www.newser.com Open in urlscan Pro
40.114.51.62 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.newser.com/
Submission: On January 30 via api (January 30th 2022, 3:50:01 pm UTC) from IE — Scanned from DE

Summary HTTP 287 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 61 IPs in 6 countries across 47 domains to perform 287 HTTP transactions. The main IP is 40.114.51.62, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.newser.com. The Cisco Umbrella rank of the primary domain is 226050.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 31st 2020. Valid for: a year.

This is the only time www.newser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	40.114.51.62 40.114.51.62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:46::44 2620:1ec:46::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:bdf::69 2620:1ec:bdf::69	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2600:9000:225... 2600:9000:2250:d200:12:4abd:d340:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2600:9000:223... 2600:9000:223d:ec00:14:2602:6e80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2.21.140.111 2.21.140.111	16625 (AKAMAI-AS) (AKAMAI-AS)
129	2620:1ec:bdf::44 2620:1ec:bdf::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	3.232.242.170 3.232.242.170	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:9e11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 3	44.236.180.40 44.236.180.40	16509 (AMAZON-02) (AMAZON-02)
2	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
1 3	108.157.4.80 108.157.4.80	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:a600:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
2	72.247.226.64 72.247.226.64	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:224... 2600:9000:224a:4800:1a:1459:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:c000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	52.208.32.237 52.208.32.237	16509 (AMAZON-02) (AMAZON-02)
7	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	18.66.109.174 18.66.109.174	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 ^_^) (CDN77 ^_^)
12	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::ac43:8a2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.209.102.28 3.209.102.28	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
17 23	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:1314:397:4325:f0c1	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	18.135.35.213 18.135.35.213	16509 (AMAZON-02) (AMAZON-02)
1 1	3.122.111.84 3.122.111.84	16509 (AMAZON-02) (AMAZON-02)
2	52.222.214.42 52.222.214.42	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1	3.212.89.65 3.212.89.65	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.30.14.23 52.30.14.23	16509 (AMAZON-02) (AMAZON-02)
1	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3 3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
2	3.227.250.175 3.227.250.175	() ()
287	61

4 40.114.51.62 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static1-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::69 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static2-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2250:d200:12:4abd:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:223d:ec00:14:2602:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.21.140.111 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-111.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

129 2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

img2-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img1-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.242.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-242-170.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9e11 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.236.180.40 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-180-40.us-west-2.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.80 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:a600:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.226.64 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-226-64.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:4800:1a:1459:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

config.playwire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:c000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.32.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-32-237.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-109-174.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:8a2c (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.102.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-102-28.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 169.50.137.184 (United States) 17 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:1314:397:4325:f0c1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.135.35.213 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-35-213.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.111.84 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-111-84.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-42.fra56.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.212.89.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-89-65.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.14.23 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.13 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.227.250.175 (None, )

ASN- ()

kinesis.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
138	newser.com www.newser.com — Cisco Umbrella Rank: 226050 static1-azrcdn.newser.com — Cisco Umbrella Rank: 419801 static2-azrcdn.newser.com — Cisco Umbrella Rank: 496082 img2-azrcdn.newser.com — Cisco Umbrella Rank: 311424 img1-azrcdn.newser.com — Cisco Umbrella Rank: 313300 newser.com — Cisco Umbrella Rank: 180658	5 MB
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124	210 KB
25	simpli.fi 17 redirects i.simpli.fi — Cisco Umbrella Rank: 3551 um.simpli.fi — Cisco Umbrella Rank: 745	14 KB
19	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 96 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	236 KB
13	intergi.com cdn.intergi.com — Cisco Umbrella Rank: 3941	201 KB
9	intergient.com cdn.intergient.com — Cisco Umbrella Rank: 4651	145 KB
6	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 324	103 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 281	40 KB
4	exelator.com 1 redirects loadus.exelator.com — Cisco Umbrella Rank: 1333 load77.exelator.com — Cisco Umbrella Rank: 3641 loadm.exelator.com — Cisco Umbrella Rank: 1077	4 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	29 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1501 m.addthis.com — Cisco Umbrella Rank: 1468	217 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 www.googleapis.com — Cisco Umbrella Rank: 35	3 KB
3	moatads.com z.moatads.com — Cisco Umbrella Rank: 361 mb.moatads.com — Cisco Umbrella Rank: 561	77 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 138	2 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 279	18 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 592 syndication.twitter.com — Cisco Umbrella Rank: 844	133 KB
2	amazonaws.com kinesis.us-east-1.amazonaws.com	582 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	75 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 483	1 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 673	1 KB
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2638	525 B
2	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1542
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 442 d.agkn.com — Cisco Umbrella Rank: 529	960 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 419	888 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 389	731 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8028 www.google.de — Cisco Umbrella Rank: 5557	1 KB
2	rddywd.com rddywd.com — Cisco Umbrella Rank: 110063	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	83 KB
2	4dsply.com cdn.engine.4dsply.com — Cisco Umbrella Rank: 19556 engine.4dsply.com — Cisco Umbrella Rank: 19338	59 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1019 pixel.quantserve.com — Cisco Umbrella Rank: 424	10 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	44 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 359	274 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 312	239 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 106	634 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 316	66 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 816	348 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 510	603 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1279	421 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 7146	183 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1120	201 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1758	556 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 898	437 B
1	playwire.com config.playwire.com — Cisco Umbrella Rank: 4008	9 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1277	14 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 3497	253 B
287	47

