 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-143-99.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.38 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	news1update.com news1update.com	2 MB
14	crwdcntrl.net tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	23 KB
9	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	8 KB
7	eyeota.net 6 redirects ps.eyeota.net	4 KB
6	gstatic.com fonts.gstatic.com	94 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net	1 KB
3	doubleclick.net 2 redirects cm.g.doubleclick.net	953 B
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	bluekai.com tags.bluekai.com	937 B
3	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com onetag-geo-grouping.s-onetag.com	12 KB
3	dtscout.com t.dtscout.com	10 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	941 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	turn.com 2 redirects d.turn.com	861 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	avct.cloud 2 redirects ads.avct.cloud	896 B
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	tapad.com 2 redirects pixel.tapad.com	914 B
2	onaudience.com 2 redirects pixel.onaudience.com	718 B
1	rubiconproject.com token.rubiconproject.com	214 B
1	adgrx.com cm.adgrx.com	408 B
1	ml314.com ml314.com	422 B
1	mookie1.com ib.mookie1.com	992 B
1	ib-ibi.com 1 redirects global.ib-ibi.com	511 B
1	krxd.net beacon.krxd.net	338 B
1	cintnetworks.com c.cintnetworks.com	328 B
1	avocet.io 1 redirects ads.avocet.io	204 B
1	truoptik.com dmp.truoptik.com
1	taboola.com trc.taboola.com	238 B
1	pubmatic.com image6.pubmatic.com	166 B
1	dtssrv.com a.dtssrv.com	562 B
1	amung.us whos.amung.us	144 B
1	dtscdn.com t.dtscdn.com	406 B
1	sharethis.com pd.sharethis.com	88 B
1	waust.at waust.at	7 KB
1	gravatar.com secure.gravatar.com	2 KB
1	jquery.com code.jquery.com	83 KB
1	googleapis.com fonts.googleapis.com	2 KB
94	40

	Domain	Requested by
35	news1update.com	news1update.com
9	sync.crwdcntrl.net	bcp.crwdcntrl.net
7	ps.eyeota.net	6 redirects bcp.crwdcntrl.net
7	ic.tynt.com	news1update.com
6	fonts.gstatic.com	fonts.googleapis.com
4	sync-tm.everesttech.net	4 redirects
3	cm.g.doubleclick.net	2 redirects bcp.crwdcntrl.net
3	match.adsrvr.org	2 redirects bcp.crwdcntrl.net
3	tags.bluekai.com	news1update.com bcp.crwdcntrl.net
3	tags.crwdcntrl.net	t.dtscout.com tags.crwdcntrl.net
3	t.dtscout.com	waust.at t.dtscout.com
2	secure.adnxs.com	2 redirects
2	pm.w55c.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	sync.mathtag.com	2 redirects
2	d.turn.com	2 redirects
2	dpm.demdex.net	2 redirects
2	ads.avct.cloud	2 redirects
2	loadm.exelator.com	1 redirects bcp.crwdcntrl.net
2	pixel.tapad.com	2 redirects
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	pixel.onaudience.com	2 redirects
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	cm.adgrx.com	bcp.crwdcntrl.net
1	ml314.com	bcp.crwdcntrl.net
1	ib.mookie1.com	bcp.crwdcntrl.net
1	global.ib-ibi.com	1 redirects
1	beacon.krxd.net	bcp.crwdcntrl.net
1	c.cintnetworks.com	bcp.crwdcntrl.net
1	ads.avocet.io	1 redirects
1	dmp.truoptik.com	bcp.crwdcntrl.net
1	trc.taboola.com	bcp.crwdcntrl.net
1	image6.pubmatic.com	bcp.crwdcntrl.net
1	a.dtssrv.com	t.dtscout.com
1	de.tynt.com	cdn.tynt.com
1	cdn.tynt.com	waust.at
1	whos.amung.us	waust.at
1	onetag-geo-grouping.s-onetag.com	get.s-onetag.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	t.dtscdn.com	t.dtscout.com
1	pd.sharethis.com	t.dtscout.com
1	get.s-onetag.com	t.dtscout.com
1	waust.at	news1update.com
1	secure.gravatar.com	news1update.com
1	code.jquery.com	news1update.com
1	fonts.googleapis.com	news1update.com
94	46

This site contains links to these domains. Also see Links.

Domain
wordpress.org
themezhut.com
whos.amung.us

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-31` - `2022-10-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.s-onetag.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
sharethis.com Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
t.dtscdn.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-15`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-04-26`	6 months	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.truoptik.com Go Daddy Secure Certificate Authority - G2	`2020-10-19` - `2021-11-20`	a year	crt.sh
*.cintnetworks.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-04` - `2022-11-04`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://news1update.com/
Frame ID: D024E4E257F837F90DC4FCEE4DAA7319
Requests: 69 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A016356397899DA8D27DF0A1540B16
Frame ID: DDD821B0744E81E18D09B1172D32DDF4
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 78CDAB8E6443ECD4E7F18AA8989D7AC4
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Frame ID: 37BA54B25031C2A3EC3BE2EC1E4AC8AF
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

news1update - News & Lotto

Page Statistics

94
Requests

86 %
HTTPS

0 %
IPv6

40
Domains

46
Subdomains

33
IPs

8
Countries

1791 kB
Transfer

2469 kB
Size

47
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://themezhut.com/themes/bam/
Title: Bam

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/vzptyclsbl/
Title: 6

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://pixel.onaudience.com/?partner=137085098&mapped=51A016356397899DA8D27DF0A1540B16 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=2731ec37409d29fc

Request Chain 74

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=dd3bd72ca8297b89d77ecb1d6377a23b&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=dd3bd72ca8297b89d77ecb1d6377a23b&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=748cc2eb-77ea-471f-b14a-46aac58329a1

Request Chain 76

https://loadm.exelator.com/load/?p=204&g=260&buid=dd3bd72ca8297b89d77ecb1d6377a23b&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=260&buid=dd3bd72ca8297b89d77ecb1d6377a23b&j=0&xl8blockcheck=1

Request Chain 77

https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=72e57b36-fab1-4b4a-a9b3-5a03f6b5afde

Request Chain 78

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=dd3bd72ca8297b89d77ecb1d6377a23b&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=dd3bd72ca8297b89d77ecb1d6377a23b&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=25633436396905633952614128001398424601

Request Chain 81

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=dd3bd72ca8297b89d77ecb1d6377a23b HTTP 302
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=dd3bd72ca8297b89d77ecb1d6377a23b

Request Chain 83

https://ps.eyeota.net/match?bid=51mdg9u&uid=dd3bd72ca8297b89d77ecb1d6377a23b HTTP 302
https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=dd3bd72ca8297b89d77ecb1d6377a23b HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mml0NTJQZ1VMSC0zUTdaNi1OWFVObjVMWFBEX3I2Y1ZyMnRiQkNZS3JzLW8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mml0NTJQZ1VMSC0zUTdaNi1OWFVObjVMWFBEX3I2Y1ZyMnRiQkNZS3JzLW8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_gid=CAESEENWDTO09t_-eQv-opbOzI8&google_cver=1 HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3665776821317688752&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
https://ps.eyeota.net/match?bid=7vi0rg0&uid=f5c7617d-e1f0-4b00-a258-cedb0d77a3c4&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& HTTP 302
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26&_test=YX3h8AAA6YwllQBG HTTP 302
https://ps.eyeota.net/match?uid=YX3h8AAA6YwllQBG&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=51mdg9u&&_test=YX3h8AAA6YwllQBG HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
https://ps.eyeota.net/match?uid=d2db0df8-2eac-4aa4-8d6d-32a92cb79714&bid=1e2n4ou

Request Chain 85

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=f5c7617d-e1f0-4b00-a258-cedb0d77a3c4

Request Chain 86

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=af15f52b-d9fa-45d3-8460-5e9b43b02902-617de1f0-5553

Request Chain 88

https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=ujywheiG1MGYCY5

Request Chain 89

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YX3h8AAAAhxyvQBR HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YX3h8AAAAhxyvQBR&_test=YX3h8AAAAhxyvQBR

Request Chain 92

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/dd3bd72ca8297b89d77ecb1d6377a23b/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3737834415355616688

Request Chain 93

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=586123951%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D586123951%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=586123951/tpid=8351387298563148106/tp=ANXS

