news.1st.com Open in urlscan Pro
13.115.182.240 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://news.1st.com/
Effective URL:
https://news.1st.com/
Submission: On October 14 via api (October 14th 2022, 8:31:52 pm UTC) from US — Scanned from DE

Summary HTTP 100 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 41 IPs in 7 countries across 37 domains to perform 100 HTTP transactions. The main IP is 13.115.182.240, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is news.1st.com.
TLS certificate: Issued by R3 on September 2nd 2022. Valid for: 3 months.

This is the only time news.1st.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	13.115.182.240 13.115.182.240	16509 (AMAZON-02) (AMAZON-02)
35	2600:9000:218... 2600:9000:2182:2e00:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	52.222.232.39 52.222.232.39	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223c:e00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	96.16.144.106 96.16.144.106	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 5	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
3	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 2	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	54.76.60.98 54.76.60.98	16509 (AMAZON-02) (AMAZON-02)
1	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
1	23.36.156.23 23.36.156.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.156.102.147 18.156.102.147	16509 (AMAZON-02) (AMAZON-02)
1 1	108.138.17.14 108.138.17.14	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	52.55.72.99 52.55.72.99	14618 (AMAZON-AES) (AMAZON-AES)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4264:54e8:ad4c:a4b8:acf6	14618 (AMAZON-AES) (AMAZON-AES)
1	52.212.110.18 52.212.110.18	16509 (AMAZON-02) (AMAZON-02)
1	52.30.33.235 52.30.33.235	16509 (AMAZON-02) (AMAZON-02)
1 2	35.156.18.160 35.156.18.160	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
100	41

2 13.115.182.240 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-182-240.ap-northeast-1.compute.amazonaws.com

news.1st.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2600:9000:2182:2e00:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-39.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

10688233.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:e00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.16.144.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-144-106.deploy.static.akamaitechnologies.com

us.connextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20829737p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.101 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.60.98 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-60-98.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.156.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-156-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.102.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-102-147.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.14 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-14.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.72.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-72-99.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.200.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:54e8:ad4c:a4b8:acf6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.110.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-110-18.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.33.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-33-235.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.18.160 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-18-160.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	website-files.com assets.website-files.com — Cisco Umbrella Rank: 11585	9 MB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 565 b.clarity.ms — Cisco Umbrella Rank: 5269 c.clarity.ms — Cisco Umbrella Rank: 1062	26 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	282 B
6	gstatic.com fonts.gstatic.com	214 KB
5	rfihub.com 2 redirects 20829737p.rfihub.com a.rfihub.com — Cisco Umbrella Rank: 3032 p.rfihub.com — Cisco Umbrella Rank: 740	7 KB
4	doubleclick.net 2 redirects 10688233.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	2 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 379 c.bing.com — Cisco Umbrella Rank: 236	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	192 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 578	607 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 572	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 344	107 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 214	2 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6045 adservice.google.de — Cisco Umbrella Rank: 8724	1 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 547	610 B
2	t.co t.co — Cisco Umbrella Rank: 483	581 B
2	connextra.com us.connextra.com — Cisco Umbrella Rank: 30254
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	132 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306 fonts.googleapis.com — Cisco Umbrella Rank: 44	8 KB
2	1st.com 1 redirects news.1st.com	11 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 528	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 474	377 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1115	183 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1189	191 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 2003	109 B
1	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 1751	779 B
1	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1148	105 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 570	616 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1010	344 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 347	239 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5384	6 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 624	15 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
100	37

	Domain	Requested by
35	assets.website-files.com	news.1st.com assets.website-files.com
6	www.facebook.com	news.1st.com
6	fonts.gstatic.com	fonts.googleapis.com
3	p.rfihub.com	2 redirects news.1st.com
3	b.clarity.ms	www.clarity.ms
3	bat.bing.com	www.googletagmanager.com bat.bing.com news.1st.com
3	connect.facebook.net	news.1st.com connect.facebook.net
2	c.clarity.ms	1 redirects
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects news.1st.com
2	sync.search.spotxchange.com	1 redirects news.1st.com
2	dsum-sec.casalemedia.com	1 redirects news.1st.com
2	idsync.rlcdn.com	news.1st.com
2	dpm.demdex.net	1 redirects news.1st.com
2	ib.adnxs.com	1 redirects news.1st.com
2	analytics.twitter.com	news.1st.com
2	t.co	news.1st.com
2	us.connextra.com	www.googletagmanager.com
2	10688233.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.clarity.ms	news.1st.com www.clarity.ms
2	www.googletagmanager.com	news.1st.com
2	news.1st.com	1 redirects
1	c.bing.com	1 redirects
1	adservice.google.de	adservice.google.com
1	beacon.krxd.net	news.1st.com
1	aa.agkn.com	news.1st.com
1	partners.tremorhub.com	news.1st.com
1	x.dlx.addthis.com	news.1st.com
1	bpi.rtactivate.com	news.1st.com
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	news.1st.com
1	contextual.media.net	news.1st.com
1	ps.eyeota.net	news.1st.com
1	pixel.rubiconproject.com	news.1st.com
1	a.rfihub.com	news.1st.com
1	cm.g.doubleclick.net	1 redirects
1	www.google.de	news.1st.com
1	www.google.com	news.1st.com
1	adservice.google.com	10688233.fls.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	20829737p.rfihub.com	c1.rfihub.net
1	c1.rfihub.net	news.1st.com
1	static.ads-twitter.com	www.googletagmanager.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	news.1st.com
1	ajax.googleapis.com	news.1st.com
100	47

This site contains links to these domains. Also see Links.

Domain
www.pegasusworldcup.com
1st.com
www.1st.com
apps.apple.com
1stbet.com
auth.1st.com
app.1st.com
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
news.1st.com R3	`2022-09-02` - `2022-12-01`	3 months	crt.sh
*.website-files.com Amazon	`2022-10-12` - `2023-11-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-24` - `2022-10-22`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.rfihub.net Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.connextra.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-26` - `2023-05-26`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-05-24`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
rtactivate.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://news.1st.com/
Frame ID: 26BC7329FEFDB90B92D6753715066E79
Requests: 76 HTTP requests in this frame

Frame: https://10688233.fls.doubleclick.net/activityi;dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F
Frame ID: EF3CE3CC19FADED64771F70509062094
Requests: 1 HTTP requests in this frame

Frame: https://20829737p.rfihub.com/ca.html?ver=9&rb=43518&ca=20829737&_o=43518&_t=20829737&pe=https%3A%2F%2Fnews.1st.com%2F&pf=&ra=5300633418460599
Frame ID: F84907DDCBBD721D72FD330642218FE6
Requests: 19 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F
Frame ID: BCE2F9BB7F78ABBA6732A9FF80B477E5
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F
Frame ID: FDFDCDB9A8F3283893A0294C759EF99F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9491FD737D68C13B2AF662A364BAFD0E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 77B6AFFA597BE461359900C441BADA69
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Daily Horse Racing Picks & News by 1/ST BETLooking for free Daily Horse Racing News & Horse Racing Picks? We’ve got you covered. Our experts (including Eddie Olczyk, Jeff Siegel and Johnny D) analyze horse racings biggest races to bring you their expert analysis & insights every day.

Page URL History Show full URLs

http://news.1st.com/ HTTP 301
https://news.1st.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

100
Requests

90 %
HTTPS

39 %
IPv6

37
Domains

47
Subdomains

41
IPs

7
Countries

9688 kB
Transfer

12767 kB
Size

41
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pegasusworldcup.com/
Title: OFFICIAL APP OF

Search URL Search Domain Scan URL

URL: https://1st.com/bet/promotions
Title: PROMOTIONS

Search URL Search Domain Scan URL

URL: https://www.1st.com/bet/how-to-use-1-st-bet
Title: HOW TO

Search URL Search Domain Scan URL

URL: https://1st.com/bet/betting-factors
Title: FACTORS

Search URL Search Domain Scan URL

URL: http://www.1st.com/bet

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/1-st-bet-horse-race-betting/id1446768506
Title: Download

Search URL Search Domain Scan URL

URL: https://1stbet.com/
Title: 1stbet.com

Search URL Search Domain Scan URL

URL: http://1st.com/bet

Search URL Search Domain Scan URL

URL: https://1stbet.com/?_ga=2.209782290.686464037.1600959745-2126987056.1586973470
Title: SIGN UP

Search URL Search Domain Scan URL

URL: https://auth.1st.com/login?state=g6Fo2SA1UGR4YjVPMDE2TGZuMWdqSGFkdUxiZ0pNbV9DWHpRa6N0aWTZIHg1OHhMZWdtZzZfcTlEREh2eGY3blFxWDZqdkxpNW5Zo2NpZNkgN3lRUURnNzFSS2tPOXllNHB5WXV0cGNuRVVFMDBudmY&client=7yQQDg71RKkO9ye4pyYutpcnEUE00nvf&protocol=oauth2&redirect_uri=https%3A%2F%2F1stbet.com%2F&audience=https%3A%2F%2Fapi.1stbet.com&scope=openid%20profile%20email%20address%20phone%20read%3Atransactions%20read%3Axpressbet_pin%20read%3Atickets%20read%3Auser_identities%20delete%3Auser_identities&response_type=code&response_mode=query&nonce=RHZlc2d6aUpMTGlDckk3UE9aR0RwVDJuekRRUC5rWGNLbGQ0QU9hZVYuWQ%3D%3D&code_challenge=atXM8RhAWd_379mYXyC-Z73dtLmu84I1BBZawvxmRo4&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTIuMCJ9
Title: LOG IN

Search URL Search Domain Scan URL

URL: https://www.1st.com/bet/promotions
Title: CURRENT OFFERS

Search URL Search Domain Scan URL

URL: https://app.1st.com/terms
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://app.1st.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://1st.com/problem-gambling
Title: Problem Gambling

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1stbet/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/1stbet/