	Domain	Requested by
71	img1-azrcdn.newser.com	www.newser.com static1-azrcdn.newser.com
58	img2-azrcdn.newser.com	www.newser.com static1-azrcdn.newser.com
23	um.simpli.fi	17 redirects
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.newser.com tpc.googlesyndication.com 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
13	cdn.intergi.com	www.newser.com cdn.intergient.com cdn.intergi.com
12	pagead2.googlesyndication.com	newser.com securepubads.g.doubleclick.net www.newser.com 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	cdn.intergient.com	www.newser.com cdn.intergient.com
7	securepubads.g.doubleclick.net	cdn.intergi.com securepubads.g.doubleclick.net www.newser.com
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com www.newser.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.com	3 redirects www.newser.com tpc.googlesyndication.com
4	c.amazon-adsystem.com	cdn.intergi.com c.amazon-adsystem.com
4	static1-azrcdn.newser.com	www.newser.com
3	www.gstatic.com	3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
3	cm.g.doubleclick.net	3 redirects
3	3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects www.newser.com
3	ssl.google-analytics.com	1 redirects www.newser.com
3	s7.addthis.com	www.newser.com s7.addthis.com
3	fonts.googleapis.com	www.newser.com 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
3	www.newser.com	static1-azrcdn.newser.com
2	kinesis.us-east-1.amazonaws.com	cdn.intergient.com
2	www.googletagservices.com	3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	www.newser.com
2	ib.adnxs.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com
2	pixel.tapad.com	1 redirects
2	eb2.3lift.com	1 redirects
2	rddywd.com	newser.com www.newser.com
2	z.moatads.com	s7.addthis.com cdn.intergient.com
2	i.simpli.fi	www.newser.com i.simpli.fi
2	connect.facebook.net	www.newser.com connect.facebook.net
2	platform.twitter.com	static1-azrcdn.newser.com platform.twitter.com
1	s0.2mdn.net	3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	www.google.de
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	ce.lijit.com
1	stags.bluekai.com
1	sync.bfmio.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	syndication.twitter.com	platform.twitter.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ping.chartbeat.net	www.newser.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	www.googleapis.com	www.newser.com
1	load77.exelator.com	www.newser.com
1	mb.moatads.com	z.moatads.com
1	engine.4dsply.com	cdn.engine.4dsply.com
1	pixel.quantserve.com	www.newser.com
1	stats.g.doubleclick.net	www.newser.com
1	rules.quantcount.com	secure.quantserve.com
1	config.playwire.com	cdn.intergient.com
1	static.chartbeat.com	www.newser.com
1	newser.com	www.newser.com
1	loadus.exelator.com	www.newser.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.engine.4dsply.com	www.newser.com
1	secure.quantserve.com	www.newser.com
1	api.ipify.org	static1-azrcdn.newser.com
1	static2-azrcdn.newser.com	www.newser.com
287	71

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.microsoft.com

Subject Issuer	Validity	Valid
*.newser.com Go Daddy Secure Certificate Authority - G2	`2020-12-31` - `2022-02-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
static1-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-25` - `2022-06-25`	a year	crt.sh
static2-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-24` - `2022-06-24`	a year	crt.sh
cdn.intergient.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
cdn.intergi.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
img2-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-24` - `2022-06-24`	a year	crt.sh
img1-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-25` - `2022-06-25`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
4dsply.com Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-08` - `2022-02-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.playwire.com Amazon	`2021-04-12` - `2022-05-11`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
1605158521.rsc.cdn77.org R3	`2021-12-22` - `2022-03-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-11` - `2022-07-10`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
kinesis.us-east-1.amazonaws.com Amazon	`2021-12-29` - `2022-12-08`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.newser.com/
Frame ID: C28AC8E29BC1D65C3636424550AC58DC
Requests: 230 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.6.33/iframe/iframe.html
Frame ID: A7A2C911B4C2CCB008F9840A4A93B3E5
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 1A11B6F72656F15E3E8C516465B1FC29
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: A286F732FD9BDB80AA1721B5A54C2481
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.newser.com
Frame ID: 206B6C27B897A26C7BB9B2A3D623F2BF
Requests: 2 HTTP requests in this frame

Frame: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8EA41C4C96B611D021CE4171CB4560EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: DEE2CBB5928F5F03D61911B456A4EB13
Requests: 1 HTTP requests in this frame

Frame: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AB5E08847927DABB54659D045D9E02F1
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Frame ID: F456A2C8C51C6EE51633A6351FB62260
Requests: 13 HTTP requests in this frame