94 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
news1update.com/ 54 KB
10 KB 261ms
215ms Document
text/html 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75e4c2fc4a1a88461c0398b19907efc9ab4bb82ea97943b3aa8b914d890700be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 31 Oct 2021 00:23:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding, Cookie
cache-control: public, max-age=14400, must-revalidate
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 31 Oct 2021 00:23:08 GMT
cf-cache-status: EXPIRED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyD6A2VkvzAG%2BmAM4JfEjxLtzeOyOxAyJ36NyxhetV48W4a%2BZN98nC285tl4mv5lpVa5pKLF%2FdRorf9h%2Fnh4gdBuZJ5XELmoZVsZB8UwyC5%2Fnb21zCjgcPitFOXkBaBEbYU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a68bba4b8f24125-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.min.css
news1update.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 256ms
255ms Stylesheet
text/css 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.3

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 10:10:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60781103-e33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzHDYuYJKFGs8dp1eJXXM%2FK%2FyBj2QpXf1HbQkcshXwZi2LWL4MCq47ebmAd7qPeSKHK5LQu6CC93FKcjBao%2F2FZdbK3sU%2BK3r%2BvtIj%2F4EEgJiWFUd4RvJmqpo0Z8YAF2RSI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bba629d24125-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme.min.css
news1update.com/wp-includes/css/dist/block-library/ 3 KB
1016 B 212ms
210ms Stylesheet
text/css 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.7.3

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Mar 2021 17:34:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6054e09d-a9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5ium%2FsV1zchoFCW7id1Tkc1prBrjN1lgnZuqgXLGS2%2B0kkq%2B98UrsZyZqW%2BgpAqe9wMoRork6BaDL9KJPFXmvuplc7287mHQiDIPxRMUWok5bQNtq8k3Y%2FJ8MbHlEwhBhY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bba629d64125-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
news1update.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 194ms
193ms Stylesheet
text/css 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2630
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 19 Mar 2021 16:49:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6054d5fe-a46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oA87GE1dEA8CbXPR67tUIMPBSgDe530aUn7GPLYhCpU%2Bvm%2B3WMz5smdYCPZfRHyeX6SZCeTl1LEhO9y%2BxDfX5KTNJYEYXXyaZB5V4C3LAqt9OHR9STKhvoIsI0bBOhIwOrw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bba629d74125-PRG
cf-bgj: minify

GET
H2 200 cookie-law-info-public.css
news1update.com/wp-content/plugins/cookie-law-info/public/css/ 3 KB
1009 B 213ms
212ms Stylesheet
text/css 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.1

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3109
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 19 Mar 2021 16:48:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6054d5f7-c25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aapApsSe2SSrD6bwwA3JvwMbGRp1Q0k5k5oMDvaBIEhp%2B78k9nANZb3Uri1yPenCWUJ%2B5kTg%2FJjnhaNPXSrJbfY64tN7RjBulFOs%2BskWGtR4OywDy3uISBdY0BQlwDiFkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bba629d94125-PRG
cf-bgj: minify

GET
H2 200 cookie-law-info-gdpr.css
news1update.com/wp-content/plugins/cookie-law-info/public/css/ 22 KB
4 KB 219ms
218ms Stylesheet
text/css 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.1

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf291201b76e17fdbfb732933a2738cba6b4fa9308a29c86994047aa354883a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=28367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 19 Mar 2021 16:48:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6054d5f7-6ecf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABchpUSRC2pMkPbfjFBJ4PgZ2lgeIKHvRemm8RLgS57cYWvrmPJrpVgSi0lLhnYcIt0c7OfBiSnevj3I30VHPKlhIevuLSHAovF0X8EQrg%2Bfq6COZoLQENzntYS%2BOB9Nl%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bba629dc4125-PRG
cf-bgj: minify

GET
H2 200 font-awesome.min.css
news1update.com/wp-content/themes/bam/assets/css/ 30 KB
7 KB 804ms
803ms Stylesheet
text/css 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-content/themes/bam/assets/css/font-awesome.min.css?ver=4.7.0

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Dec 2020 10:09:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5fc6165e-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeTrYNd19ZenSKLlO5Ih98G4RvNC5OlKQ0odr%2BacXjDpetXmd1Nkm9p1HGTyBRfre1x7fBgpdlsRG3qiigv%2BCbOlPHBCcVvMd4XtM0syWvH60IA7iOqf8dhPV672jOnS2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bba629de4125-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
news1update.com/wp-content/themes/bam/ 35 KB
8 KB 254ms
253ms Stylesheet
text/css 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-content/themes/bam/style.css?ver=5.7.3

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

002ad1a6e4e07d4a7d8ae2e0af020e781fb995d17895a4e493afee7e5d06d8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=53371
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 01 Dec 2020 10:09:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5fc6165e-d07b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLPA4itE1q%2Bwfm%2FF6T4LJgM2pO3Bx%2FUSXN%2BragDsdK0tTLLZ2EmOLXgMFtaOWxeHwheDt1ikKue7Zlh89Fd9JiPXiao4p1uEIe%2FT2fsMbI%2Fxyy0RAQQk56nMrRh7FUsQbVM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bba639df4125-PRG
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 39 KB
2 KB 38ms
16ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i|Roboto+Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i%26subset%3Dlatin

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

ac0b0aac509f80123428ddecca386d4e69c8e6c9be60e3843fadf5633a81603c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 22:26:13 GMT
server: ESF
date: Sun, 31 Oct 2021 00:23:08 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sun, 31 Oct 2021 00:23:08 GMT

GET
H2 200 jquery.min.js Show response
news1update.com/wp-includes/js/jquery/ 87 KB
32 KB 198ms
197ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 16 Jan 2021 04:46:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60026f9b-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9qyO%2FpvanMKEtplgh7liVnFJDscqftkCbhYRimEUMzRjKG4jdsedMcsqL4OhHiKeHJS8nZBHWVZ5FiJGazLE2nUGdNfM1HGDNbpQpLG7qqZFiuc0K2nyFFnuWAaMdRoVv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bba639e04125-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
news1update.com/wp-includes/js/jquery/ 11 KB
4 KB 199ms
198ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 16 Jan 2021 04:46:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60026f9b-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eX2rmev%2B6w58YkgDmrOx4b2MaOA8Ndn3rPE7IRHr7dQ6GRJr4ZUEfUm3HDJWHuJzrTuG%2F391gNl3jbb8EP9JjXH8sO2Ws107VfcEjvPoM9QMPvycC%2B6FymO9lx07r10hds4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bba639e14125-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie-law-info-public.js Show response
news1update.com/wp-content/plugins/cookie-law-info/public/js/ 27 KB
7 KB 217ms
216ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.1

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565792988e0024c0052af3e0806bc478c6ac97e2ecd1de917feb2695130f2089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=35807
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 19 Mar 2021 16:48:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6054d5f7-8bdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsKxEo8itFsFtxeOX7oYj20BDozqH6xtnL%2BvQiMBi3ri7tDSxUtSsyCvN3voSqYlXeG3g23LzExczcubNrusrHpgMEKjttHIUAmpUoT9DsUT0EXJFcwvqj%2FgPh9cGQGIOio%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bba639e24125-PRG
cf-bgj: minify

GET
H2 200 jquery-3.5.0.js Show response
code.jquery.com/ 281 KB
83 KB 34ms
15ms Script
application/javascript 69.16.175.42
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.0.js
Requested by: Host: news1update.com
URL: https://news1update.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: aff01a147aeccc9b70a5efad1f2362fd709f3316296ec460d94aa7d31decdb37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:08 GMT
content-encoding: gzip
last-modified: Fri, 10 Apr 2020 15:24:08 GMT
server: nginx
etag: W/"5e908f98-463a1"
vary: Accept-Encoding
x-hw: 1635639788.dop229.fr8.t,1635639788.cds278.fr8.hn,1635639788.cds136.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 84374

GET
H2 200 85c8a83de457ad39aa50120c21e7490e
secure.gravatar.com/avatar/ 1 KB
2 KB 25ms
6ms Image
image/jpeg 192.0.73.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/85c8a83de457ad39aa50120c21e7490e?s=96&d=mm&r=g
Requested by: Host: news1update.com
URL: https://news1update.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 31 Oct 2021 00:23:09 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="85c8a83de457ad39aa50120c21e7490e.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/85c8a83de457ad39aa50120c21e7490e?s=96&d=mm&r=g>; rel="canonical"
content-length: 1528
expires: Sun, 31 Oct 2021 00:28:09 GMT