Search URL Search Domain Scan URL

URL: https://twitter.com/1stbet

Search URL Search Domain Scan URL

URL: https://1st.com/bet/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://news.1st.com/ HTTP 301
https://news.1st.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://10688233.fls.doubleclick.net/activityi;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F HTTP 302
https://10688233.fls.doubleclick.net/activityi;dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F

Request Chain 75

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMTA3NzcyMjg2NDUwODA2NQ==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEC4t3am9xiqmXoLxACz4JhQ&google_cver=1

Request Chain 76

https://ib.adnxs.com/setuid?entity=18&code=5131077722864508065 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5131077722864508065

Request Chain 78

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5131077722864508065&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5131077722864508065&redir=

Request Chain 79

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5131077722864508065&bid=omt9pi0

Request Chain 82

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5131077722864508065&referrer=https%3A%2F%2Fnews.1st.com%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=d38f27e5-7c38-4eb2-9e43-1ff2665049c4%3A1665779506.6388278&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd38f27e5-7c38-4eb2-9e43-1ff2665049c4%253A1665779506.6388278 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=d38f27e5-7c38-4eb2-9e43-1ff2665049c4%3A1665779506.6388278

Request Chain 84

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5131077722864508065&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5131077722864508065&forward=&C=1

Request Chain 87

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5131077722864508065&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5131077722864508065&img=1&__user_check__=1&sync_id=392fe485-4bff-11ed-a47d-194044dd0306

Request Chain 91

https://x.bidswitch.net/sync?dsp_id=119&user_id=5131077722864508065&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5131077722864508065&expires=30

Request Chain 92

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y0nHMgAAAOvSFQAW HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y0nHMgAAAOvSFQAW&_test=Y0nHMgAAAOvSFQAW

Request Chain 96

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=E2EFE3219E904212899AD35019AA2199&RedC=c.clarity.ms&MXFR=1F92877F12C66950292F954216C667CC HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=E2EFE3219E904212899AD35019AA2199&MUID=2A7C2D41AE14686C25F13F7CAF656964

100 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
news.1st.com/
Redirect Chain

http://news.1st.com/
https://news.1st.com/

46 KB
11 KB

1300ms
511ms

Document
text/html

13.115.182.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://news.1st.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.115.182.240 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-115-182-240.ap-northeast-1.compute.amazonaws.com

Software

openresty /

Resource Hash

c6ef32eeaeab2f603ec95b8c6ac6f423ff1bde4b26e3fddaa935c8d630499743

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 934
content-encoding: gzip
content-length: 10445
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Fri, 14 Oct 2022 20:31:44 GMT
server: openresty
vary: x-wf-forwarded-proto, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-cluster-name: ap-northeast-1-prod-edge-blue
x-frame-options: SAMEORIGIN
x-lambda-id: ec9c65e4-b030-4643-9d1f-0265f3682577
x-served-by: cache-iad-kjyo7100034-IAD, cache-tyo11979-TYO
x-timer: S1665779505.613881,VS0,VE175

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Fri, 14 Oct 2022 20:31:43 GMT
Location: https://news.1st.com/
Server: openresty

GET
H2 200 cms-1stbet.caf649661.min.css
assets.website-files.com/5f49632a2373348fd8d5703f/css/ 2 MB
206 KB 539ms
463ms Stylesheet
text/css 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9e33d57f4c6118ff345124752c7bacd6f75bd13d8613e254ddf03ba67ee3b83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:31:46 GMT
content-encoding: gzip
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
x-amz-version-id: ii9F9eKs3U1CbmP2WqFQ5iYPKI2cv129
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 209835
last-modified: Fri, 14 Oct 2022 20:16:00 GMT
server: AmazonS3
etag: "6f61cd82bcacf118f4256e030c5ae01e"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: _29hPnCT-HqyOEWKHNTljO80BiXEg0s5SrhnV74xG-_s0QhiNd_IJg==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 118ms
36ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 12:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Oct 2023 12:13:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 142ms
57ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-167213651-1

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c07107795e9db7d88ee19cae3c3f79c7a916e3849d0d99781f8bbc35b8b733b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:31:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42485
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 18:31:20 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Oct 2022 20:31:45 GMT

GET
H2 200 5f6e63ef808ba200ad9ff48b_1ST_Bet_Icon.svg
assets.website-files.com/5d8134a2d081e347ce0c05a3/ 4 KB
2 KB 20ms
20ms Image
image/svg+xml 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5d8134a2d081e347ce0c05a3/5f6e63ef808ba200ad9ff48b_1ST_Bet_Icon.svg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 824098fe6e570d75660cb558dd2cf6bd0bd1398142129b51d06b9dae24631b7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:58:05 GMT
content-encoding: br
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
x-amz-version-id: VU7xQvwymUrz_6QgspJYlJJL8Ky2div3
last-modified: Fri, 25 Sep 2020 21:41:04 GMT
server: AmazonS3
age: 2118821
x-amz-cf-pop: DUS51-C1
etag: W/"1edff13047f5e842142ce53a0608c012"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: iwos228LY-m9LZDdCbYRdA2tXHajBUuO_0jugUxBYC-oFyzwk51Pcw==

GET
H2 200 5f6e63ef808ba268359ff48c_icon-menu.svg
assets.website-files.com/5d8134a2d081e347ce0c05a3/ 408 B
838 B 19ms
18ms Image
image/svg+xml 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5d8134a2d081e347ce0c05a3/5f6e63ef808ba268359ff48c_icon-menu.svg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21bec19e3d1451b29eff8fb3a274c8710e0c564b764bd40192fe9f162d7964af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 07:04:08 GMT
x-amz-version-id: .S2ukquo7lSterGEbT7040tJzgeJXBBh
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified: Fri, 25 Sep 2020 21:41:05 GMT
server: AmazonS3
age: 48458
x-amz-cf-pop: DUS51-C1
etag: "620e44506d6924ddcffd171856bd0815"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 408
x-amz-cf-id: KbLixS0kN6e4qQXESxRKWPkpqCLWT3NhKDgPdJMe8MgUSwhRT8aH7w==

GET
H2 200 5f6e63ef808ba264479ff48e_icon-x.svg
assets.website-files.com/5d8134a2d081e347ce0c05a3/ 311 B
741 B 19ms
19ms Image
image/svg+xml 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5d8134a2d081e347ce0c05a3/5f6e63ef808ba264479ff48e_icon-x.svg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4887432b1a4d9da8b936f1c85deedeca55091445247a470d366c73a5d0eaf43b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:20:14 GMT
x-amz-version-id: iPOf85ro7Z_MqY4Sisggrs1c08JeAWvI
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified: Fri, 25 Sep 2020 21:41:05 GMT
server: AmazonS3
age: 699092
x-amz-cf-pop: DUS51-C1
etag: "071fe7984c203851cdee4b1cd1bbc619"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 311
x-amz-cf-id: D26NClWJBLMWnLwvIqIBuzExjey1D47nNBqRX-gi6jZPsFoEfs4BtA==

GET
H2 200 5f49632bc0bd610c8e231662_icon-chevron-up.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ 211 B
642 B 25ms
25ms Image
image/svg+xml 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5f49632bc0bd610c8e231662_icon-chevron-up.svg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8919a5a218fb212d5aff4277b8ecb1e2c90be57b3c0dd96694c905bf0b5a448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 19:49:01 GMT
x-amz-version-id: INrJnK02rlNPFqxB_mTq8rYlKA2mezBv
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified: Fri, 28 Aug 2020 20:03:57 GMT
server: AmazonS3
age: 348165
x-amz-cf-pop: DUS51-C1
etag: "783880aecbc172ae9a6f20cd71ab33fd"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 211
x-amz-cf-id: X4VvakEpmDAuFK1mfVMIu304zhqM6kQLqowrnzmCVGf2Z-FB3XHpaA==

GET
H2 200 5f4d0a3754485a4c5ab5ac15_1ST_Bet_Icon.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ 4 KB
2 KB 23ms
22ms Image
image/svg+xml 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5f4d0a3754485a4c5ab5ac15_1ST_Bet_Icon.svg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 824098fe6e570d75660cb558dd2cf6bd0bd1398142129b51d06b9dae24631b7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 16:14:07 GMT
content-encoding: br
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
x-amz-version-id: OPJSYW3_TAinQlrNniRoKlmFMtJja.LE
last-modified: Mon, 31 Aug 2020 14:33:28 GMT
server: AmazonS3
age: 793059
x-amz-cf-pop: DUS51-C1
etag: W/"1edff13047f5e842142ce53a0608c012"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: geTN-Sqa_WhikC2hg_k8QzgnuvxywjB5-qqHfX9aT7Csk30HB8cisA==

GET
H2 200 5f49632bc0bd6164c4231649_icon-menu.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ 408 B
838 B 23ms
23ms Image
image/svg+xml 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5f49632bc0bd6164c4231649_icon-menu.svg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21bec19e3d1451b29eff8fb3a274c8710e0c564b764bd40192fe9f162d7964af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 07:04:04 GMT
x-amz-version-id: LZxht85ErWPg.7fA.wB8BtpE_tz1j_Qb
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified: Fri, 28 Aug 2020 20:03:56 GMT
server: AmazonS3
age: 48462
x-amz-cf-pop: DUS51-C1
etag: "620e44506d6924ddcffd171856bd0815"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 408
x-amz-cf-id: IfVYoQkYlm2aK_QVHxh-9_F0ODApbIs8sjH1P7sufYNzL0u0TyGGvg==

GET
H2 200 5f49632bc0bd610cab231650_icon-x.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ 311 B
740 B 18ms
18ms Image
image/svg+xml 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5f49632bc0bd610cab231650_icon-x.svg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4887432b1a4d9da8b936f1c85deedeca55091445247a470d366c73a5d0eaf43b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 07:04:08 GMT
x-amz-version-id: xYlWqWIv1LfACk2eLHZREPEbRuBikyou
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified: Fri, 28 Aug 2020 20:03:56 GMT
server: AmazonS3
age: 48458
x-amz-cf-pop: DUS51-C1
etag: "071fe7984c203851cdee4b1cd1bbc619"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 311
x-amz-cf-id: YEOy8mmNed5d8cGLkappp6Cov621pwmflo7-WdVx9guVdXp2vI_f_g==