Frame: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 75C1E170610D322988742D1BFED6E5DC
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 52CB3A2BF8BB42CF1B435B530322CF1D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 737CE7A7F5631DFC07AD7941DA0A67B6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGIX8s7sBMAE&v=APEucNVtmBwOcxKRjvOve9uOc8UP1OaOPzjMZEH2EDh4KJ3-zL-WQOPx4LZPZXsoWnJysUFh8tJO5nuzCfoc9MKiUK0Cthwc2w
Frame ID: B9FA8ED074B387D549E8594F650AB36C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 53605883FDADB8D168DCDBAEC1F0E545
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 619B3A3680374ABA27C37DE5F792AB98
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2C9D36FD0F065F1FD52F630FD69ACEDF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Newser | Headline News Summaries, World News, and Breaking News

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

287
Requests

92 %
HTTPS

51 %
IPv6

47
Domains

71
Subdomains

61
IPs

6
Countries

6559 kB
Transfer

11087 kB
Size

68
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://itunes.apple.com/us/app/newser/id334678577?mt=8&uo=4

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.newser2

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/store/apps/9NRBJ0VZQX72

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/newser/id334678577?mt=8

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2082919273&utmhn=www.newser.com&utme=8(PWA*ABTesting1*LastRefDomain*OrigRef*UserClassification)9(N*A*direct*direct*P)11(1*3!2*1*1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&utmhid=75894360&utmr=-&utmp=%2F&utmht=1643557794158&utmac=UA-1055596-4&utmcc=__utma%3D116631449.572046423.1643557794.1643557794.1643557794.1%3B%2B__utmz%3D116631449.1643557794.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1304347595&utmredir=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=572046423.1643557794&jid=1304347595&_v=5.7.2&z=2082919273

Request Chain 161

https://sb.scorecardresearch.com/b?c1=2&c2=6035830&ns__t=1643557794226&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1643557794226&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=

Request Chain 211

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&dongle=yf3 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=

Request Chain 212

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=9A303D4DCB984D64A0FA0CAC9DCAB1CB

Request Chain 213

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=9A303D4DCB984D64A0FA0CAC9DCAB1CB HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=9A303D4DCB984D64A0FA0CAC9DCAB1CB

Request Chain 214

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB HTTP 302
https://d.agkn.com/pixel/10751/?che=1643557781&ip=217.64.151.10&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164880204047000341185 HTTP 302
https://um.simpli.fi/aa_px?sk=164880204047000341185

Request Chain 216

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=9A303D4DCB984D64A0FA0CAC9DCAB1CB

Request Chain 219

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=9A303D4DCB984D64A0FA0CAC9DCAB1CB;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=9A303D4DCB984D64A0FA0CAC9DCAB1CB;mimetype=img;sr HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=7520687762043519741

Request Chain 220

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&j=0&xl8blockcheck=1

Request Chain 222

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB

Request Chain 223

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=9A303D4DCB984D64A0FA0CAC9DCAB1CB

Request Chain 224

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=9A303D4DCB984D64A0FA0CAC9DCAB1CB HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=9A303D4DCB984D64A0FA0CAC9DCAB1CB

Request Chain 225

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=9A303D4DCB984D64A0FA0CAC9DCAB1CB

Request Chain 226

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB

Request Chain 227

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1643557795065&cv=7&fst=1643557795065&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=628200627&cv=7&fst=1643557795065&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=o7P2Yff3Bp_V7_UPhNeu8AU&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=628200627&cv=7&fst=1643557795065&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=o7P2Yff3Bp_V7_UPhNeu8AU&cid=CAQSKQCNIrLMJgpEnCw6mIB9jEnLOjuPKLHdPsiRIkJ1Uscmwh4yfGMXvmxp&random=4249242052 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=628200627&cv=7&fst=1643557795065&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=o7P2Yff3Bp_V7_UPhNeu8AU&cid=CAQSKQCNIrLMJgpEnCw6mIB9jEnLOjuPKLHdPsiRIkJ1Uscmwh4yfGMXvmxp&random=4249242052&ipr=y&prhg=0

Request Chain 228

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&__user_check__=1&sync_id=4549f1ff-81e4-11ec-9fe9-1e1d47870206

Request Chain 229

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=9A303D4DCB984D64A0FA0CAC9DCAB1CB HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D9A303D4DCB984D64A0FA0CAC9DCAB1CB

Request Chain 230

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9A303D4DCB984D64A0FA0CAC9DCAB1CB&expires=365

Request Chain 231

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=9A303D4DCB984D64A0FA0CAC9DCAB1CB

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESELXCPxgYE3lshyrFZ-Dlp2I&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9A303D4DCB984D64A0FA0CAC9DCAB1CB HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 264

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 279

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

287 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.newser.com/ 258 KB
70 KB 604ms
297ms Document
text/html 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b59ced8df3736c9ab974d831b1718afe1b29e6e8a2a64f34eb4321aa1a103b01

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 30 Jan 2022 15:48:53 GMT
Vary: Accept-Encoding
Scheme: https
RawURL: /
Date: Sun, 30 Jan 2022 15:49:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
2 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c8e2b63593c31e87391f96f1a9b4b1c19b67966e560256a40cea1ac6c51307b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 15:49:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 15:49:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 15:49:53 GMT