GET
H2 200 d.js Show response
waust.at/ 13 KB
7 KB 56ms
19ms Script
application/x-javascript 104.26.4.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: news1update.com
URL: https://news1update.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2045
last-modified: Mon, 03 May 2021 17:48:39 GMT
server: cloudflare
etag: W/"60903777-3444"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KE8uHpP6Z6ua1uNKJihUk%2Fe7npnJo8Qn4XyY8JLpyPeI94oeyYO4WoOmVh%2FPVZi2DdwU0TpzEYvlo%2BsvcipH1dbGR5TgAEVARuH7dLqRTGj5symfWHSPxC3S"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6a68bbab882e2780-PRG
expires: Sun, 31 Oct 2021 23:49:04 GMT

GET
H3 200 wp-polyfill.min.js Show response
news1update.com/wp-includes/js/dist/vendor/ 97 KB
34 KB 202ms
201ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Jun 2020 11:50:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ef9d585-183ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EqrH1ui0VzXeGzGgDRPc98IoDs1X7bP6qKGdLF1lYHffRzptL7BXzc4EKKcALuTZhqg2yheb2Vn96bLbLz0wH1oYOKbErBDNDJ2RA7h5XuV%2BHTotxXJfhF4zmWU60KZYAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bba7cd954107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 hooks.min.js Show response
news1update.com/wp-includes/js/dist/ 7 KB
3 KB 197ms
197ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcc650dabdeef66e791d2159bddf7e6ec415841c265e2e121bfdf8da9f898837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Sep 2021 10:09:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6139dd49-1b43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRAe18z6Apmpjf5LJzkzYMZbGsZ0WKSvzFxQmHoE1IeHcUaQ%2FllGCR%2BczZzjybOt2MB0AeQPmmn9T%2B9c61Pg4s4Ofl3rrwKZeFCTzn9eRQAd5o2HVI00Ek3aB1UK0jsgTP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bba93e8e4107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 i18n.min.js Show response
news1update.com/wp-includes/js/dist/ 10 KB
4 KB 219ms
218ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-includes/js/dist/i18n.min.js?ver=6ae7d829c963a7d8856558f3f9b32b43

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

584d623ec3125bfc106a88a57bfccb15faf6ec72547191f81b894612ad910cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Sep 2021 10:09:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6139dd49-27d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23MpYk4PDjgXo1z8WCbhzk4MUl0zG4J8RXFjWT%2Bais6dlVJTMFSVeJcvZqREiDTKX2N1x6jTSGjEwaziskpYx3ZVtgG9ourgoZe3A10ozlqGIlvJQ63pFJlSkIxivJ%2BsSpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bbaa7f694107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 lodash.min.js Show response
news1update.com/wp-includes/js/dist/vendor/ 71 KB
27 KB 211ms
211ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.21

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 11 Jul 2020 00:36:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f090987-11c65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWabjIEYMgPxDLQOWvxUgMfoo2lrPieRwLlYFfYJZ10VgQjzlHjgYLu0J%2Bw2YtPOFbrLuEMWptRou1cQe5Omy00dd0Qdmhsc2mHeolcAeh%2FfL1TOG%2Bsan%2FmG1ySVGt5v5QQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bbab3ff24107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 url.min.js Show response
news1update.com/wp-includes/js/dist/ 8 KB
4 KB 228ms
226ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-includes/js/dist/url.min.js?ver=b2a17503b1ff42b789ce34b159a311cf

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf3e93a14e4c70610e6ce91c336d0e16e03a9d04af43aacbd242047df3016c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Sep 2021 10:09:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6139dd49-21de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ozXAZ44F1ZOIT32I%2F8xET3nNGWQ9hucEKiU3QhHS8eoGSpgBUfvDjHZi42jx3N5OnzzWM6HURNuN5CwpEpuX8vrxEA158%2B4pDcpuZ5J%2BG3mcYupOeY4EFLVpBtXTOmWPRc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bbab58074107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 api-fetch.min.js Show response
news1update.com/wp-includes/js/dist/ 12 KB
4 KB 210ms
209ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-includes/js/dist/api-fetch.min.js?ver=25cbf3644d200bdc5cab50e7966b5b03

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

601be129c09bdbb9d98f8f14521bd693a0569aaa88a1b3e2b526f47210240c63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Sep 2021 10:09:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6139dd49-304d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRPGzvihaBRHyOUhTCAivZxuOQwqplihyr7pepKE7ox9RLvofkSeBEGpgWqLpSnMP4kBL%2Fwmv6aMf2DK5kLI80whGNOowKQtyAUmoSnmKFYJno06txuk%2B4dQQYvVycMqK%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bbab58084107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 index.js Show response
news1update.com/wp-content/plugins/contact-form-7/includes/js/ 11 KB
4 KB 211ms
209ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Mar 2021 16:49:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6054d5fe-2ac2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LOZ%2B5yjE4737rXyqRhTOAzdBCkeEz6%2BnY4rPlXChP0v%2B8lNbboXLB7KQC9JzN4PyjYT77KNebvDkEVccQOYszUVqvbUW9A2uo%2BGPlHYQ0mA%2F3%2BWBUgkkeZWJSG79uEcseg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bbab580a4107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 scripts.js Show response
news1update.com/wp-content/themes/bam/assets/js/ 186 B
762 B 706ms
705ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-content/themes/bam/assets/js/scripts.js?ver=5.7.3

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd7f3e58b5e81608301fbb1138d966412f4be8381812d42b380e75076ada5747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=245
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 01 Dec 2020 10:09:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5fc6165e-f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qxlVCtTZN%2FrboZRBNNt3dungy7vUDvP4qUJFbdR1GTKPEGOBlGiT23mTpbhuw7WB9x4GFPgocvwz2eYlnHq3ut3IH5rLzk91VY%2BQ69fy6PcihhCNTOgZdN1068zywPZWq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bbab580b4107-PRG
cf-bgj: minify

GET
H3 200 main-navigation.js Show response
news1update.com/wp-content/themes/bam/assets/js/ 3 KB
1 KB 794ms
793ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-content/themes/bam/assets/js/main-navigation.js?ver=5.7.3

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b2467f4d0e26b9ca7d9694038a7edbadbbc17cb3afd5c3165495568d63f18ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3690
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 01 Dec 2020 10:09:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5fc6165e-e6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BChew7fqPVoy2O%2FRchRTMMZ4zV3ypKozwLdBR6G4dWQ0iGESfC4BIThbXS%2BTzCCkyRoxRQgPqVJkT6M7OHHhD%2FvNEf7WuFyDQeySFw6f6qBVQePVfOdjdA%2BhYpRhaCjMDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bbab580c4107-PRG
cf-bgj: minify

GET
H3 200 skip-link-focus-fix.js Show response
news1update.com/wp-content/themes/bam/assets/js/ 426 B
876 B 228ms
226ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-content/themes/bam/assets/js/skip-link-focus-fix.js?ver=20151215

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=685
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 01 Dec 2020 10:09:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5fc6165e-2ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezfLLPyDXszm4ap1faIM7bt%2B3GSIB7lBMgZiXponl49r3kRZfOIDphpoxMg3QlEZBKFNAIGy4JwUH7q3TS9IwiTIvsTzekPPxBTFzrLgskvGHre7x2rqhscPq3exr1uPDLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bbab580d4107-PRG
cf-bgj: minify

GET
H3 200 jquery.fitvids.js Show response
news1update.com/wp-content/themes/bam/assets/js/ 2 KB
2 KB 211ms
209ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-content/themes/bam/assets/js/jquery.fitvids.js?ver=5.7.3

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cceb44ae76f84a02f9598cf9c339945ff502fa5e56269c86062d760c184069cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3350
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 01 Dec 2020 10:09:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5fc6165e-d16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJnFpT0zMoSu08xNjvv262PRngmMi6bP4uDWNcCr6agpJdORo1KKAyAhr6WXzWCtg4h5Y311teLIA3jxkNOd%2FQQJfW2IB4TE%2BzWUBHZdR7IT1yapB4%2BuRsFcqQVjtBa8r3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bbab580e4107-PRG
cf-bgj: minify