GET
H2 200 5f6e5e0e9d7ea8206ef0667b_home-24px.png
assets.website-files.com/5f49632a2373348fd8d5703f/ 685 B
1 KB 25ms
25ms Image
image/png 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5f6e5e0e9d7ea8206ef0667b_home-24px.png
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3cce8192d8954dae3a106037f97fedc573c980cf9698b8fc7d72206cf6800721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:17:00 GMT
x-amz-version-id: QOfbq1eBHJsFUl7LOW_wLs2XQ1C_IKYF
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified: Fri, 25 Sep 2020 21:16:00 GMT
server: AmazonS3
age: 3676486
x-amz-cf-pop: DUS51-C1
etag: "78093be1bd7ef44efc29208913ac9e9b"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 685
x-amz-cf-id: l0q-k_SlWL0_Pkw79wDV043-mM8dzK3PFJlk7gZCA-86CJ32Rbo-hw==

GET
H2 200 5f76a41efb7ba14881871b61_menu-white-18dp.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ 202 B
632 B 18ms
17ms Image
image/svg+xml 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5f76a41efb7ba14881871b61_menu-white-18dp.svg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a28c85cdb83b8ee0748948dbd95879c86f5ad1ed3adb505a0768e95780113e51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 16:47:03 GMT
x-amz-version-id: aXGzd4rSTrv0b_sS3FqPQtiBxXBSaDv0
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified: Fri, 02 Oct 2020 03:53:03 GMT
server: AmazonS3
age: 3383083
x-amz-cf-pop: DUS51-C1
etag: "9bd7f9a91bed5f05a83754bf7458d6b2"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 202
x-amz-cf-id: DV6qA-2awO0zwi6a_osuu9xBr-D_ZPTetlapC3AkTOulhmg0EFabig==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 54ms
13ms Script
application/javascript 52.222.232.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5f49632a2373348fd8d5703f
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://news.1st.com/
Origin: https://news.1st.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:15:30 GMT
content-encoding: gzip
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
age: 77041
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: 7AskrrRsTCBQFIwMHdKuSoMEgg32FGa7yLGftUYk8dEPDKo2hkvcsQ==

GET
H2 200 cms-1stbet.8fd9ca6be.js Show response
assets.website-files.com/5f49632a2373348fd8d5703f/js/ 633 KB
91 KB 24ms
23ms Script
text/javascript 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/js/cms-1stbet.8fd9ca6be.js
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e7946fdf03c705a1bfdf9f4d4c27e94eaf251b5aad5acc07fb390ca31833e9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: ykj7VqK2NNerorpv.jH3Al_Q3fXIUisY
content-encoding: gzip
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
date: Fri, 14 Oct 2022 11:38:54 GMT
age: 31972
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 92803
last-modified: Thu, 13 Oct 2022 03:53:48 GMT
server: AmazonS3
etag: "e1bdfc7bb9220e0c6a0a1cc61ac8db84"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: _6x4sh2nzVcgICP9vQyfFRQNAB4R9HVN2HtR4WrmSXS7xEBahOmW0Q==

GET
H2 200 css
fonts.googleapis.com/ 31 KB
2 KB 133ms
49ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CPT+Serif:400,400italic,700,700italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a9783b9fb1cbac6fe1b7b3f92e7727974927394cf77f3d2ef8bb2608725b288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Oct 2022 20:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 20:31:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Oct 2022 20:31:45 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
22 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

142b2ea0873ac373f6579f120251c58f610e463530e5242cfdbb869a4bdae3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 20:31:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 22471
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: MjaySr+u5uGMCjFSBRFPHvJ2OjtV9+6xdex1ZcSGyPEhBSwTrdiThlmDKUycbfyJ46RB/yobkb0ixHjTG931mg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 46vpn1o8jw Show response
www.clarity.ms/tag/ 1 KB
2 KB 153ms
102ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/46vpn1o8jw
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cc85d8daab71257fb650ec9b151dfbe658a8ca1bb6497955ce5eb4910c79656b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: application/x-javascript
date: Fri, 14 Oct 2022 20:31:45 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0McdJYwAAAAA2ZOLbWccuSqcuyKyBgbYLQU1TMDRFREdFMTgwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 302 KB
90 KB 71ms
70ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TSCL42B

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38fc3a8a1f3d2f512f93b87844cc108edd48571dff49c49e27af4e8aa6a1e931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:31:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91577
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 18:31:20 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Oct 2022 20:31:45 GMT

GET
H2 200 6345b46f1a28dade4184d4ec_bc-classic-hero-img21.jpg
assets.website-files.com/5f49632a2373348fd8d5703f/ 146 KB
147 KB 23ms
23ms Image
image/jpeg 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/6345b46f1a28dade4184d4ec_bc-classic-hero-img21.jpg
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8087acaf5299f107641158f0da114060479a7a76986d39e14e18de86f4220290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 16:45:59 GMT
x-amz-version-id: 9PS19zlZsif9kX7t7.ZzyjkEKVpMz2f.
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
age: 186347
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 149783
last-modified: Tue, 11 Oct 2022 18:22:41 GMT
server: AmazonS3
etag: "0ca439f2c5b61dd5cdd7ce9b68602f1e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: kUnMHPnIXW03TV-HWiHXzRQjVaIXEJa0Dri01wMBqrs-LRJMv7J-jg==

GET
H2 200 5f4d0e502a017c93f41e7ced_SuisseIntl-Regular.otf
assets.website-files.com/5f49632a2373348fd8d5703f/ 155 KB
156 KB 95ms
72ms Font
application/x-font-otf 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5f4d0e502a017c93f41e7ced_SuisseIntl-Regular.otf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 458c5870baccdc4a4cbd3ba91a1429af19e85e9ddf77180aee77d8144869fad3

Request headers

Referer: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
Origin: https://news.1st.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:48:53 GMT
x-amz-version-id: wCLPj2wncpZbdq518iBUItLRT.ZeGBq0
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age: 4336973
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
content-length: 158936
last-modified: Mon, 31 Aug 2020 14:50:57 GMT
server: AmazonS3
etag: "749206c94d9500f5531b9ceb89205150"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: U5LzPs2bN5DkyFxm3oKZbUB4gqUwPAJX2gZwjjbdwD_TFUftRlZlxA==

GET
H2 200 5f4d0e4fdfc0dad8cf651be4_SuisseIntl-Medium.otf
assets.website-files.com/5f49632a2373348fd8d5703f/ 155 KB
155 KB 44ms
21ms Font
application/x-font-otf 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5f4d0e4fdfc0dad8cf651be4_SuisseIntl-Medium.otf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fa3713ed40739c378d9af33d853a5c00eb9ae4ed9cc6e85a72865c86fb80125

Request headers

Referer: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
Origin: https://news.1st.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 19:07:01 GMT
x-amz-version-id: OPmpKpXHb.zxHWsRWI1fa7b9r9Ufkfml
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age: 3374685
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
content-length: 158208
last-modified: Mon, 31 Aug 2020 14:50:57 GMT
server: AmazonS3
etag: "3a4d69c9bf3e1dfe08a1df0ebe7ceb01"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: DR2kBpOME2PkDb3MqSAd7nKev50hhHV-jbGMxzfxMV45e3yv3KiXcQ==

GET
H2 200 5f4d0e4fa554e55aa93a9608_SuisseIntl-Light.otf
assets.website-files.com/5f49632a2373348fd8d5703f/ 156 KB
156 KB 54ms
31ms Font
application/x-font-otf 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5f4d0e4fa554e55aa93a9608_SuisseIntl-Light.otf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 792329cf37bea33adf5798dc9f9a5c2de5dc9bc75334a724aa6762bfdcc74948

Request headers

Referer: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
Origin: https://news.1st.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:48:53 GMT
x-amz-version-id: zf29i0zh8fyu1NH9PFMaRr.DNxZ9zyDI
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age: 4336973
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
content-length: 159536
last-modified: Mon, 31 Aug 2020 14:50:57 GMT
server: AmazonS3
etag: "13cdb83fb8336218c2798a6c555ecb7c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: obTFt--C95yy_G1JboYDeZPpZh8iAFLjdu1f6SpmG38SU6vrrZ1gTQ==

GET
H2 200 5f6e63ef808ba28a179ff48a_appleiconblack.svg
assets.website-files.com/5d8134a2d081e347ce0c05a3/ 2 KB
2 KB 33ms
33ms Image
image/svg+xml 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5d8134a2d081e347ce0c05a3/5f6e63ef808ba28a179ff48a_appleiconblack.svg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c8d19e6e1de20e77730dbba0c047fae3042e79582d56890d11dc87b4a4e1b1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:47:54 GMT
content-encoding: br
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
x-amz-version-id: kA9PQTDnUfjCWYwAlzMWk2g8zwSEAdrp
last-modified: Fri, 25 Sep 2020 21:41:04 GMT
server: AmazonS3
age: 4337032
x-amz-cf-pop: DUS51-C1
etag: W/"ae03ff3f37e6981463aa24bbfafedf6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: IU-UQ9VR0Ptpb1d-pSd9NkXsn-hQtukPthNYuKDTz4IlZHmgGMvbxw==