GET
H2 200 stylesheet.ashx
static1-azrcdn.newser.com/stylesheets/20220112_1100/ 131 KB
19 KB 142ms
21ms Stylesheet
text/css 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac95d8cf8cb82ae4d077cb942c54f3a130d83902cd407743a770c6b34c4d98b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:52 GMT
content-encoding: br
x-azure-ref-originshield: 0ZbD1YQAAAACb6xHl0O1qR5VTC3IswPiyQU1TMDRFREdFMTkxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
x-azure-ref: 0obP2YQAAAABGbQ45r0DSRoMEeCwYt4kRRlJBRURHRTEwMjIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/css; charset=utf-8
cache-control: public, max-age=2592000
scheme: https

GET
H2 200 jquery-1.12.4.min.js Show response
static1-azrcdn.newser.com/javascript/20220112_1100/ 114 KB
34 KB 130ms
9ms Script
text/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/jquery-1.12.4.min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:52 GMT
content-encoding: br
last-modified: Fri, 04 Dec 2020 19:36:38 GMT
x-azure-ref-originshield: 0e6P2YQAAAADoS4wVEz2OTouUi08AO6OAQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0obP2YQAAAADTs+F3TA4OSI4IKKr2sv/BRlJBRURHRTEwMjIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 javascript.ashx Show response
static1-azrcdn.newser.com/javascript/20220112_1100/ 209 KB
41 KB 136ms
16ms Script
text/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/javascript.ashx?file=newser.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9464c8837610579e5ac316fc46c1e136c65433f989cf1c6a30c62e840e258348

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:52 GMT
content-encoding: br
x-azure-ref-originshield: 0iY72YQAAAABMSQPdcxRaRKSgXAqactuNQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /javascript/20220112_1100/javascript.ashx?file=newser.js
x-azure-ref: 0obP2YQAAAABxiOSabvVlTJCrVcriHi2FRlJBRURHRTEwMjIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
scheme: https

GET
H2 200 modernizr-custom.js Show response
static2-azrcdn.newser.com/javascript/20220112_1100/ 2 KB
1 KB 37ms
8ms Script
text/javascript 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static2-azrcdn.newser.com/javascript/20220112_1100/modernizr-custom.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 18:04:17 GMT
x-azure-ref-originshield: 0inz2YQAAAAA2lCyUa2gFRYZPkH+ITJ6hQU1TMDRFREdFMTgxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0obP2YQAAAAACHc/tXmgURJpKttirHt8BRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 jcarousel_min.js Show response
static1-azrcdn.newser.com/javascript/20220112_1100/ 18 KB
5 KB 8ms
8ms Script
text/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/jcarousel_min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:52 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 18:04:17 GMT
x-azure-ref-originshield: 0D3H2YQAAAADDrzLT/HGeQoqYk+RKcEsLQU1TMDRFREdFMTkyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0obP2YQAAAAA6jcOIsSHNSZI6JABuZtbRRlJBRURHRTEwMjIAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 ramp.js Show response
cdn.intergient.com/ 139 KB
43 KB 104ms
73ms Script
application/javascript 2600:9000:2250:d200:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/ramp.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a5a55d04b4ac5561544c97f9d552b1e45ecfdab797c37d2b1e5d941b8648c4ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=600, public, must-revalidate
content-encoding: br
x-amz-cf-id: mNS-F9Wainf-Ig_I6j0U85KjjrN1Cc2W_dpr0uODNNl-8WKsf_Qedw==

GET
H2 200 pwnewser.min.js Show response
cdn.intergi.com/pubscripts/newser/ 8 KB
2 KB 26ms
7ms Script
text/javascript 2600:9000:223d:ec00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/pubscripts/newser/pwnewser.min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ec00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 978f69abae4d7fa60114fcea9ee790caa3599e4aa961d630bf8204e8ceb883b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: N4oxotP37Mu.QJ88DREWNl2Vw79VR5j4
content-encoding: br
last-modified: Fri, 10 Dec 2021 17:04:07 GMT
server: AmazonS3
age: 46579
etag: W/"f3e02b370de691b7b5bb3e271dddaf32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 02:53:35 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: EhG0DKzWLKadFaFdQKDy__bHfsAghAQGQq0BQEa-9-fMJBe0vI7KHQ==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 50ms
12ms Script
application/javascript 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-140-111.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sun, 30 Jan 2022 15:49:54 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 Back-Arrow-Button2.png
img2-azrcdn.newser.com/images/header/ 271 B
480 B 47ms
10ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/Back-Arrow-Button2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c0e2de1910c51b9146fec0cc847f64b28a62b86f030e1ea05a7d8b05c130dc9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0NWj2YQAAAAAi3hE4Xnq8QYW5THtXvq84QU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAACnczMKJb+CToFrFluK7BABRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 271

GET
H2 200 logo_white_text4.png
img1-azrcdn.newser.com/images/ 5 KB
5 KB 46ms
9ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/logo_white_text4.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c00e4b444e4089660152f10bb0cf87d45be907756bf33150841afc2f8a69d791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Sat, 08 Aug 2020 15:47:42 GMT
x-azure-ref-originshield: 0xJ32YQAAAACIbhQb2/vSQISXiYgrUmvZQU1TMDRFREdFMTgwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAABcvGdL8ZihR7XF5Xt6s2/kRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5004