GET
H3 200 wp-embed.min.js Show response
news1update.com/wp-includes/js/ 1 KB
1 KB 211ms
210ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-includes/js/wp-embed.min.js?ver=5.7.3

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 22:08:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"601b1efa-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pm28QNmb%2BTdOjgwl6HxlFETx49erK9l%2B19qY1DfiLAI94keMY4xCAQNFyQk%2FVO3vmFa2UXuv0n%2F%2FziVtfbOhaY%2BywW5o%2Bpas35PzM2anh7ixDUmPKvG7O8lSZA63J2XwXXc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bbab58104107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-emoji-release.min.js Show response
news1update.com/wp-includes/js/ 14 KB
5 KB 211ms
210ms Script
application/javascript 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.3

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 22:08:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"601b1efa-3795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMQRliMQXRB4iLSSPaa5NdjpbsYRWzLbf9bW3a2fUDlpg7t3GtOIWkLunh4i5ZOZ2AAtCqxcEfIcYmDRvsORFvhSbM%2FraihpyehG117y1ozoia6Bvm2w14yYkITRfS3Xg2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6a68bbab58114107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 34ms
7ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i|Roboto+Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i%26subset%3Dlatin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news1update.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 11:16:30 GMT
x-content-type-options: nosniff
age: 565599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 24 Oct 2022 11:16:30 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
16 KB 42ms
16ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news1update.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 04:16:28 GMT
x-content-type-options: nosniff
age: 158801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 04:16:28 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 45ms
19ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news1update.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:28:54 GMT
x-content-type-options: nosniff
age: 183255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 21:28:54 GMT

GET
H3 200 fontawesome-webfont.woff2
news1update.com/wp-content/themes/bam/assets/fonts/ 75 KB
76 KB 205ms
204ms Font
application/octet-stream 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news1update.com/wp-content/themes/bam/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: news1update.com
URL: https://news1update.com/wp-content/themes/bam/assets/css/font-awesome.min.css?ver=4.7.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news1update.com/wp-content/themes/bam/assets/css/font-awesome.min.css?ver=4.7.0
Origin: https://news1update.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Dec 2020 10:09:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5fc6165e-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arLhNOEfIr9HEOnmUMJO6GOqhtt8TXFOQGU9r9rkOpGOIXyJ3RE1eAt7eSYjtM4yDiQLAXtZLNGNY5oK00WiTOWkFwEFyol3fPJuI4cwvMQE3B71SiVnEyNqpzQgACJekEU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a68bbab681a4107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 47ms
21ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news1update.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 20:32:05 GMT
x-content-type-options: nosniff
age: 186664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 20:32:05 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 36ms
10ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news1update.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:55:21 GMT
x-content-type-options: nosniff
age: 455268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 25 Oct 2022 17:55:21 GMT

GET
H3 200 3-48.jpg
news1update.com/wp-content/uploads/2021/10/ 44 KB
45 KB 258ms
258ms Image
image/jpeg 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news1update.com/wp-content/uploads/2021/10/3-48.jpg

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ee74b012ce71587daf1738e5d476630d84a7f33d922a512319c5af0c762eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 45218
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Oct 2021 14:47:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "617c0993-b0a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZhdK6CXClXc3el9Ca5lQpLvW0LqJROkSv9Bk0uQZzY2CQr%2FJCvnTd0Qog8BTRMTNMFphpyjoBYvbIs%2F0kS2a0ji0RhegbVS%2FlE4VhsbDVl0xAxQrpTGDXTrRPCEUyfy0U0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a68bbabd86a4107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2-31.jpg
news1update.com/wp-content/uploads/2021/10/ 42 KB
43 KB 218ms
217ms Image
image/jpeg 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news1update.com/wp-content/uploads/2021/10/2-31.jpg

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f2e258f84db518c0cfd9e34c228ed2557eb3fdf17de6a318b28bb7d27bbe05a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 43295
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Oct 2021 09:41:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "617bc1b3-a91f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRTK4pn%2BQuOmuKt0uHjWiaREzhm%2BYXMwMM4rNkP6BpbYhw6k%2Fe5HRbftwoU4dVgJPZeukl9HpwvOkEbawCySQf0amWFYlaiHTkWYDnl9ab3DJ9goFhNNCptVyLuVpgoS16w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a68bbabd86b4107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 3-47.jpg
news1update.com/wp-content/uploads/2021/10/ 88 KB
89 KB 923ms
923ms Image
image/jpeg 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news1update.com/wp-content/uploads/2021/10/3-47.jpg

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b67f719329c8ddc8b86b8eb5559c3d35caaa32de6546fc2f910f9e23fa85103b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 90391
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Oct 2021 08:26:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "617bb03e-16117"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfbgbEjMhDA4BpIz8EnRi2X0LtNZrXtnetLX%2B8QD0ysovhvGuqPFqvWLfgA4eMKDHrFzTpy%2FtXLcI2r1yN%2FkeQZ9fdTjevB96C90gtIrQbqdz4M%2BCV54HdwAfdgoa4VIv0U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a68bbabd86c4107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2-29.jpg
news1update.com/wp-content/uploads/2021/10/ 65 KB
66 KB 212ms
211ms Image
image/jpeg 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news1update.com/wp-content/uploads/2021/10/2-29.jpg

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

815b6b017603cc5457b47210e2f4dcb129266a5c1564a20cc24b8c1d741fbc67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 66923
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Oct 2021 05:54:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "617b8c99-1056b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUVOtoqtLJJiC%2FkV50OJ%2BWWGCsu83SqUJw6MwXBhVFeBY8Zp3SLk91uxGq7qys5Q%2FhUFrDVOuYxGzky0WYLf%2BhaZQ2sTbioyktOG4EizvzjlkD5qJq5lbcGxDFHaR2z7bvo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a68bbabd86d4107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2-28-890x530.jpg
news1update.com/wp-content/uploads/2021/10/ 79 KB
80 KB 259ms
258ms Image
image/jpeg 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news1update.com/wp-content/uploads/2021/10/2-28-890x530.jpg

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ea53fe6a25fcfc3ba08a073ce0aa6911136230f3bc6932f638796650a7f76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 80866
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Oct 2021 15:57:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "617ac87c-13be2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8NpHOULGgqUhKzqTTzEYPNl7OipM71de%2BmpbkBJb1VDDpDgarTz2rtA%2FF%2BhskKieK2UrxkmxENLdInoj%2FCEyvSOQ0mRvhvRZWt4yMLunoUvssfkpEDmUqZJaSDy6NqYDD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a68bbabd86e4107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 4-1.png
news1update.com/wp-content/uploads/2021/10/ 790 KB
791 KB 238ms
237ms Image
image/png 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news1update.com/wp-content/uploads/2021/10/4-1.png

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b72bd9ce79f848fb7cc7284412ee93889fa605b53d11cdb2de201b583f45b207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 809100
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Oct 2021 11:02:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "617a8361-c588c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiuKDcx9jmDbU7KPN2jUxWrfD6ULsBooRpgzJP27NSGWiaRvqY8mvFvFDbVigSNZ0QtU1O90%2Fl2njaZOv9vQIzHFemXFauqUxuG4l%2FSfPiJ9AmUgFBKBHhowwAY8stWtN%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a68bbabd86f4107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2-26.jpg
news1update.com/wp-content/uploads/2021/10/ 66 KB
67 KB 331ms
330ms Image
image/jpeg 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news1update.com/wp-content/uploads/2021/10/2-26.jpg

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07e5007afa26b9ae1272c8dc08133e638a78295fcd11c6fce20f40f034b47879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 67464
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Oct 2021 10:47:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "617a7fc8-10788"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSvP82eJi09lJ2nHo%2FQ4mI2WLZT1xvnUafVmYh0YGQz8LFei7lGnpKZdgjCdJHngAXumBfG1mUUAYexD%2FPeOp7tjCjd1cO8BrdWRKhjuWvXcFomI7D0FAzA%2F47DJumQzzmU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a68bbabd8714107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 9-33.jpg
news1update.com/wp-content/uploads/2021/10/ 43 KB
43 KB 332ms
331ms Image
image/jpeg 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news1update.com/wp-content/uploads/2021/10/9-33.jpg