GET
H2 200 5f76a32e793e0fb26d5443ac_adb-24px%20(1).svg
assets.website-files.com/5f49632a2373348fd8d5703f/ 446 B
874 B 18ms
18ms Image
image/svg+xml 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5f76a32e793e0fb26d5443ac_adb-24px%20(1).svg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13561ecb60314b35f437dce22b4a96f6abc872f8c992f8c77e80ec3fd69b9c1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 23:57:00 GMT
x-amz-version-id: pQY91s0EzW.hqTmv5TYigQos5qCiSIMs
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified: Fri, 02 Oct 2020 03:49:03 GMT
server: AmazonS3
age: 1802086
x-amz-cf-pop: DUS51-C1
etag: "6b6c8e36f4f2658a5f9fbd43814f0178"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 446
x-amz-cf-id: iroMAfTf_4PICgo-IeIYudnNgnVacncAM0NmWkd0h3I6Kic9-Q1gew==

GET
H2 200 63499166cbcae54e7bfe5969_z211105_Carolyn%20Simancik_eclipsesportswire_8517.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ 510 KB
511 KB 37ms
36ms Image
image/jpeg 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632bc0bd61851523160b/63499166cbcae54e7bfe5969_z211105_Carolyn%20Simancik_eclipsesportswire_8517.jpg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83b7e5572b72a4720653285d47451bfa78b69f1b665fec3d8334ae3274406b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:23:12 GMT
x-amz-version-id: s4YyTwz3HiqkmBwc1_Svxys0rMlyhEL7
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
age: 7714
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 522595
last-modified: Fri, 14 Oct 2022 16:42:22 GMT
server: AmazonS3
etag: "7eb6619dd944d815a64e6932f7c60a6e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 82In1Q4axWwkMYldwrmc0ee47UvvGmgYXNGYH7YHVXRLQbcKFHIzkw==

GET
H2 200 634977e0da5c367916874bdb_aussie.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ 131 KB
132 KB 50ms
49ms Image
image/jpeg 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632bc0bd61851523160b/634977e0da5c367916874bdb_aussie.jpg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a5be4b8540f9f60b925a6a605fb798e4768d5885193d94e25fc10471f81468c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:12:51 GMT
x-amz-version-id: suXBV7Ih3BlGkCZzrQdefmTUWU6EwIh8
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
age: 19135
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 134455
last-modified: Fri, 14 Oct 2022 14:53:36 GMT
server: AmazonS3
etag: "a90839c71ea658baf99550e546ad5afe"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: Bpe8zfXR2tbZEhCTqTEjjAXfbyMx0zPiJKTdAFzEfhjGFx31cBoFZw==

GET
H2 200 63231ff3e7fe133c12c78bfc_aqueductlogopic.png
assets.website-files.com/5f49632bc0bd61851523160b/ 995 KB
997 KB 18ms
17ms Image
image/png 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632bc0bd61851523160b/63231ff3e7fe133c12c78bfc_aqueductlogopic.png
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c317b1820157f888a90a89f67cbc7038bca59a9f2890a7d083dec4d68a8b36f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 16:01:06 GMT
x-amz-version-id: PpWGF8D_rZWkPrbtfSW7tGKgZyqvkyvu
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
age: 16240
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1018790
last-modified: Fri, 14 Oct 2022 14:45:43 GMT
server: AmazonS3
etag: "35d067f719c36f500efc0c30c59489d0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: Ayq0ZLStUdJr40U4wQu_TFaP6ZUX1VQ6vupQobB4o0Q-bYb65lX7gg==

GET
H2 200 5f4e8cf9c1739ed01ba30e07_XBnews-img-Cimaglia.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ 42 KB
43 KB 38ms
35ms Image
image/jpeg 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632bc0bd61851523160b/5f4e8cf9c1739ed01ba30e07_XBnews-img-Cimaglia.jpg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cb8664edce38d0cb7c747a765628f210d07360b7301102d384acfbecc9e028d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:00:43 GMT
x-amz-version-id: zWhEaMYDtpJH.qwXKUFQt6a38dFqpc95
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
age: 1863
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 43335
last-modified: Fri, 14 Oct 2022 14:44:08 GMT
server: AmazonS3
etag: "4ddc73f48f83cd96050ce93f71bf996a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: hCwWVQjjvEwtXLZ7VC-m3Zrn3KOsIH2mIhNwZJ8LFdUztCO5CiZQEg==

GET
H2 200 6337969130484c5ed645b343_a100161022_SGS_eclipsesportswire_00395.JPG
assets.website-files.com/5f49632bc0bd61851523160b/ 598 KB
599 KB 54ms
51ms Image
image/jpeg 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632bc0bd61851523160b/6337969130484c5ed645b343_a100161022_SGS_eclipsesportswire_00395.JPG
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: adf7349508b541778aa4e19bf552a2e2f3abfe19f5c344087fbbdaf868e049b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 15:56:28 GMT
x-amz-version-id: oXUtijnCAWHlPzu5Sg1eIMkj9OOjkblB
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
age: 102918
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 612660
last-modified: Thu, 13 Oct 2022 15:28:18 GMT
server: AmazonS3
etag: "adc275063bcb667de1cc98be48116043"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: WhLugPfNpXWnOm6VncfvGp_KWdILLBaabsu7SCvsukhZF4vEiTancw==

GET
H2 200 63482399f6f2673b3a3e4e22_10-26-12%20Keeneland%20Morning%20Workouts12.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ 798 KB
800 KB 50ms
48ms Image
image/jpeg 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632bc0bd61851523160b/63482399f6f2673b3a3e4e22_10-26-12%20Keeneland%20Morning%20Workouts12.jpg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a2d10e4759fb209db7cfd3b856a8fab265b89780cd2462943966bfb8bcc2b02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 15:35:39 GMT
x-amz-version-id: YUTGFKZjZF25Uhh.8v5BJU5XctwvfZuT
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
age: 104167
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 817632
last-modified: Thu, 13 Oct 2022 14:41:36 GMT
server: AmazonS3
etag: "8dde6fc5c86ee1b2495592ffae361241"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: o8Pd7atYGRL1E8c_1Ze-XFqp79uTAjGl6WokfYfQwW2Rvp2VoRx6Nw==

GET
H2 200 6300f4622e6fcd23f9ff907d_x210828_eclipsesportswire_scott%20serio_04934.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ 2 MB
2 MB 46ms
44ms Image
image/jpeg 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632bc0bd61851523160b/6300f4622e6fcd23f9ff907d_x210828_eclipsesportswire_scott%20serio_04934.jpg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae5f7a3e07d9f72b32180419c4cedf04e75bba25b824beab5824e71d2c28d227

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:20:17 GMT
x-amz-version-id: B7j_imUx.O.jx6MNQW5S2xB7rHDLc1xj
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
age: 699089
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2054381
last-modified: Sat, 20 Aug 2022 14:49:07 GMT
server: AmazonS3
etag: "50eeb15356df167c13bc256808c8bb83"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: doOdBo0lDXuPL2btw7OzG5mRKc9HhVppPe2ssOVFeRKveN7JxmRGXA==

GET
H2 200 616091656a29d76d4bad926e_breeders-cup-2020-hero.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ 2 MB
2 MB 45ms
42ms Image
image/jpeg 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632bc0bd61851523160b/616091656a29d76d4bad926e_breeders-cup-2020-hero.jpg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cad7513b47cdadc2358a3be570fbb44f642150d632ee0fe5a4b95f9b62472243

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:20:17 GMT
x-amz-version-id: TWRgCSukwh8zL0dvgCgxpDVHsicOdjkj
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
age: 699089
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2037066
last-modified: Fri, 08 Oct 2021 18:43:50 GMT
server: AmazonS3
etag: "7abaaea304026fa5ea150e8b31d2e05a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: _HVHVOcJegDJ5CQ9IIhIVVL5cp2vqJSEtk8s68rUnLysqWz69EZIWg==

GET
H2 200 6080da77b53a41535a58c040_pwc_trees_2020_1.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ 44 KB
45 KB 41ms
39ms Image
image/jpeg 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632bc0bd61851523160b/6080da77b53a41535a58c040_pwc_trees_2020_1.jpg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72b4ac718b8ae81dc012d2bae19a91d62d1b3492c435c50540b370903ec297a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:20:17 GMT
x-amz-version-id: LZHFmDNm.5SiFJZAM26g6rjDcFW0n.NA
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
age: 699089
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 45222
last-modified: Thu, 22 Apr 2021 02:07:52 GMT
server: AmazonS3
etag: "97a5dcc1cd22b284d76953d889fc88e2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ePjXOe7SuGz3A_GjjaqNxWSqcgrZgfceLAQBQUBUjZwklCpc1uhCog==

GET
H2 200 62507ab688f867fc2f75e1cc_derby_justify.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ 422 KB
423 KB 43ms
41ms Image
image/jpeg 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632bc0bd61851523160b/62507ab688f867fc2f75e1cc_derby_justify.jpg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a2f9dfc09b259c3753ea0e4f4225d453339f60d715e40a91ce822be008373d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:20:17 GMT
x-amz-version-id: R_c8b93MqizxX6DfTtMn67lAxPpSGPm7
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
age: 699089
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 431737
last-modified: Fri, 08 Apr 2022 18:11:03 GMT
server: AmazonS3
etag: "0aacf509d96ed29203152a654f1cf7c9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: n1Kkq4myxPkSOp7CK40XXlMgADTAgyFhFctSDc5OgMggRXXFR5-rFA==

GET
H2 200 6080d818a8c0642b0dbb847a_preakness_2020_winner.jpg
assets.website-files.com/5f49632bc0bd61851523160b/ 146 KB
147 KB 52ms
50ms Image
image/jpeg 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632bc0bd61851523160b/6080d818a8c0642b0dbb847a_preakness_2020_winner.jpg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0abf778f423fcad314e2f7e6c835d70956ca499f47d5fdaa98b709a7145be08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:20:16 GMT
x-amz-version-id: zCMoZddKdpdYwViA7VR0Ci4z5F2XLkHe
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
age: 699090
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 149855
last-modified: Thu, 22 Apr 2021 01:58:01 GMT
server: AmazonS3
etag: "9cd1005b27feee83508d7383f8731c79"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: SKJZU7pjCo3iSIXFAgRqp6GqLndrDPNb25n_Tq7JVn_W5k2Om4Rqog==