GET
H2 200 menu2.png
img1-azrcdn.newser.com/images/header/ 265 B
557 B 114ms
78ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/menu2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0orP2YQAAAABJk/sLFk5xQYlbc7d/qkfcQU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAACFyosn4jM6RZPxHUjid350RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 265

GET
H2 200 next-active.png
img1-azrcdn.newser.com/images/header/ 1 KB
2 KB 45ms
9ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/next-active.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0ZqT2YQAAAABNpLgdeKiPQqczM7/KBXR9QU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAADdLB2jcV+tRr3vslDrumv+RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1304

GET
H2 200 next-inactive.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 50ms
14ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/next-inactive.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0Gqb2YQAAAADIc/INNHjQSo0nS0v0UihRQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAAD9HJM9MoOcQZ9dYHQLv/keRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1096

GET
H2 200 prev-active.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 46ms
10ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/prev-active.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 08GX2YQAAAADE8oMtwFSaS5KPfLxs32kRQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAAAPER1uWr6ZR4EwPXNmz1edRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1295

GET
H2 200 prev-inactive.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 145ms
125ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/prev-inactive.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0orP2YQAAAADVLx0O3mR6QpRpO9S4hz3hQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAABV0zLyfVN4S6pxHs1CZWgZRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1071

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 455ms
113ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/javascript.ashx?file=newser.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF0) /
Resource Hash: aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 15:49:54 GMT
Content-Encoding: gzip
Age: 1289
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29180
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:22:23 GMT
Server: ECS (mil/6CF0)
Etag: "e92bd51c447ba1dbd509a1e23d3a8521+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
253 B 399ms
126ms XHR
application/json 3.232.242.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.232.242.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-242-170.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e9ccd332287bfaea95a1e04ace91e3cffacfe152528b98fcab5ca60fc634f4ea

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newser.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 15:49:54 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newser.com
Connection: keep-alive
Content-Length: 22

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 74ms
24ms Script
text/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2845
date: Sun, 30 Jan 2022 15:02:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sun, 30 Jan 2022 17:02:29 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 70ms
27ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sun, 06 Feb 2022 15:49:54 GMT

GET
H2 200 infinity.js.aspx Show response
cdn.engine.4dsply.com/Scripts/ 180 KB
57 KB 299ms
115ms Script
application/x-javascript 2606:4700::6810:9e11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 247c59dd1937ee82306ec0ce802ab322157aaeca683dffdeb51508c5716e6977

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 167
x-powered-by: ASP.NET
p3p: CP="CAO PSA OUR IND"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 30 Jan 2022 15:47:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=900
cf-ray: 6d5bda55d8f8374f-MXP
expires: Sun, 30 Jan 2022 16:04:54 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 99ms
33ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1be3ecbdae57ca411ab97f5447e69535659b58815f06d4b9790d403f2fc8356b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fqmViVIP6elMr5OLtra8KA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sun, 30 Jan 2022 16:03:46 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: dt6O20TZJTUGEuQ/WpQLc5U3DQDKabUGGUHLZhLe+KPhG0TuAFblcPBh+tQvT6cGSRFrCHeGOAw+IYzmLD8rmQ==
x-fb-trip-id: 2050670934
x-fb-content-md5: 671b8362588a1b85d4f6abd23bb19f81
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 30 Jan 2022 15:49:54 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0b3db4c501e348d0d99bda0e802c3163"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 newsern2.png
img2-azrcdn.newser.com/images/header/ 782 B
1 KB 37ms
8ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/newsern2.png
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3f9ebf128c9383c5fc8f3a73439f0e2dfb997f34318383e554b124e37c319c2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0NWj2YQAAAAABWhExVNaOQLG/NmmUyfqTQU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAACsj2Aii3+XSIYcpQkcO7EjRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 782

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 40ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 338015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 17:56:19 GMT

GET
H2 200 spacer.gif
img1-azrcdn.newser.com/images/ 43 B
295 B 176ms
174ms Image
image/gif 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/spacer.gif
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
last-modified: Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield: 0ELH1YQAAAADpd4D6Y/CYS5NfEVdrytlvQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAAClrBjx9VN+TaqZ2FPtBtVeRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 43

GET
H2 200 Suggest_Icon.png
img1-azrcdn.newser.com/images/ 723 B
956 B 176ms
174ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/Suggest_Icon.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
last-modified: Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref-originshield: 0Gqb2YQAAAABRIGHYE1fSSIccJhzZbKJ7QU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAACel8MRoCTSQL+qNQDKxQFlRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 723

GET
H2 200 Apple.png
img1-azrcdn.newser.com/images/footer/ 511 B
742 B 176ms
174ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/footer/Apple.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0NWj2YQAAAADCsDstPooZR6A8YSDzPlp8QU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAADuKbSBYsnkQIh7aHfHe9iZRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 511

GET
H2 200 Android.png
img1-azrcdn.newser.com/images/footer/ 647 B
855 B 177ms
175ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/footer/Android.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 08o72YQAAAABS3SKfnY2SQqzdUPYxaPSeQU1TMDRFREdFMTkxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAAAl81tFQ21WSK88fa8teBZSRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 647