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81bd0da41f17663b10b74e5577d363921266d7f2521f06b4380c8ebe962c12fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 43568
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Oct 2021 07:02:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "617a4b20-aa30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTtUh8q7Szt3dqThKbSF8ZVpQS3bR0M4ribMmhDyJwFQ6Lr7S8bGDoNGVzRId4LfKkM%2FyDuVbR1gh855regisL5T09NVaT3WLrTsuRmKj2mxtIo%2Fy6rfVBsq4RNp1LOnT%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a68bbabd8734107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 9-32.jpg
news1update.com/wp-content/uploads/2021/10/ 32 KB
33 KB 198ms
197ms Image
image/jpeg 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news1update.com/wp-content/uploads/2021/10/9-32.jpg

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f3b4eff0e6fa4a74f5d6d4f00d391499df6c82587ec6ca7ad979ca6c88b5bed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 32984
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Oct 2021 05:50:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "617a3a43-80d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOjvnd0MD%2BoYutwEB8b5ACeFHCVKUOXkrKV5420C5CuxyyUpqTwDLyyV%2FjeJSwwW9kwKi3wtuLXfyvPJ3WzVM8Eaa97DUQDZXvisOuwvVX3Pv7gHVzw7HHOHEwVg9WmVj2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a68bbabd8744107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2-23.jpg
news1update.com/wp-content/uploads/2021/10/ 35 KB
36 KB 337ms
336ms Image
image/jpeg 104.21.82.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news1update.com/wp-content/uploads/2021/10/2-23.jpg

Requested by

Host: news1update.com
URL: https://news1update.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.82.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

675a746ad92eca8e952bc7a0e354119308e1644b35b15e2d8df78e06af44f7f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 36031
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Oct 2021 01:55:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "617a0304-8cbf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtITgx7Fd4JGYTNMdiVbHzB323b073P2ox2v4svHMDAPuZHynnYL6okAaS9850Af1XDm5xKb8s49BJ%2BpyMNG3NiT%2BhFNpkDSC9Dv2kPl8qsT9GRHrGwkhzEIr38ILHIxz%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a68bbabd8754107-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 8 KB
9 KB 30ms
8ms Script
application/javascript 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fnews1update.com%2F&j=
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 , France, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c9e1cd06e3a12fb721be06c096e20ac3d908f2efefc391cd727eda726b4ee916

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 00:23:09 GMT
X-T: 0.48
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: ger1
Expires: Sun, 31 Oct 2021 00:23:08 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame DDD8 1 KB
750 B 21ms
8ms Document
text/html 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=51A016356397899DA8D27DF0A1540B16
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fnews1update.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 , France, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5e19de66702be5638a177bc51e0aaf63751f2e08b6077f9ed160d3a76ab2b112

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 31 Oct 2021 00:23:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Sun, 31 Oct 2021 00:23:08 GMT
Cache-Control: no-cache
Content-Encoding: gzip

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 42ms
7ms Script
text/javascript 13.225.87.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fnews1update.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 71265
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Sat, 30 Oct 2021 04:35:25 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: VKuPDOWrJdcQP7NW6bQOwetlHrpSih55lQ_2CiDtP-C7gHzFy8fFSQ==

GET
H/1.1 204
No Content dtscout Show response
pd.sharethis.com/pd/ 0
88 B 64ms
8ms Script
text/plain 18.195.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pd.sharethis.com/pd/dtscout
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fnews1update.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.98.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-98-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 31 Oct 2021 00:23:09 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 21ms
8ms Script
application/javascript 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=news1update.com&_ss=2usi7d76sf&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=dfsr&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fnews1update.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 , France, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 615cb0510dfd48f64d407716d028cd6111941b26fb6bdb1ddeeda66f0d4ac9ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 00:23:09 GMT
X-T: 0.156
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sun, 31 Oct 2021 00:23:08 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 41 KB
13 KB 33ms
7ms Script
text/javascript 18.66.97.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fnews1update.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 352b946d2aa4d0b2da6236769fbb46cab48ee1d8378df1dd5b28aa84fa875536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 13:45:12 GMT
content-encoding: gzip
etag: W/"8f03358821acd3f05de8b930eb1e5ef2"
last-modified: Tue, 19 Oct 2021 13:13:55 GMT
server: AmazonS3
age: 38278
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: ZAg992zQe_7CPiNw5zyV_K6PUhcgeVk-oWDR0fnGtHB2hfkpsAoFvQ==

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
406 B 443ms
88ms Script
application/javascript 138.197.56.196
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A016356397899DA8D27DF0A1540B16&nid=0&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fnews1update.com%2F&r=
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fnews1update.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.197.56.196 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 00:06:09 GMT
X-T: 0.83
x-server: web2.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Sun, 31 Oct 2021 00:06:08 GMT

GET
H/1.1 200
OK 27675
tags.bluekai.com/site/ 62 B
329 B 212ms
152ms Image
image/gif 104.90.192.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27675?id=51A016356397899DA8D27DF0A1540B16&ret=html&phint=__bk_t%3Dnews1update%20-%20News%20%26%20Lotto&phint=__bk_l%3Dhttps%3A%2F%2Fnews1update.com%2F&r=26468934
Requested by: Host: news1update.com
URL: https://news1update.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.27 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 00:23:09 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: ce91
Content-Type: image/gif

GET
H/1.1

200
OK

33141
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A016356397899DA8D27DF0A1540B16
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=2731ec37409d29fc

62 B
304 B

168ms
156ms

Image
image/gif

104.90.192.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=2731ec37409d29fc
Requested by: Host: news1update.com
URL: https://news1update.com/
Protocol: HTTP/1.1
Server: 104.90.192.27 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 00:23:09 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=2731ec37409d29fc
content-length: 0

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
961 B 354ms
318ms Fetch
application/json 18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:09 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2, FRA56-P5
x-amzn-requestid: 74859b3a-03aa-419f-b3b3-3dbee717f54b
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: IDA9MEZRiYcFm9g=
content-length: 555
x-amz-cf-id: J9Md4pt-idUQXJjA6-0GQxQoowIWz0DGNbsvRmAkw495ksMZyS2dfA==

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
836 B 28ms
9ms Fetch
application/json 18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:18:15 GMT
content-encoding: gzip
server: restify
age: 293
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: https://news1update.com
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: A3GfU1VPZc_w1zJcXSyYtAuHGMYOac1eBLw5dgi1NAal1fu1ZGRVZg==
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)

GET
H2 200 / Show response
whos.amung.us/pingjs/ 28 B
144 B 329ms
109ms Script
text/javascript 67.202.94.86
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=vzptyclsbl&t=news1update%20-%20News%20%26%20Lotto&c=d&x=https%3A%2F%2Fnews1update.com%2F&y=&a=0&v=27&r=576
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.94.86 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 63a96089f62c87261296d9fc4b52feb0a65470980d527a5053e0b2f8a80a4001

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:10 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 22ms
8ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news1update.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 11:16:53 GMT
x-content-type-options: nosniff
age: 565577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 24 Oct 2022 11:16:53 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 75ms
21ms Script
application/javascript 104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:45 GMT
server: cloudflare
age: 20774
etag: W/"61295205-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a68bbb2ceba4131-PRG
expires: Wed, 03 Nov 2021 00:23:10 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 326ms
105ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!vzptyclsbl&lm=0&ts=1635639790545&dn=TC&iso=0&t=news1update%20-%20News%20%26%20Lotto&cu=https%3A%2F%2Fnews1update.com%2F
Requested by: Host: news1update.com
URL: https://news1update.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:10 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 330ms
106ms Script
application/javascript 208.100.17.181
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!vzptyclsbl&dn=TC&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip181.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:10 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Mon, 01 Nov 2021 00:23:11 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 106ms
105ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!vzptyclsbl&lm=0&ts=1635639790545&dn=TC&iso=0&t=news1update%20-%20News%20%26%20Lotto&cu=https%3A%2F%2Fnews1update.com%2F
Requested by: Host: news1update.com
URL: https://news1update.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:10 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 105ms
105ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!vzptyclsbl&lm=0&ts=1635639790545&dn=TC&iso=0&t=news1update%20-%20News%20%26%20Lotto
Requested by: Host: news1update.com
URL: https://news1update.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:11 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 105ms
105ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!vzptyclsbl&lm=0&ts=1635639790545&dn=TC&iso=0
Requested by: Host: news1update.com
URL: https://news1update.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:11 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 105ms
105ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!vzptyclsbl&lm=0&ts=1635639790545&dn=TC&iso=0
Requested by: Host: news1update.com
URL: https://news1update.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:11 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 106ms
105ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!vzptyclsbl&lm=0&ts=1635639790545&dn=TC&iso=0
Requested by: Host: news1update.com
URL: https://news1update.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:11 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 106ms
105ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!vzptyclsbl&lm=0&ts=1635639790545&dn=TC&iso=0
Requested by: Host: news1update.com
URL: https://news1update.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:11 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 415ms
400ms XHR
application/json 18.66.97.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: https://news1update.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 31 Oct 2021 00:23:12 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 13:13:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: W/"6db43f44304c37d76768275ee4f01ba4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 86400
x-cache: Miss from cloudfront
x-amz-cf-id: 1Chi74kZv_jZYAgGW_cSt1X7TDoK0d4MgHbGaWdRGL6_KW2fb1iDwQ==
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 625 B
1 KB 180ms
108ms XHR
application/json 63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 9739469a76bdfe323827fc70665490e4bcf16f28a0748599e59d159fa14716e1