GET
H2 200 602d70c292cff564e1d2c4a5_belmont-5-p-1080.jpeg
assets.website-files.com/5f49632bc0bd61851523160b/ 67 KB
68 KB 42ms
40ms Image
image/jpeg 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632bc0bd61851523160b/602d70c292cff564e1d2c4a5_belmont-5-p-1080.jpeg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 534cce3cf2effc081de0b1e92c7af74d3dcb58a3ac49dbd7f6f59ae7227a0253

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 06:57:22 GMT
x-amz-version-id: PfcTTjhP.jSfoKFppg0wwNdZmRxZFvIM
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
age: 1258464
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 69001
last-modified: Wed, 17 Feb 2021 19:38:43 GMT
server: AmazonS3
etag: "6fac51fe2dba4058f3ed6cbcc46ed3bc"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: e5d5yXqPgLg1TzjFlkREf1nIMErOuEg4OMzZ6b77hiafH_AOrgtPgw==

GET
H2 200 5f6e5e0e9d7ea8d0baf0667e_social-1_round-facebook.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ 876 B
1 KB 44ms
43ms Image
image/svg+xml 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5f6e5e0e9d7ea8d0baf0667e_social-1_round-facebook.svg
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f055a0681fdfe0de0d9e14e4118565e978d94c9d2b89910cca1b26f761509f63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 16:47:05 GMT
x-amz-version-id: go3M5dOAqK3WAXWMtSz_O50J6KAfgXP.
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified: Fri, 25 Sep 2020 21:16:00 GMT
server: AmazonS3
age: 3383081
x-amz-cf-pop: DUS51-C1
etag: "da7d1fbf7a86582ff45f7010f9930ddf"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 876
x-amz-cf-id: d-0XCy-4GyCpqOF3X6kTguA52tFCFlHbwSRvMtuy3YPFUNoQOSN-WQ==

GET
H2 200 5f6e5e0e9d7ea81a2ef0667f_social-1_round-instagram.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ 1 KB
1 KB 45ms
44ms Image
image/svg+xml 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5f6e5e0e9d7ea81a2ef0667f_social-1_round-instagram.svg
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e07dfdff938cc4b0c84f3fff03b42014183a8b0bed3c80f8407af2517e441f2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:58:06 GMT
content-encoding: br
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
x-amz-version-id: hmDwVkviHnFbk7Bstvku1PWUjgY.zXcQ
last-modified: Fri, 25 Sep 2020 21:16:00 GMT
server: AmazonS3
age: 2118819
x-amz-cf-pop: DUS51-C1
etag: W/"9e2e54d78a5217829bf43bcf5d4c1ed4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 3jmdrbAqWl6GBelh9BuwOH3goSCooCDh0TpSad6sxb7gEKSwpPQXkw==

GET
H2 200 5f6e5e0e9d7ea86010f0667d_social-1_round-twitter.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ 1 KB
1 KB 43ms
42ms Image
image/svg+xml 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5f6e5e0e9d7ea86010f0667d_social-1_round-twitter.svg
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee868d337c2fe9ac037a183c24811731766457082363f3e0e5184e919405fd6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 16:12:17 GMT
content-encoding: br
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
x-amz-version-id: Dcc9iJ22S6gB.aFPYdJj3__ol5J_8IyR
last-modified: Fri, 25 Sep 2020 21:16:00 GMT
server: AmazonS3
age: 1484369
x-amz-cf-pop: DUS51-C1
etag: W/"ac218a78a3be500f789383965d9d2bdd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: hXe2UOL8JGYm7Yap1_ahWSNSlkpHwnmg0slwmWe6eevD0MNQ7LiQ2Q==

GET
H2 200 5f4d0e504cc4d2a7beb307df_SuisseIntl-Thin.otf
assets.website-files.com/5f49632a2373348fd8d5703f/ 155 KB
155 KB 54ms
53ms Font
application/x-font-otf 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5f4d0e504cc4d2a7beb307df_SuisseIntl-Thin.otf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f99a2ffacdb0d349039b25746abed63fa92ffc73cc12d35a5da4632ee2a73d3

Request headers

Referer: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
Origin: https://news.1st.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:48:53 GMT
x-amz-version-id: a8xMaok4LenpnfxD0Vsw8qQrLVAtHwk_
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
age: 4336973
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
content-length: 158328
last-modified: Mon, 31 Aug 2020 14:50:57 GMT
server: AmazonS3
etag: "3a57d0e7a5653f3c1905990998b821d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: jbIJLS6ZfjK0verz0zwO4QfXQ9RuVzuPRmWfh-dyI6sA4twKiPCJ4Q==

GET
H2 200 5f4d0e4f873b08666436fee2_SuisseIntl-Bold.otf
assets.website-files.com/5f49632a2373348fd8d5703f/ 156 KB
157 KB 43ms
43ms Font
application/x-font-otf 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5f4d0e4f873b08666436fee2_SuisseIntl-Bold.otf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2e795af68f53a6f2a92c2f8e13621fb5e5da2f577b190a6b622f34c83d5b75

Request headers

Referer: https://assets.website-files.com/5f49632a2373348fd8d5703f/css/cms-1stbet.caf649661.min.css
Origin: https://news.1st.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:17:00 GMT
x-amz-version-id: WAtWZ.RlQNVUiBl6l4nh57EiJEZpEOTZ
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
last-modified: Mon, 31 Aug 2020 14:50:57 GMT
server: AmazonS3
age: 3676486
x-amz-cf-pop: DUS51-C1
etag: "8e6811b0f16bbd770ba0de475b23c357"
x-cache: Hit from cloudfront
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 159696
x-amz-cf-id: mZO1pt9XmtVjlxNxUqf1TeXoOBJ7Z0iZwAZzRQQ1Csqs39Ff3EyuPQ==

GET
H2 200 5fd8e7cbc69db4643c83b68b_Stroke%201%20Copy.svg
assets.website-files.com/5f49632a2373348fd8d5703f/ 857 B
1 KB 44ms
43ms Image
image/svg+xml 2600:9000:2182:2e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5f49632a2373348fd8d5703f/5fd8e7cbc69db4643c83b68b_Stroke%201%20Copy.svg
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e58250935c3d8f8b4bdd1248f631feaaaead7878b9b955cbded377bbdd5f7e72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 18:20:17 GMT
x-amz-version-id: L.xoQLGQgVsFAvtJ6AKhNBUwRrCB6V_I
via: 1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
age: 699089
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 857
last-modified: Tue, 15 Dec 2020 16:43:56 GMT
server: AmazonS3
etag: "d1415b769ac7f702ddd513b2187a3d22"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: TdxInxe5_H7vTe9VlrdoQOScJzKCze9CQJu4SllUfIZvwV4o9m4lIQ==

GET
H3 200 796779614507599 Show response
connect.facebook.net/signals/config/ 355 KB
85 KB 68ms
58ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/796779614507599?v=2.9.5&r=c2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56be3ae00370b96f3b9f9873f556645db8e690e69b1398514f4a47d72cb98c71

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Oct 2022 20:31:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Zw8FNCRAbKrbguswVofn8uuaNjPq2dgwmi32oyMhSIDfj3APEPLjpo6xOwrkwBhYC4+5vJLQAoa+lRcjJjNt+Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 117ms
37ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CPT+Serif:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.1st.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 351682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 18:50:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSCL42B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 19:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4549
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 14 Oct 2022 21:15:57 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 67ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSCL42B

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 14 Oct 2022 20:31:45 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4C734F733C8C4BF1808A68598BF75E08 Ref B: FRAEDGE1112 Ref C: 2022-10-14T20:31:46Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H3

200

activityi;dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F Show response
10688233.fls.doubleclick.net/ Frame EF3C
Redirect Chain

https://10688233.fls.doubleclick.net/activityi;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F?
https://10688233.fls.doubleclick.net/activityi;dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2...

484 B
411 B

110ms
50ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10688233.fls.doubleclick.net/activityi;dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSCL42B

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

8b7a8f9f22ca95c5c182a538ec7fbe4c2213193df3750f88da3958b78f6422ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.1st.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 20:31:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 20:31:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10688233.fls.doubleclick.net/activityi;dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 57ms
13ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSCL42B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:31:46 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15317
x-served-by: cache-iad-kjyo7100153-IAD, cache-muc13947-MUC

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 59ms
8ms Script
application/x-javascript 2600:9000:223c:e00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:20:17 GMT
content-encoding: gzip
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified: Fri, 14 Oct 2022 20:20:07 GMT
server: Jetty(9.3.29.v20201019)
x-amz-cf-pop: FRA56-P2
age: 689
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: jEjDFQ-KBqJlnOfMfpFcyyG-0ZBsxh6IG0J3aMXuwfNUaW-t46MxRw==
expires: Fri, 14 Oct 2022 21:20:17 GMT

GET
H2 403 1stbet_homepage
us.connextra.com/dcs/tagController/tag/fd48dd5f44b3/ 0
0 162ms
17ms Script
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://us.connextra.com/dcs/tagController/tag/fd48dd5f44b3/1stbet_homepage
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSCL42B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:31:46 GMT
content-length: 34
content-type: text/html

GET
H2 403 1stbet_landingpage
us.connextra.com/dcs/tagController/tag/fd48dd5f44b3/ 0
0 162ms
17ms Script
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://us.connextra.com/dcs/tagController/tag/fd48dd5f44b3/1stbet_landingpage
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSCL42B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:31:46 GMT
content-length: 34
content-type: text/html

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 47 KB
47 KB 152ms
135ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CPT+Serif:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.1st.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 18:50:37 GMT
x-content-type-options: nosniff
age: 351669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47952
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 18:50:37 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v17/ 32 KB
32 KB 162ms
146ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CPT+Serif:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.1st.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 20:40:48 GMT
x-content-type-options: nosniff
age: 604258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32900
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:44:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 20:40:48 GMT