GET
H2 200 Windows.png
img1-azrcdn.newser.com/images/footer/ 573 B
781 B 177ms
175ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/footer/Windows.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0HKv2YQAAAACgfVI1EoMIT7rGr70TECYdQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAADc/c2L29rmQb49C1mQZOWERlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 573

GET
H2 200 icon-72r2.png
img2-azrcdn.newser.com/images/pwa/ 2 KB
2 KB 139ms
137ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/pwa/icon-72r2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:15 GMT
x-azure-ref-originshield: 08o72YQAAAADOwRUajlqiTI5t7QsxByMiQU1TMDRFREdFMTkyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAADNtOQiYlkqRq5aG2iKu+e5RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2120

GET
H2 200 logo-newser-top.jpg
img2-azrcdn.newser.com/images/ 28 KB
28 KB 74ms
71ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/logo-newser-top.jpg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d8f64ca73c0faaf5d9d1e56252a2d89a23262ea516e7d731adaf5f255d4081a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield: 08GX2YQAAAABDazI5UTrpRpiwNQtl7FAdQU1TMDRFREdFMTkxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAADSFBmeX/RGSpfyQxVohdEMRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 28636

GET
H2 200 Grid_Icon.png
img2-azrcdn.newser.com/images/ 202 B
411 B 181ms
179ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/Grid_Icon.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3b556e6cee32c4b0c80ef893fd00eaea90330b3a127a8dffecabbedaf6aba7c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0orP2YQAAAAALKYT/X79KQrdMMoP+jZ5UQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAACGw0EfQ+bGSIs0PU52YM/xRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 202

GET
H2 200 Popular_Icon.png
img1-azrcdn.newser.com/images/ 1005 B
1 KB 177ms
175ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/Popular_Icon.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 316f775333e0567a2ea23141b96349652855962025964f0ba097c64c06fb639a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
last-modified: Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield: 0DnP2YQAAAAABSVw9pIyMT5ShPZgEaV/rQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAABVOPGEp/S/SL0Upd7En7mYRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1005

GET
H2 200 ny-nurses-accused-of-gaming-vaccination-system-for-cash.jpeg
img2-azrcdn.newser.com/square-image/316293-20220130093555-M/ 49 KB
50 KB 197ms
194ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316293-20220130093555-M/ny-nurses-accused-of-gaming-vaccination-system-for-cash.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 93f0ec34228e9151b334449d32c5d17945e69fcf81c2579da92c11ea892d8927

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0orP2YQAAAACIj1/GqHxQTYTVmNrL5n4QQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316293-20220130093555-M/ny-nurses-accused-of-gaming-vaccination-system-for-cash.jpeg
x-azure-ref: 0orP2YQAAAADI3TqIk8/3QJ8mahktZ+dnRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50533
scheme: https

GET
H2 200 california-city-keeps-name-of-confederate-general.jpeg
img2-azrcdn.newser.com/square-image/316291-20220130092255-M/ 55 KB
55 KB 205ms
202ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316291-20220130092255-M/california-city-keeps-name-of-confederate-general.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 73f0cc9da2374ff54b9647526db4113ab88116b60f6e72ca118cd10b291fae24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0orP2YQAAAAAtUr6OlfeKSKaTMFtk8OUHQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316291-20220130092255-M/california-city-keeps-name-of-confederate-general.jpeg
x-azure-ref: 0orP2YQAAAACZue7G82FaS4xzosO0xuR+RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 56056
scheme: https

GET
H2 200 in-5-hours-and-24-minutes-nadal-does-the-extraordinary.jpeg
img1-azrcdn.newser.com/square-image/316298-20220130085510-M/ 45 KB
45 KB 155ms
152ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316298-20220130085510-M/in-5-hours-and-24-minutes-nadal-does-the-extraordinary.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5d4fdbd46d6083390a561c90d45d68d23843ec3053b58e25fa3cc702a87b2b7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0HKv2YQAAAADzDwCnYQYPQaUTquK8B+GyQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316298-20220130085510-M/in-5-hours-and-24-minutes-nadal-does-the-extraordinary.jpeg
x-azure-ref: 0orP2YQAAAACzWPsyBBx8Q4Hm5+9HnLg2RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45785
scheme: https

GET
H2 200 after-plea-for-assistance-germany-offers-to-send-5k-helmets-to-ukraine.jpeg
img2-azrcdn.newser.com/square-image/316193-20220130082655-M/ 55 KB
55 KB 48ms
44ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316193-20220130082655-M/after-plea-for-assistance-germany-offers-to-send-5k-helmets-to-ukraine.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 134c165adca320e5fe0db5fa155e5bd92a55b44879c0dc3c6b9f0a9fe343d994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0caL2YQAAAAAOVylNCfgkTYhwycQOSvVeQU1TMDRFREdFMTkxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316193-20220130082655-M/after-plea-for-assistance-germany-offers-to-send-5k-helmets-to-ukraine.jpeg
x-azure-ref: 0orP2YQAAAAD6Oqbmjx/wQoyoWGWcfS/wRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 56203
scheme: https