Request headers

Referer: https://news1update.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 00:23:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://news1update.com
cache-control: no-cache
x-server: 10.45.28.236
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 625
expires: 0

POST
H2 200 a
a.dtssrv.com/ 0
562 B 272ms
227ms Ping
text/html 172.67.220.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=51A016356397899DA8D27DF0A1540B16&k=lotpano&v=88500ba0c96fb8572b7d1fd133654945a7020936872eddb27dd416d226668b54
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fnews1update.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.220.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news1update.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 31 Oct 2021 00:23:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQxXjKZ8ZvBWz27LByGILO01aMDe9IeX4Do44GM47%2FPOZlwzJFzfmihxV8YdZN0yLqOsG%2F7kr8sxz0AgwmvovTAmomr2CbXGB9OLTxZUevLSYT%2BOjzfWtU00bUU%2F%2BnE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 6a68bbbd19544137-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 78CD 2 KB
1 KB 7ms
7ms Document
text/html 18.66.97.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news1update.com/

Response headers

content-type: text/html
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sat, 30 Oct 2021 13:45:11 GMT
cache-control: max-age: 86400
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: o3uBBFtCPISm4ZVKqJFgABCd57p7F-WjlL3l69cTcBBCbx75AizUxw==
age: 38282

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 37BA 3 KB
4 KB 32ms
31ms Document
text/html 63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: cdfe7df0b801b6dbb1924acb800ae9ce48013f1f416af3f6d9f47765fb839635

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.crwdcntrl.net/

Response headers

date: Sun, 31 Oct 2021 00:23:12 GMT
content-type: text/html
content-length: 3487
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.3.216
server: Jetty(9.4.38.v20210224)

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 37BA 0
166 B 57ms
17ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D240%2Ftp%3DPUBM%2Ftpid%3D%23PM_USER_ID
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 37BA 70 B
265 B 99ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 00:23:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/lotame/1/ Frame 37BA 43 B
238 B 37ms
14ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lotame/1/cm
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sun, 31 Oct 2021 00:23:12 GMT
via: 1.1 varnish
server: nginx
x-timer: S1635639792.210327,VS0,VE9
x-served-by: cache-hhn4021-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

tpid=748cc2eb-77ea-471f-b14a-46aac58329a1
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 37BA
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=dd3bd72ca8297b89d77ecb1d6377a23b&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=dd3bd72ca8297b89d77ecb1d6377a23b&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=748cc2eb-77ea-471f-b14a-46aac58329a1

49 B
265 B

43ms
35ms

Image
image/gif

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=748cc2eb-77ea-471f-b14a-46aac58329a1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 00:23:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.28.236
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=748cc2eb-77ea-471f-b14a-46aac58329a1
date: Sun, 31 Oct 2021 00:23:12 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 37BA 0
0 65ms
21ms Image
text/html 104.16.91.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.91.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2

204

/
loadm.exelator.com/load/ Frame 37BA
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=260&buid=dd3bd72ca8297b89d77ecb1d6377a23b&j=0
https://loadm.exelator.com/load/?p=204&g=260&buid=dd3bd72ca8297b89d77ecb1d6377a23b&j=0&xl8blockcheck=1

0
755 B

8ms
8ms

Image
text/plain

18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=260&buid=dd3bd72ca8297b89d77ecb1d6377a23b&j=0&xl8blockcheck=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 18.198.126.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:12 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sun, 31 Oct 2021 00:23:12 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=260&buid=dd3bd72ca8297b89d77ecb1d6377a23b&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

403

tpid=72e57b36-fab1-4b4a-a9b3-5a03f6b5afde
sync.crwdcntrl.net/map/c=10492/tp=AVCT/ Frame 37BA
Redirect Chain

https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=72e57b36-fab1-4b4a-a9b3-5a03f6b5afde

49 B
269 B

31ms
31ms

Image
image/gif

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=72e57b36-fab1-4b4a-a9b3-5a03f6b5afde
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 00:23:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.20.110
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=72e57b36-fab1-4b4a-a9b3-5a03f6b5afde
date: Sun, 31 Oct 2021 00:23:12 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 111
content-type: text/html; charset=utf-8

GET
H2

200

tpid=25633436396905633952614128001398424601
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 37BA
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=dd3bd72ca8297b89d77ecb1d6377a23b&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=dd3bd72ca8297b89d77ecb1d6377a23b&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=25633436396905633952614128001398424601

49 B
263 B

34ms
34ms

Image
image/gif

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=25633436396905633952614128001398424601
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 00:23:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.0.11
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-irl1-2-v019-0dce097b6.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: jrw2FeetRns=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=25633436396905633952614128001398424601
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK identity
c.cintnetworks.com/ Frame 37BA 0
328 B 428ms
32ms Image
text/plain 51.144.7.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/identity?a=5461&id=Lotame:dd3bd72ca8297b89d77ecb1d6377a23b
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 00:23:12 GMT
Vary: Origin
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
Arr-Disable-Session-Affinity: true
Cache-Control: max-age=60, private, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5
Content-Length: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 37BA 0
338 B 106ms
30ms Image
text/plain 52.31.165.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=dd3bd72ca8297b89d77ecb1d6377a23b
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.165.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-165-105.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 00:23:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1635639792
x-served-by: beacon-n023-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

image.sbxx
ib.mookie1.com/ Frame 37BA
Redirect Chain

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=dd3bd72ca8297b89d77ecb1d6377a23b
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=dd3bd72ca8297b89d77ecb1d6377a23b

120 B
992 B

1053ms
175ms

Image
image/png

64.58.232.180
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=dd3bd72ca8297b89d77ecb1d6377a23b
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Server: 64.58.232.180 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 00:23:13 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3p: CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: LAS04
Content-Type: image/png
Content-Length: 120
Expires: -1

Redirect headers

Date: Sun, 31 Oct 2021 00:23:35 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Location: https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=dd3bd72ca8297b89d77ecb1d6377a23b
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: private
X-Server: NY08
Content-Type: text/html; charset=utf-8
Content-Length: 217

GET
H/1.1 200
OK utsync.ashx
ml314.com/ Frame 37BA 43 B
422 B 135ms
29ms Image
image/gif 52.211.195.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=dd3bd72ca8297b89d77ecb1d6377a23b&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.195.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-195-119.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 00:23:12 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Sun, 31 Oct 2021 20:23:12 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 37BA
Redirect Chain

https://ps.eyeota.net/match?bid=51mdg9u&uid=dd3bd72ca8297b89d77ecb1d6377a23b
https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=dd3bd72ca8297b89d77ecb1d6377a23b
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mml0NTJQZ1VMSC0zUTdaNi1OWFVObjVMWFBEX3I2Y1ZyMnRiQkNZS3JzLW8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mml0NTJQZ1VMSC0zUTdaNi1OWFVObjVMWFBEX3I2Y1ZyMnRiQkNZS3JzLW8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_gid=CAESEENWDTO09t_-eQv-opbOzI8&google_cver=1
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u&
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3665776821317688752&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u&
https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26
https://ps.eyeota.net/match?bid=7vi0rg0&uid=f5c7617d-e1f0-4b00-a258-cedb0d77a3c4&dc_rc=3&dc_mr=5&dc_orig=51mdg9u&
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26&_test=YX3h8A...
https://ps.eyeota.net/match?uid=YX3h8AAA6YwllQBG&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=51mdg9u&&_test=YX3h8AAA6YwllQBG
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1
https://ps.eyeota.net/match?uid=d2db0df8-2eac-4aa4-8d6d-32a92cb79714&bid=1e2n4ou