GET
H2 200 EJRTQgYoZZY2vCFuvAFT_r21cg.woff2
fonts.gstatic.com/s/ptserif/v17/ 34 KB
34 KB 139ms
122ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v17/EJRTQgYoZZY2vCFuvAFT_r21cg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CPT+Serif:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6661b8cd544cf84130afd811d872ce216a1f069eef967566a300a7dfb8506e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.1st.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 08:45:23 GMT
x-content-type-options: nosniff
age: 301583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34800
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:38:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 08:45:23 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v17/ 29 KB
29 KB 124ms
108ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CPT+Serif:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.1st.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:28:08 GMT
x-content-type-options: nosniff
age: 176618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29492
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:29:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 19:28:08 GMT

GET
H2 200 EJRQQgYoZZY2vCFuvAFT9gaQZynfoA.woff2
fonts.gstatic.com/s/ptserif/v17/ 28 KB
28 KB 102ms
86ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v17/EJRQQgYoZZY2vCFuvAFT9gaQZynfoA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CPT+Serif:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8b4c3fed174cde914ce1d74e3e97a4c7d17a9d615ba13065e8dc58531a84046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.1st.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 21:28:03 GMT
x-content-type-options: nosniff
age: 169423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28336
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:44:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 21:28:03 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.42/ 53 KB
23 KB 104ms
103ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.42/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/46vpn1o8jw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:31:46 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8de484d1af7d4"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 0MsdJYwAAAACgMDOMuj5yTLvRdfxoXqsZQU1TMDRFREdFMTgwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 23382
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 792916808037334 Show response
connect.facebook.net/signals/config/ 355 KB
85 KB 58ms
58ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/792916808037334?v=2.9.5&r=c2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45df1ff5ff5b84f321238e8168295098d922184ad294eac0a1f14eb2f38158db

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Oct 2022 20:31:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ddv76QhhfcOfI9c03yS4qoxAob00tN44LHfGcb8d/ZIFDOopMGdwESvO/VKgwG3fDzlo2HMgTle2uM6VC+fskg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 35ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=796779614507599&ev=PageView&dl=https%3A%2F%2Fnews.1st.com%2F&rl=&if=false&ts=1665779506187&sw=1600&sh=1200&v=2.9.5&r=c2&ec=0&o=30&fbp=fb.1.1665779506186.789301149&it=1665779506008&coo=false&rqm=GET

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Oct 2022 20:31:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK ca.html Show response
20829737p.rfihub.com/ Frame F849 3 KB
3 KB 252ms
20ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20829737p.rfihub.com/ca.html?ver=9&rb=43518&ca=20829737&_o=43518&_t=20829737&pe=https%3A%2F%2Fnews.1st.com%2F&pf=&ra=5300633418460599
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 757c3b77f427fd37950e116ec7b3e98bd8a29fab2438f9ed68429a3cd3755d8e

Request headers

Referer: https://news.1st.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2608
Content-Type: text/html;charset=utf-8
Date: Fri, 14 Oct 2022 20:31:46 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.3.29.v20201019)

GET
H2 200 adsct
t.co/i/ 43 B
378 B 134ms
108ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=eea38fb3-f218-404f-93c2-7151d4f46ea1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=88966078-1be2-417f-ae5c-5ac128132d4b&tw_document_href=https%3A%2F%2Fnews.1st.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o89of&type=javascript&version=2.3.27

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 102
date: Fri, 14 Oct 2022 20:31:45 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 7885f5c5a099160f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 07dc6692b2e22d6db30bd70077c09fc778f88e9a958acaad63488a05375fae3f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
216 B 790ms
116ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=eea38fb3-f218-404f-93c2-7151d4f46ea1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=88966078-1be2-417f-ae5c-5ac128132d4b&tw_document_href=https%3A%2F%2Fnews.1st.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o89of&type=javascript&version=2.3.27

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 110
date: Fri, 14 Oct 2022 20:31:46 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9f43e8125d37d39f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 6a6c1b2d405314679cc66f7099eb8284d6d1ae0b21ea1b4c26eb9942cad5efdc
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
203 B 142ms
117ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=e45ae42a-961a-436d-bf6f-90e5cf695522&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=88966078-1be2-417f-ae5c-5ac128132d4b&tw_document_href=https%3A%2F%2Fnews.1st.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8g9h&type=javascript&version=2.3.27

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 110
date: Fri, 14 Oct 2022 20:31:45 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9fc1f473d6de5d83
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 07dc6692b2e22d6db30bd70077c09fc778f88e9a958acaad63488a05375fae3f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 784ms
111ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e45ae42a-961a-436d-bf6f-90e5cf695522&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=88966078-1be2-417f-ae5c-5ac128132d4b&tw_document_href=https%3A%2F%2Fnews.1st.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8g9h&type=javascript&version=2.3.27

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 104
date: Fri, 14 Oct 2022 20:31:46 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 15204083b8742853
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 6a6c1b2d405314679cc66f7099eb8284d6d1ae0b21ea1b4c26eb9942cad5efdc
content-length: 43

GET
H2 204 56305986.js Show response
bat.bing.com/p/action/ 0
118 B 106ms
106ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56305986.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 14 Oct 2022 20:31:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 809C0624938348DE99F2933E05FBCBCB Ref B: FRAEDGE1112 Ref C: 2022-10-14T20:31:46Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
174 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56305986&tm=gtm002&Ver=2&mid=074a093e-4f33-47ae-b562-6a2a22431afe&sid=38f41e404bff11ed860f116a794ffcc5&vid=38f445804bff11ed9d00ad9aeeba704b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Daily%20Horse%20Racing%20Picks%20%26%20News%20by%201%2FST%20BET&kw=Preakness%20Stakes,Pegasus%20World%20Cup,%20Kentucky%20Derby,%20Belmont%20Stakes,%20Santa%20Anita,%20bet%20on%20horse%20racing,%20horse%20racing%20news,%20Breeders%20Cup%20news,%20Pegasus%20World%20Cup%20picks,%20Pegasus%20World%20Cup%20tips,%20Pegasus%20World%20Cup%20betting&p=https%3A%2F%2Fnews.1st.com%2F&r=&lt=2857&evt=pageLoad&sv=1&rn=587450

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 14 Oct 2022 20:31:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 679F8D81474E472D92266CF66103F4D4 Ref B: FRAEDGE1112 Ref C: 2022-10-14T20:31:46Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 117ms
44ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1689342164&t=pageview&_s=1&dl=https%3A%2F%2Fnews.1st.com%2F&dh=news.1st.com&ul=en-us&de=UTF-8&dt=Daily%20Horse%20Racing%20Picks%20%26%20News%20by%201%2FST%20BET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YHBACEABBAAAACAEKE~&jid=632885580&gjid=1558098235&cid=1738127013.1665779506&tid=UA-167213651-1&_gid=1767580598.1665779506&_r=1&gtm=2wgaa0TSCL42B&cg1=brochure%20site%20static%20page&cd1=production&cd2=web&cd3=1st.com%2Fbet&cd4=brochure&cd7=guest&cd9=brochure%20site%20static%20page&cd28=false&cd29=gtm.js&cd6=1738127013.1665779506&z=723261775

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://news.1st.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:31:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.1st.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 19ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=792916808037334&ev=PageView&dl=https%3A%2F%2Fnews.1st.com%2F&rl=&if=false&ts=1665779506411&sw=1600&sh=1200&v=2.9.5&r=c2&ec=0&o=30&fbp=fb.1.1665779506186.789301149&it=1665779506008&coo=false&rqm=GET

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Oct 2022 20:31:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 18ms
8ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=796779614507599&ev=1%2FST%20-%20ViV%20&dl=https%3A%2F%2Fnews.1st.com%2F&rl=&if=false&ts=1665779506412&sw=1600&sh=1200&v=2.9.5&r=c2&ec=1&o=30&fbp=fb.1.1665779506186.789301149&it=1665779506008&coo=false&rqm=GET

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Oct 2022 20:31:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 19ms
10ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=792916808037334&ev=1%2FST%20-%20ViV%20&dl=https%3A%2F%2Fnews.1st.com%2F&rl=&if=false&ts=1665779506412&sw=1600&sh=1200&v=2.9.5&r=c2&ec=1&o=30&fbp=fb.1.1665779506186.789301149&it=1665779506008&coo=false&rqm=GET

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Oct 2022 20:31:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 204 collect Show response
b.clarity.ms/ 0
155 B 494ms
191ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://news.1st.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://news.1st.com
date: Fri, 14 Oct 2022 20:31:46 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 57ms
20ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-167213651-1&cid=1738127013.1665779506&jid=632885580&gjid=1558098235&_gid=1767580598.1665779506&_u=YHBACEAABAAAACAEKE~&z=368999385

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://news.1st.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 14 Oct 2022 20:31:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.1st.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame BCE2 483 B
854 B 162ms
75ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F

Requested by

Host: 10688233.fls.doubleclick.net
URL: https://10688233.fls.doubleclick.net/activityi;dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bda722d3eb0e0dffc4fdb32ff02da96130795ff2d1a41ad6c99ab5ed25d90fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10688233.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 385
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 20:31:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 162ms
77ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-167213651-1&cid=1738127013.1665779506&jid=632885580&_u=YHBACEAABAAAACAEKE~&z=798518221

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:31:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 167ms
77ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-167213651-1&cid=1738127013.1665779506&jid=632885580&_u=YHBACEAABAAAACAEKE~&z=798518221

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:31:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame F849
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMTA3NzcyMjg2NDUwODA2NQ==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEC4t3am9xiqmXoLxACz4JhQ&google_cver=1

42 B
1004 B

57ms
14ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEC4t3am9xiqmXoLxACz4JhQ&google_cver=1
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 14 Oct 2022 20:31:46 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:31:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEC4t3am9xiqmXoLxACz4JhQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame F849
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5131077722864508065
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5131077722864508065