GET
H2 200 man-needing-kidney-willing-to-die-rather-than-get-vaccinated.jpeg
img1-azrcdn.newser.com/square-image/316292-20220130081255-M/ 33 KB
33 KB 168ms
165ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316292-20220130081255-M/man-needing-kidney-willing-to-die-rather-than-get-vaccinated.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 798f04d4f989a6f4062a630a1e1d642749391b9d4d8ec416f6554c0bc3bbf408

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 03J72YQAAAADXiXn8MoMFS6s2yuGx1joMQU1TMDRFREdFMTkxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316292-20220130081255-M/man-needing-kidney-willing-to-die-rather-than-get-vaccinated.jpeg
x-azure-ref: 0orP2YQAAAAAmnl+c0SIxSa4pfWhdNFjYRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 33525
scheme: https

GET
H2 200 a-notorious-cocaine-dealer-vanished-for-a-time.jpeg
img1-azrcdn.newser.com/square-image/316174-20220130091303-M/ 53 KB
54 KB 141ms
138ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316174-20220130091303-M/a-notorious-cocaine-dealer-vanished-for-a-time.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e10b19c837b2c17d7e4b3cb62a9646323d4d0829b88bdb922aa6296dbca9e4cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0HKv2YQAAAAB8Ya+J6AL5Q7Q25O8vxRBWQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316174-20220130091303-M/a-notorious-cocaine-dealer-vanished-for-a-time.jpeg
x-azure-ref: 0orP2YQAAAAA2KhXKDnBtSJFbrwg+Ye0tRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 54700
scheme: https

GET
H2 200 nebraskas-mascot-loses-potentially-problematic-gesture.jpeg
img1-azrcdn.newser.com/square-image/316290-20220130071510-M/ 52 KB
52 KB 128ms
125ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316290-20220130071510-M/nebraskas-mascot-loses-potentially-problematic-gesture.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2dd76b128ad19839d224eb21e2f208e9894bea040b9429bf695eb32d511e6e21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0wZz2YQAAAABzSMEk7L+US5hg9cCrxR4DQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316290-20220130071510-M/nebraskas-mascot-loses-potentially-problematic-gesture.jpeg
x-azure-ref: 0orP2YQAAAACkhKgCcAWXRLX+eFWGx7pgRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 52758
scheme: https

GET
H2 200 mass-casualty-crash-kills-9-in-north-las-vegas.jpeg
img1-azrcdn.newser.com/square-image/316296-20220130064640-M/ 40 KB
41 KB 179ms
176ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316296-20220130064640-M/mass-casualty-crash-kills-9-in-north-las-vegas.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d27516c986b068ec31188f9787d4489255df48361ff089c815b8c2aec5a1bb9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0Hav2YQAAAACusKIYU7LXR5l+JF8LFcuCQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316296-20220130064640-M/mass-casualty-crash-kills-9-in-north-las-vegas.jpeg
x-azure-ref: 0orP2YQAAAAB8I0VvFtwGSpyrGCG1NEb9RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41197
scheme: https

GET
H2 200 governor-invites-critics-to-kiss-his-bulldogs-hiney.jpeg
img2-azrcdn.newser.com/square-image/316249-20220130061956-M/ 52 KB
53 KB 116ms
113ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316249-20220130061956-M/governor-invites-critics-to-kiss-his-bulldogs-hiney.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8cd898214e275702c8334ad5a771326582c3298ddf418760b09b8b6d043289d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0gIT2YQAAAABLwlKwTXycRbL17CtS5BIDQU1TMDRFREdFMTgxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316249-20220130061956-M/governor-invites-critics-to-kiss-his-bulldogs-hiney.jpeg
x-azure-ref: 0orP2YQAAAAA+n6sxBt44SqVhjDW06oZYRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 53749
scheme: https

GET
H2 200 north-korea-tests-missile-its-longest-range-since-2017.jpeg
img1-azrcdn.newser.com/square-image/316288-20220130054956-M/ 41 KB
41 KB 186ms
183ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316288-20220130054956-M/north-korea-tests-missile-its-longest-range-since-2017.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3aaa5c9fc7d99f8a956ca2481a72f36d142246ad42f68d6ba90ac4edb95a7515

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0Gqb2YQAAAADMqHVvMnZATq7Lju/3mXkvQU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316288-20220130054956-M/north-korea-tests-missile-its-longest-range-since-2017.jpeg
x-azure-ref: 0orP2YQAAAADqawwvf/wCTqvXClgM5zicRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41909
scheme: https

GET
H2 200 protest-convoy-reaches-ottawa.jpeg
img1-azrcdn.newser.com/square-image/316286-20220129193112-M/ 45 KB
45 KB 107ms
104ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316286-20220129193112-M/protest-convoy-reaches-ottawa.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bb9b673f70e36909c34e071263c99d8fdade84b1ced55968c3b658ea5c3f0fa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 08Ir2YQAAAADikXXgi8z7ToUuupXDpKeoQU1TMDRFREdFMTgxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316286-20220129193112-M/protest-convoy-reaches-ottawa.jpeg
x-azure-ref: 0orP2YQAAAAAH3pPwy3TcTa6Zxx00uGoNRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 46080
scheme: https