70 B
440 B

10ms
9ms

Image
image/gif

18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=d2db0df8-2eac-4aa4-8d6d-32a92cb79714&bid=1e2n4ou
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 00:23:12 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sun, 31 Oct 2021 00:23:12 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ps.eyeota.net/match?uid=d2db0df8-2eac-4aa4-8d6d-32a92cb79714&bid=1e2n4ou
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 191

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 37BA 43 B
408 B 52ms
12ms Image
image/gif 72.251.241.204
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 00:23:12 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-6
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 37BA
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=f5c7617d-e1f0-4b00-a258-cedb0d77a3c4

49 B
265 B

34ms
34ms

Image
image/gif

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=f5c7617d-e1f0-4b00-a258-cedb0d77a3c4
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 00:23:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.30.203
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Sun, 31 Oct 2021 00:23:12 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=f5c7617d-e1f0-4b00-a258-cedb0d77a3c4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 31 Oct 2021 00:23:11 GMT

GET
H2

200

tpid=af15f52b-d9fa-45d3-8460-5e9b43b02902-617de1f0-5553
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 37BA
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=af15f52b-d9fa-45d3-8460-5e9b43b02902-617de1f0-5553

49 B
264 B

34ms
34ms

Image
image/gif

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=af15f52b-d9fa-45d3-8460-5e9b43b02902-617de1f0-5553
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 00:23:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.3.216
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 31 Oct 2021 00:23:11 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=af15f52b-d9fa-45d3-8460-5e9b43b02902-617de1f0-5553
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 37BA 0
214 B 677ms
165ms Image
text/plain 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=dd3bd72ca8297b89d77ecb1d6377a23b&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.141 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5daa34953a867809056448757b76591b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

tpid=ujywheiG1MGYCY5
sync.crwdcntrl.net/map/c=1818/tp=DTXU/ Frame 37BA
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_
https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=ujywheiG1MGYCY5

49 B
265 B

34ms
34ms

Image
image/gif

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=ujywheiG1MGYCY5
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 00:23:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.27.158
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 00:23:11 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=ujywheiG1MGYCY5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

tpid=YX3h8AAAAhxyvQBR&_test=YX3h8AAAAhxyvQBR
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 37BA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YX3h8AAAAhxyvQBR
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YX3h8AAAAhxyvQBR&_test=YX3h8AAAAhxyvQBR

49 B
265 B

35ms
34ms

Image
image/gif

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YX3h8AAAAhxyvQBR&_test=YX3h8AAAAhxyvQBR
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 00:23:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.30.203
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 31 Oct 2021 00:23:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1635639793.508741,VS0,VE0
x-served-by: cache-fra19153-FRA
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YX3h8AAAAhxyvQBR&_test=YX3h8AAAAhxyvQBR
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 37BA 170 B
188 B 17ms
17ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 00:23:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame 37BA 62 B
304 B 166ms
166ms Image
image/gif 104.90.192.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=3fcd7af6446b5b0c589fb921ba902010
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.27 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 00:23:12 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

tpid=3737834415355616688
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 37BA
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/dd3bd72ca8297b89d77ecb1d6377a23b/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3737834415355616688

49 B
264 B

34ms
34ms

Image
image/gif

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3737834415355616688
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 00:23:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.26.61
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3737834415355616688
pragma: no-cache
date: Sun, 31 Oct 2021 00:23:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=586123951/tpid=8351387298563148106/ Frame 37BA
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=586123951%2Ftpid%3D%24UID%2Ftp%3DANXS
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D586123951%252Ftpid%253D%2524UID%252Ftp%253DANXS
https://sync.crwdcntrl.net/map/c=281/rand=586123951/tpid=8351387298563148106/tp=ANXS

49 B
264 B

36ms
36ms

Image
image/gif

63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=586123951/tpid=8351387298563148106/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C49%2C42%2C38%2C33%2C31%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 00:23:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.12.28
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 00:23:12 GMT
X-Proxy-Origin: 216.131.114.126; 216.131.114.126; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b546dbb1-acef-4c6e-bd98-3b3df1b9ba46
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=586123951/tpid=8351387298563148106/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

223 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dtscout.com/	1970-01-19 22:20:44	Name: m Value: 1
.dtscout.com/	1970-01-19 22:20:57	Name: b Value: 1
.dtscout.com/	1970-01-19 22:20:43	Name: st Value: 1
.dtscout.com/	1970-01-19 22:20:54	Name: oa Value: 1
.dtscout.com/	1970-01-20 00:44:39	Name: df Value: 1635639789
.dtscout.com/	1970-01-20 00:28:49	Name: l Value: 51A016356397899DA8D27DF0A1540B16
.news1update.com/	1970-01-20 00:25:56	Name: __dtsu Value: 51A016356397899DA8D27DF0A1540B16
.onaudience.com/	1970-01-20 07:06:15	Name: cookie Value: e6b0dbf43b107380
.onaudience.com/	1970-01-19 22:22:06	Name: done_redirects109 Value: 1
.dtscdn.com/	1970-01-20 02:38:25	Name: uid Value: 51A016356397899DA8D27DF0A1540B16
news1update.com/	1970-01-20 07:06:15	Name: cookielawinfo-checkbox-necessary Value: yes
news1update.com/	1970-01-20 07:06:15	Name: cookielawinfo-checkbox-non-necessary Value: yes
.crwdcntrl.net/	1970-01-20 04:49:26	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 04:49:26	Name: _cc_id Value: dd3bd72ca8297b89d77ecb1d6377a23b
.crwdcntrl.net/	1970-01-20 04:49:27	Name: _cc_cc Value: "ACZ4XmNQSEkxTkoxN0pOtDCyNE%2BysEwxN09NTjJMMTM2N080Mk5iAILE2ocfQDQE8D5v%2FazB%2BFGW4T8jI8PxTVNYYOyPny1hzOV%2FCuEqjh5ihrEvnXrEBmPv3ndZAMb%2B0HAfzj68eA7cxOkn1GFK3i1BCP%2Fu6tKBia%2FZ8JQbxgYA6SFDdg%3D%3D"
.crwdcntrl.net/	1970-01-20 04:49:27	Name: _cc_aud Value: "ABR4XmNgYGBIrH34AUhBADMDw6JWMJNrBohkfFgPJAF8DgXd"
.news1update.com/	1970-01-20 04:49:27	Name: _cc_id Value: dd3bd72ca8297b89d77ecb1d6377a23b
.news1update.com/	1970-01-20 04:49:27	Name: _cc_cc Value: ACZ4XmNQSEkxTkoxN0pOtDCyNE%2BysEwxN09NTjJMMTM2N080Mk5iAILE2ocfQDQE8D5v%2FazB%2BFGW4T8jI8PxTVNYYOyPny1hzOV%2FCuEqjh5ihrEvnXrEBmPv3ndZAMb%2B0HAfzj68eA7cxOkn1GFK3i1BCP%2Fu6tKBia%2FZ8JQbxgYA6SFDdg%3D%3D
.news1update.com/	1970-01-20 04:49:27	Name: _cc_aud Value: ABR4XmNgYGBIrH34AUhBADMDw6JWMJNrBohkfFgPJAF8DgXd
.news1update.com/	1970-01-19 22:30:44	Name: panoramaId_expiry Value: 1636244592024
.news1update.com/	1970-01-19 22:30:44	Name: panoramaId Value: 88500ba0c96fb8572b7d1fd133654945a7020936872eddb27dd416d226668b54
.tapad.com/	1970-01-19 23:47:03	Name: TapAd_TS Value: 1635639792210
.tapad.com/	1970-01-19 23:47:03	Name: TapAd_DID Value: 748cc2eb-77ea-471f-b14a-46aac58329a1
.tapad.com/	1970-01-19 23:47:03	Name: TapAd_3WAY_SYNCS Value:
.eyeota.net/	1970-01-20 07:06:15	Name: mako_uid Value: 17cd3ba929f-7cee0000010f49e1
.eyeota.net/	1970-01-19 22:20:40	Name: SERVERID Value: 18913~DM
.krxd.net/	1970-01-20 02:39:51	Name: _kuid_ Value: Oc-kZwIe
.exelator.com/	1970-01-20 01:13:27	Name: EE Value: "d2726c36a0ad8a0843e87874803843ce"
.exelator.com/	1970-01-20 01:13:27	Name: ud Value: "eJxrXxzq6XKLQSHFyNzILNnYLNEgMcUi0cDCxDjVwtzC3MTCwBjITk5dXJZatGBpaXFqStKhJRU5JTlNq8viQx3j3Rx9PX0ilzlnFOXnpq4AC4W5Bi2yNF2SX5SZvsjFdXFRShrDopLiU8H7Mu8CAFH8KeY%253D"
.demdex.net/	1970-01-20 02:39:51	Name: demdex Value: 25633436396905633952614128001398424601
ads.avct.cloud/	1970-01-20 07:06:15	Name: uuid Value: 72e57b36-fab1-4b4a-a9b3-5a03f6b5afde
.sitescout.com/	1970-01-20 07:06:15	Name: ssi Value: af15f52b-d9fa-45d3-8460-5e9b43b02902#1635639792351
.mathtag.com/	1970-01-20 07:46:34	Name: uuid Value: f5c7617d-e1f0-4b00-a258-cedb0d77a3c4
.w55c.net/	1970-01-20 07:49:27	Name: wfivefivec Value: ujywheiG1MGYCY5
.dpm.demdex.net/	1970-01-20 02:39:51	Name: dpm Value: 25633436396905633952614128001398424601
.w55c.net/	1970-01-19 23:03:51	Name: matchlotame Value: 5
.sitescout.com/	1970-01-19 23:03:51	Name: _ssuma Value: eyI3IjoxNjM1NjM5NzkyMzc1fQ
.doubleclick.net/	1970-01-20 15:51:51	Name: IDE Value: AHWqTUnuZn0TneSOFo4KMnqMhslNjcWPS1_KeRAa-ivDPaENhWjY-Rhyow8ymUGtTEg
.adnxs.com/	1970-01-20 00:30:15	Name: uuid2 Value: 8351387298563148106
.turn.com/	1970-01-20 02:39:51	Name: uid Value: 3737834415355616688
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 0iatpm224ho52osqds20hdhj
.everesttech.net/	1970-01-20 07:06:15	Name: everest_g_v2 Value: g_surferid~YX3h8AAA6YwllQBG
.adsrvr.org/	1970-01-20 07:06:15	Name: TDID Value: d2db0df8-2eac-4aa4-8d6d-32a92cb79714
.adsrvr.org/	1970-01-20 07:06:15	Name: TDCPM Value: CAEYBSABKAIyCwi8w96w64OOOhAFOAE.
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: hbahmpyzo4bwurll0u0vizss
.ib.mookie1.com/	1970-01-20 07:06:15	Name: ibkukiuno Value: s=aee78116-d262-4f21-8189-259eb08dd202&h=&v=2743071794&l=-8585659670919615879&op=&hl=0&vlu=3&tcs=1&dcc=-8585659670919615879
.ib.mookie1.com/	1970-01-20 07:06:15	Name: ibkukinet Value: 3632493182=-8585659670919615879