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5131077722864508065

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

HTTP/1.1

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:31:46 GMT
AN-X-Request-Uuid: 579bdaaa-b05f-40e7-8f77-db68c7407ce6
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:31:46 GMT
AN-X-Request-Uuid: 303214dd-06c5-4888-965b-0e13024cf6f6
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5131077722864508065
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame F849 0
239 B 42ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5131077722864508065&
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame F849
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5131077722864508065&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5131077722864508065&redir=

42 B
942 B

35ms
35ms

Image
image/gif

54.76.60.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5131077722864508065&redir=

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

HTTP/1.1

Server

54.76.60.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-60-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v044-0deb8e9c6.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: GvrB6SPbTQY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v044-0deb8e9c6.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: RIpyJvnPTUQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5131077722864508065&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame F849
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5131077722864508065&bid=omt9pi0

0
344 B

41ms
8ms

Image
text/plain

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5131077722864508065&bid=omt9pi0
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: HTTP/1.1
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 20:31:46 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5131077722864508065&bid=omt9pi0
Date: Fri, 14 Oct 2022 20:31:46 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame F849 45 B
616 B 71ms
35ms Image
image/gif 23.36.156.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5131077722864508065

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.156.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-156-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 14 Oct 2022 20:31:46 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Fri, 14 Oct 2022 20:31:46 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame F849 0
105 B 96ms
9ms Image
text/plain 18.156.102.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.102.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-102-147.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:31:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame F849
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5131077722864508065&referrer=https%3A%2F%2Fnews.1st.com%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=d38f27e5-7c38-4eb2-9e43-1ff2665049c4%3A1665779506.6388278&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd38f27e5-7c38-4eb2-9e43-1ff2665...
https://idsync.rlcdn.com/501709.gif?partner_uid=d38f27e5-7c38-4eb2-9e43-1ff2665049c4%3A1665779506.6388278

0
9 B

107ms
41ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=d38f27e5-7c38-4eb2-9e43-1ff2665049c4%3A1665779506.6388278
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:31:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

Location: https://idsync.rlcdn.com/501709.gif?partner_uid=d38f27e5-7c38-4eb2-9e43-1ff2665049c4%3A1665779506.6388278
Date: Fri, 14 Oct 2022 20:31:46 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame F849 43 B
109 B 484ms
255ms Image
image/gif 52.55.72.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5131077722864508065
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.72.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-72-99.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:31:46 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F849
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5131077722864508065&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5131077722864508065&forward=&C=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5131077722864508065&forward=&C=1
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:31:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:31:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=57&external_user_id=5131077722864508065&forward=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame F849 0
98 B 115ms
41ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5131077722864508065
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:31:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame F849 43 B
191 B 537ms
253ms Image
image/gif 104.76.200.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5131077722864508065

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-221.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Fri, 14 Oct 2022 20:31:47 GMT
pragma: no-cache
date: Fri, 14 Oct 2022 20:31:47 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame F849
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5131077722864508065&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5131077722864508065&img=1&__user_check__=1&sync_id=392fe485-4bff-11ed-a47d-194044dd0306

43 B
549 B

16ms
16ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5131077722864508065&img=1&__user_check__=1&sync_id=392fe485-4bff-11ed-a47d-194044dd0306
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 20:31:46 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 103
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 14 Oct 2022 20:31:46 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7180&uid=5131077722864508065&img=1&__user_check__=1&sync_id=392fe485-4bff-11ed-a47d-194044dd0306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 88
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame F849 43 B
183 B 352ms
106ms Image
image/gif 2600:1f18:612b:4264:54e8:ad4c:a4b8:acf6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5131077722864508065&r=O5ZjiuqpigVt
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:54e8:ad4c:a4b8:acf6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 14 Oct 2022 20:31:46 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame F849 43 B
377 B 133ms
31ms Image
image/gif 52.212.110.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5131077722864508065
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.110.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-110-18.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:31:46 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame F849 0
338 B 111ms
31ms Image
text/plain 52.30.33.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5131077722864508065
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.33.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-33-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: beacon-n002-dub-prod.krxd.net
date: Fri, 14 Oct 2022 20:31:46 GMT
cache-control: private, no-cache, no-store
x-request-time: D=56 t=1665779506
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame F849
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5131077722864508065&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5131077722864508065&expires=30

43 B
495 B

9ms
8ms

Image
image/gif

35.156.18.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5131077722864508065&expires=30
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: HTTP/1.1
Server: 35.156.18.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-18-160.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 20:31:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5131077722864508065&expires=30
Date: Fri, 14 Oct 2022 20:31:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame F849
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y0nHMgAAAOvSFQAW
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y0nHMgAAAOvSFQAW&_test=Y0nHMgAAAOvSFQAW

42 B
1021 B

32ms
15ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=Y0nHMgAAAOvSFQAW&_test=Y0nHMgAAAOvSFQAW
Requested by: Host: news.1st.com
URL: https://news.1st.com/
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20829737p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 14 Oct 2022 20:31:46 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-hhn4067-HHN
pragma: no-cache
date: Fri, 14 Oct 2022 20:31:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1665779507.832485,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=Y0nHMgAAAOvSFQAW&_test=Y0nHMgAAAOvSFQAW
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F Show response
adservice.google.de/ddm/fls/i/ Frame FDFD 194 B
870 B 162ms
76ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COba_J3I4PoCFcZtGwodD4oIwg;src=10688233;type=vivfe0;cat=vivst0;ord=1;num=8836050431456;gtm=2wgaa0;auiddc=2007051498.1665779506;~oref=https%3A%2F%2Fnews.1st.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 20:31:46 GMT
expires: Fri, 14 Oct 2022 20:31:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9491 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://news.1st.com
Referer: https://news.1st.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://news.1st.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 20:31:46 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 77B6 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: news.1st.com
URL: https://news.1st.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://news.1st.com
Referer: https://news.1st.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://news.1st.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 20:31:46 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=E2EFE3219E904212899AD35019AA2199&RedC=c.clarity.ms&MXFR=1F92877F12C66950292F954216C667CC
https://c.clarity.ms/c.gif?CtsSyncId=E2EFE3219E904212899AD35019AA2199&MUID=2A7C2D41AE14686C25F13F7CAF656964