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=72e57b36-fab1-4b4a-a9b3-5a03f6b5afde Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
ads.avct.cloud
ads.avocet.io
bcp.crwdcntrl.net
beacon.krxd.net
c.cintnetworks.com
cdn.tynt.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
d.turn.com
de.tynt.com
dmp.truoptik.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
global.ib-ibi.com
ib.mookie1.com
ic.tynt.com
image6.pubmatic.com
loadm.exelator.com
match.adsrvr.org
ml314.com
news1update.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pd.sharethis.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
secure.adnxs.com
secure.gravatar.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
trc.taboola.com
waust.at
whos.amung.us
104.16.91.60
104.18.29.199
104.21.82.81
104.26.4.7
104.90.192.27
13.225.87.108
138.197.56.196
142.250.184.234
142.250.185.194
142.250.186.67
146.59.148.16
151.101.2.49
151.101.65.44
172.67.220.51
18.184.216.10
18.195.98.10
18.198.126.47
18.66.112.41
18.66.97.109
185.29.134.248
185.64.190.78
192.0.73.2
208.100.17.181
3.124.143.99
3.33.220.150
35.227.248.159
37.252.172.38
46.228.164.13
51.144.7.192
51.89.24.70
52.211.195.119
52.30.48.112
52.31.165.105
54.170.158.38
63.35.242.195
64.58.232.180
66.155.71.150
67.202.105.32
67.202.94.86
69.16.175.42
69.169.86.38
72.251.241.204
8.39.36.141
002ad1a6e4e07d4a7d8ae2e0af020e781fb995d17895a4e493afee7e5d06d8f2
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07e5007afa26b9ae1272c8dc08133e638a78295fcd11c6fce20f40f034b47879
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8
284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
352b946d2aa4d0b2da6236769fbb46cab48ee1d8378df1dd5b28aa84fa875536
39ee74b012ce71587daf1738e5d476630d84a7f33d922a512319c5af0c762eac
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d
405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
4b2467f4d0e26b9ca7d9694038a7edbadbbc17cb3afd5c3165495568d63f18ea
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
565792988e0024c0052af3e0806bc478c6ac97e2ecd1de917feb2695130f2089
584d623ec3125bfc106a88a57bfccb15faf6ec72547191f81b894612ad910cc1
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e19de66702be5638a177bc51e0aaf63751f2e08b6077f9ed160d3a76ab2b112
601be129c09bdbb9d98f8f14521bd693a0569aaa88a1b3e2b526f47210240c63
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
615cb0510dfd48f64d407716d028cd6111941b26fb6bdb1ddeeda66f0d4ac9ae
63a96089f62c87261296d9fc4b52feb0a65470980d527a5053e0b2f8a80a4001
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
63ea53fe6a25fcfc3ba08a073ce0aa6911136230f3bc6932f638796650a7f76e
675a746ad92eca8e952bc7a0e354119308e1644b35b15e2d8df78e06af44f7f7
6cf291201b76e17fdbfb732933a2738cba6b4fa9308a29c86994047aa354883a
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
75e4c2fc4a1a88461c0398b19907efc9ab4bb82ea97943b3aa8b914d890700be
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
815b6b017603cc5457b47210e2f4dcb129266a5c1564a20cc24b8c1d741fbc67
81bd0da41f17663b10b74e5577d363921266d7f2521f06b4380c8ebe962c12fd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f2e258f84db518c0cfd9e34c228ed2557eb3fdf17de6a318b28bb7d27bbe05a
8f3b4eff0e6fa4a74f5d6d4f00d391499df6c82587ec6ca7ad979ca6c88b5bed
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
9739469a76bdfe323827fc70665490e4bcf16f28a0748599e59d159fa14716e1
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ac0b0aac509f80123428ddecca386d4e69c8e6c9be60e3843fadf5633a81603c
aff01a147aeccc9b70a5efad1f2362fd709f3316296ec460d94aa7d31decdb37
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b67f719329c8ddc8b86b8eb5559c3d35caaa32de6546fc2f910f9e23fa85103b
b72bd9ce79f848fb7cc7284412ee93889fa605b53d11cdb2de201b583f45b207
bd7f3e58b5e81608301fbb1138d966412f4be8381812d42b380e75076ada5747
bf3e93a14e4c70610e6ce91c336d0e16e03a9d04af43aacbd242047df3016c36
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c9e1cd06e3a12fb721be06c096e20ac3d908f2efefc391cd727eda726b4ee916
cceb44ae76f84a02f9598cf9c339945ff502fa5e56269c86062d760c184069cb
ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93
cdfe7df0b801b6dbb1924acb800ae9ce48013f1f416af3f6d9f47765fb839635
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
fcc650dabdeef66e791d2159bddf7e6ec415841c265e2e121bfdf8da9f898837

news1update.com Open in urlscan Pro 104.21.82.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

94 Requests

86 %HTTPS

0 %IPv6

40 Domains

46 Subdomains

33 IPs

8 Countries

1791 kBTransfer

2469 kBSize

47 Cookies

3 Outgoing links

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

news1update.com Open in urlscan Pro
104.21.82.81 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

86 %
HTTPS

0 %
IPv6

40
Domains

46
Subdomains

33
IPs

8
Countries

1791 kB
Transfer

2469 kB
Size

47
Cookies

94 HTTP transactions
1 data transactions