42 B
369 B

28ms
27ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=E2EFE3219E904212899AD35019AA2199&MUID=2A7C2D41AE14686C25F13F7CAF656964
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.1st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:31:46 GMT
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
server: Microsoft-IIS/10.0
etag: "40db785d3fdfd81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:31:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 905D34B688BF42738C4274FBF2B37F36 Ref B: FRAEDGE1112 Ref C: 2022-10-14T20:31:47Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=E2EFE3219E904212899AD35019AA2199&MUID=2A7C2D41AE14686C25F13F7CAF656964
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 95ms
95ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://news.1st.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://news.1st.com
date: Fri, 14 Oct 2022 20:31:47 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 95ms
94ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://news.1st.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://news.1st.com
date: Fri, 14 Oct 2022 20:31:49 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-20 15:28:35	Name: CLID Value: c217204407ed4ccdafa68a278a89f868.20221014.20231014
.1st.com/	1970-01-20 08:52:35	Name: _gcl_au Value: 1.1.2007051498.1665779506
.news.1st.com/	1970-01-20 07:26:11	Name: pageviewCount Value: 1
.1st.com/	1970-01-20 08:52:35	Name: _fbp Value: fb.1.1665779506186.789301149
.bing.com/	1970-01-20 16:04:35	Name: MUID Value: 2A7C2D41AE14686C25F13F7CAF656964
.1st.com/	1970-01-20 06:44:25	Name: _uetsid Value: 38f41e404bff11ed860f116a794ffcc5
.1st.com/	1970-01-20 16:04:35	Name: _uetvid Value: 38f445804bff11ed9d00ad9aeeba704b
.1st.com/	1970-01-20 16:18:59	Name: _ga Value: GA1.2.1738127013.1665779506
.1st.com/	1970-01-20 06:44:25	Name: _gid Value: GA1.2.1767580598.1665779506
.1st.com/	1970-01-20 06:42:59	Name: _gat_UA-167213651-1 Value: 1
.1st.com/	1970-01-20 15:28:35	Name: _clck Value: 15dss4t\|1\|f5p\|0
.t.co/	1970-01-20 16:18:59	Name: muc_ads Value: f97570ab-dd64-448c-a2ab-36ca10dea530
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjQwNzc3MrIwMzE1sDAwMxXiM9TNMDI0S0kJyMwI8HEGAERxvPUlAAAA
.rfihub.com/	1970-01-20 16:04:35	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjQwNzc3MrIwMzE1sDAwMxXiM9TNMDI0S0kJyMwI8HEGAERxvPUlAAAA
.casalemedia.com/	1970-01-20 15:28:35	Name: CMID Value: Y0nHMogRuRfU48wTsdZx1AAA
.casalemedia.com/	1970-01-20 08:52:35	Name: CMPS Value: 3351
.casalemedia.com/	1970-01-20 08:52:35	Name: CMPRO Value: 3351
.adnxs.com/	1970-01-20 08:52:35	Name: uuid2 Value: 4468942785355496925
.media.net/	1970-01-20 15:28:35	Name: visitor-id Value: 3087811068397043000V10
.media.net/	1970-01-20 15:27:09	Name: data-rk Value: 5131077722864508065~~3
.adnxs.com/	1970-01-20 08:52:35	Name: anj Value: dTM7k!M4/YErk#WF']wIg2IlahJKQm!]tbPl1MNu::wpAk`W>$i*sKqlwVVVgk($LdWJEuCwTyVAdsb_!AXTO:4=sB!(JCb@[I.#
.doubleclick.net/	1970-01-20 16:04:35	Name: IDE Value: AHWqTUmal4IGQX3GjgcHhwCX-gX3ChmLpPv1xxORX5spzKNgjkJKHjSENc04mo0j2U0
.spotxchange.com/	1970-01-20 07:23:18	Name: audience Value: 392fe431-4bff-11ed-a47d-194044dd0306
.demdex.net/	1970-01-20 11:02:11	Name: demdex Value: 49780602228431449802296203394153981681
.dpm.demdex.net/	1970-01-20 11:02:11	Name: dpm Value: 49780602228431449802296203394153981681
.krxd.net/	1970-01-20 11:02:11	Name: _kuid_ Value: PI1jGZhe
.eyeota.net/	1970-01-20 06:43:00	Name: SERVERID Value: 23242~DM
.bidswitch.net/	1970-01-20 15:28:35	Name: tuuid Value: 455fe788-ca7c-4d26-8d7b-15a50a589025
.bidswitch.net/	1970-01-20 15:28:35	Name: c Value: 1665779506
.bidswitch.net/	1970-01-20 15:28:35	Name: tuuid_lu Value: 1665779506
.everesttech.net/	1970-01-20 15:28:35	Name: everest_g_v2 Value: g_surferid~Y0nHMgAAAOvSFQAW
.rezync.com/	1970-01-20 11:02:11	Name: zync-uuid Value: d38f27e5-7c38-4eb2-9e43-1ff2665049c4:1665779506.6388278
live.rezync.com/	1970-01-20 11:02:11	Name: sd-session-id Value: .eJwNykEOwiAQQNG7zLoYGGBmymUapUNCtGhK3dj07rL7L_knLB_dt3vTdkA69q9OkF91qEM6odffpk9IEJ13lpkRhUK0YinCNUHX3uu7LXUdz-qlIGs0nL2YoA80swZvXClIFG2Yc0huFPMcLd3IiyALXH-ppiVh.Y0nHMg.91xrY8BpILju6UmJO5X0ONfBtQI
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dTYpMU7MtazILMyNyPepcHSuMvHKCFzFKBBpkOfhm-7o6OhfFuwW6BgOAEI-UW0xAAAA
.rfihub.com/	1970-01-20 16:04:35	Name: eud Value: H4sIAAAAAAAA_5vFyGtoZmZqbm5pamBmYmmyCo1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYy39zYchGrQKRBnodvuqOjo39ZsFugY_gqViQlFmZGm1jRrOBG8xIaf5EwKv8RGh8AWJM8GkMBAAA
.1st.com/	1970-01-20 06:44:25	Name: _clsk Value: prhimx\|1665779506933\|1\|1\|b.clarity.ms/collect
.twitter.com/	1970-01-20 16:18:59	Name: personalization_id Value: "v1_KlwlVjYRBfjjJ8HvKLxMQA=="
.c.bing.com/	1970-01-20 16:04:35	Name: SRM_B Value: 2A7C2D41AE14686C25F13F7CAF656964
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 16:04:35	Name: MUID Value: 2A7C2D41AE14686C25F13F7CAF656964
.c.clarity.ms/	1970-01-20 06:43:00	Name: ANONCHK Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://us.connextra.com/dcs/tagController/tag/fd48dd5f44b3/1stbet_homepage Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://us.connextra.com/dcs/tagController/tag/fd48dd5f44b3/1stbet_landingpage Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5131077722864508065 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=d38f27e5-7c38-4eb2-9e43-1ff2665049c4%3A1665779506.6388278 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10688233.fls.doubleclick.net
20829737p.rfihub.com
a.rfihub.com
aa.agkn.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.twitter.com
assets.website-files.com
b.clarity.ms
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c.bing.com
c.clarity.ms
c1.rfihub.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
d3e54v103j8qbb.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
live.rezync.com
news.1st.com
p.rfihub.com
partners.tremorhub.com
pixel.rubiconproject.com
ps.eyeota.net
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
t.co
us.connextra.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
104.244.42.133
104.244.42.3
104.76.200.221
108.138.17.14
13.115.182.240
142.250.185.102
142.250.186.130
151.101.2.49
18.156.102.147
185.80.39.216
185.89.210.101
185.94.180.125
193.0.160.128
199.232.188.157
20.234.93.27
20.75.32.255
23.36.156.23
2600:1f18:612b:4264:54e8:ad4c:a4b8:acf6
2600:9000:2182:2e00:11:3b84:d200:93a1
2600:9000:223c:e00:1:76cf:fe80:93a1
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:806::200a
2a00:1450:4001:808::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.124.210.90
35.156.18.160
35.244.174.68
52.212.110.18
52.222.232.39
52.30.33.235
52.55.72.99
54.76.60.98
69.173.144.165
96.16.144.106
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0cb8664edce38d0cb7c747a765628f210d07360b7301102d384acfbecc9e028d
13561ecb60314b35f437dce22b4a96f6abc872f8c992f8c77e80ec3fd69b9c1e
142b2ea0873ac373f6579f120251c58f610e463530e5242cfdbb869a4bdae3a4
21bec19e3d1451b29eff8fb3a274c8710e0c564b764bd40192fe9f162d7964af
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
38fc3a8a1f3d2f512f93b87844cc108edd48571dff49c49e27af4e8aa6a1e931
3cce8192d8954dae3a106037f97fedc573c980cf9698b8fc7d72206cf6800721
3fa3713ed40739c378d9af33d853a5c00eb9ae4ed9cc6e85a72865c86fb80125
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
458c5870baccdc4a4cbd3ba91a1429af19e85e9ddf77180aee77d8144869fad3
45df1ff5ff5b84f321238e8168295098d922184ad294eac0a1f14eb2f38158db
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4887432b1a4d9da8b936f1c85deedeca55091445247a470d366c73a5d0eaf43b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c317b1820157f888a90a89f67cbc7038bca59a9f2890a7d083dec4d68a8b36f
534cce3cf2effc081de0b1e92c7af74d3dcb58a3ac49dbd7f6f59ae7227a0253
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56be3ae00370b96f3b9f9873f556645db8e690e69b1398514f4a47d72cb98c71
5c8d19e6e1de20e77730dbba0c047fae3042e79582d56890d11dc87b4a4e1b1c
5e7946fdf03c705a1bfdf9f4d4c27e94eaf251b5aad5acc07fb390ca31833e9a
6c07107795e9db7d88ee19cae3c3f79c7a916e3849d0d99781f8bbc35b8b733b
72b4ac718b8ae81dc012d2bae19a91d62d1b3492c435c50540b370903ec297a0
757c3b77f427fd37950e116ec7b3e98bd8a29fab2438f9ed68429a3cd3755d8e
792329cf37bea33adf5798dc9f9a5c2de5dc9bc75334a724aa6762bfdcc74948
7a2d10e4759fb209db7cfd3b856a8fab265b89780cd2462943966bfb8bcc2b02
7a2f9dfc09b259c3753ea0e4f4225d453339f60d715e40a91ce822be008373d6
7a9783b9fb1cbac6fe1b7b3f92e7727974927394cf77f3d2ef8bb2608725b288
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
8087acaf5299f107641158f0da114060479a7a76986d39e14e18de86f4220290
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
824098fe6e570d75660cb558dd2cf6bd0bd1398142129b51d06b9dae24631b7a
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
83b7e5572b72a4720653285d47451bfa78b69f1b665fec3d8334ae3274406b1b
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8a5be4b8540f9f60b925a6a605fb798e4768d5885193d94e25fc10471f81468c
8b7a8f9f22ca95c5c182a538ec7fbe4c2213193df3750f88da3958b78f6422ab
8f99a2ffacdb0d349039b25746abed63fa92ffc73cc12d35a5da4632ee2a73d3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0abf778f423fcad314e2f7e6c835d70956ca499f47d5fdaa98b709a7145be08
a28c85cdb83b8ee0748948dbd95879c86f5ad1ed3adb505a0768e95780113e51
a8b4c3fed174cde914ce1d74e3e97a4c7d17a9d615ba13065e8dc58531a84046
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adf7349508b541778aa4e19bf552a2e2f3abfe19f5c344087fbbdaf868e049b3
ae5f7a3e07d9f72b32180419c4cedf04e75bba25b824beab5824e71d2c28d227
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bda722d3eb0e0dffc4fdb32ff02da96130795ff2d1a41ad6c99ab5ed25d90fc1
c6ef32eeaeab2f603ec95b8c6ac6f423ff1bde4b26e3fddaa935c8d630499743
cad7513b47cdadc2358a3be570fbb44f642150d632ee0fe5a4b95f9b62472243
cc85d8daab71257fb650ec9b151dfbe658a8ca1bb6497955ce5eb4910c79656b
cd2e795af68f53a6f2a92c2f8e13621fb5e5da2f577b190a6b622f34c83d5b75
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d8919a5a218fb212d5aff4277b8ecb1e2c90be57b3c0dd96694c905bf0b5a448
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078
d9e33d57f4c6118ff345124752c7bacd6f75bd13d8613e254ddf03ba67ee3b83
dd6661b8cd544cf84130afd811d872ce216a1f069eef967566a300a7dfb8506e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e07dfdff938cc4b0c84f3fff03b42014183a8b0bed3c80f8407af2517e441f2a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58250935c3d8f8b4bdd1248f631feaaaead7878b9b955cbded377bbdd5f7e72
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ee868d337c2fe9ac037a183c24811731766457082363f3e0e5184e919405fd6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f055a0681fdfe0de0d9e14e4118565e978d94c9d2b89910cca1b26f761509f63
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

news.1st.com Open in urlscan Pro 13.115.182.240 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

90 %HTTPS

39 %IPv6

37 Domains

47 Subdomains

41 IPs

7 Countries

9688 kBTransfer

12767 kBSize

41 Cookies

18 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

news.1st.com Open in urlscan Pro
13.115.182.240 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

90 %
HTTPS

39 %
IPv6

37
Domains

47
Subdomains

41
IPs

7
Countries

9688 kB
Transfer

12767 kB
Size

41
Cookies

100 HTTP transactions
0 data transactions