GET
H2 200 irish-fishing-industry-objects-to-russian-navys-plans.jpeg
img2-azrcdn.newser.com/square-image/316169-20220129180520-M/ 52 KB
52 KB 65ms
61ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316169-20220129180520-M/irish-fishing-industry-objects-to-russian-navys-plans.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 41f9fdd28cd3937d5e42d631b42b9779215ffafe8bf13e9472c4583d94265f7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0Gab2YQAAAADGMP54Uwq9Q5InW5DoHRDEQU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316169-20220129180520-M/irish-fishing-industry-objects-to-russian-navys-plans.jpeg
x-azure-ref: 0orP2YQAAAAD6ZV8IGFAPTZhWyLjsgIQhRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 52989
scheme: https

GET
H2 200 ContestsGrid2.png
img1-azrcdn.newser.com/images/contests/ 10 KB
10 KB 195ms
192ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/contests/ContestsGrid2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a67c13f917d49cb6abae4b521e55f61a83da2c4b5ba4393b4e59acc954be1c20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
last-modified: Mon, 01 Nov 2021 21:01:58 GMT
x-azure-ref-originshield: 0Hav2YQAAAAC5AC5Ae+vPSIy73biTzLOOQU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAAD6yckPTRozQYB0d+5QkGaIRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9851

GET
H2 200 raducanu-says-stalker-took-her-freedom.jpeg
img1-azrcdn.newser.com/square-image/316280-20220129180956-M/ 38 KB
38 KB 99ms
96ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316280-20220129180956-M/raducanu-says-stalker-took-her-freedom.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 43a9d053c33ab061ab1cc70ddeebb86270a32c7db64742a1326852d81c0df9e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0eGv2YQAAAACltEHgFluJR4/qTLEW38nGQU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316280-20220129180956-M/raducanu-says-stalker-took-her-freedom.jpeg
x-azure-ref: 0orP2YQAAAADJin8mzwAhQoXNwzvUse78RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 38446
scheme: https

GET
H2 200 russia-delivers-blood-supplies-to-border.jpeg
img1-azrcdn.newser.com/square-image/316260-20220129173956-M/ 59 KB
59 KB 85ms
82ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316260-20220129173956-M/russia-delivers-blood-supplies-to-border.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 059e5a44ec9f8bab93a45cbf617ac529605f99891cfe7f5e9cb19a5b4cf9cdfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 08Ir2YQAAAAD8j1rJ6WxGTZm/qeHMD8veQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316260-20220129173956-M/russia-delivers-blood-supplies-to-border.jpeg
x-azure-ref: 0orP2YQAAAADZnmHUA60RS4AVIbd40yphRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 60296
scheme: https

GET
H2 200 playboy-strongly-supports-hugh-hefner-accusers.jpeg
img2-azrcdn.newser.com/square-image/316123-20220129164056-M/ 54 KB
54 KB 86ms
83ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316123-20220129164056-M/playboy-strongly-supports-hugh-hefner-accusers.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d8396d650599691373314b1cf6fb728df811aba509f8a9bfc0b2499a89da3aab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0eGv2YQAAAABB2oWk7hFDRYlXzhBGxpsiQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316123-20220129164056-M/playboy-strongly-supports-hugh-hefner-accusers.jpeg
x-azure-ref: 0orP2YQAAAACwxi2YN+RCRKY4S+1zZDl3RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55162
scheme: https

GET
H2 200 for-sale-former-cia-black-site.jpeg
img2-azrcdn.newser.com/square-image/316061-20220129163156-M/ 50 KB
51 KB 165ms
163ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316061-20220129163156-M/for-sale-former-cia-black-site.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4a5d81507b6b90d018c7b1ad981d08416582cd454c72a8d93ece700f92f24936

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0caL2YQAAAABQiL1x3+1gRrHIqit9wdDIQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316061-20220129163156-M/for-sale-former-cia-black-site.jpeg
x-azure-ref: 0orP2YQAAAAAwlhvlqg+5S5JTc8A66EzLRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51525
scheme: https

GET
H2 200 9-officers-open-fire-on-man-standing-along-highway.jpeg
img1-azrcdn.newser.com/square-image/316274-20220129175636-M/ 43 KB
43 KB 147ms
144ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316274-20220129175636-M/9-officers-open-fire-on-man-standing-along-highway.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b4fb0434eba77c4e60becbf6a700e1b1f53f8ecc7331a59fb38f1d8771b7efa6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0DnP2YQAAAABIn02eAK9dSbyOHUzAPDTmQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316274-20220129175636-M/9-officers-open-fire-on-man-standing-along-highway.jpeg
x-azure-ref: 0orP2YQAAAABcEi585i8USbYWba0LW3mtRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43839
scheme: https

GET
H2 200 tom-brady-wraps-up-career-with-record-7-super-bowl-titles.jpeg
img2-azrcdn.newser.com/square-image/316285-20220129183408-M/ 54 KB
55 KB 125ms
122ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316285-20220129183408-M/tom-brady-wraps-up-career-with-record-7-super-bowl-titles.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bd51c6d77f3f20cc41d472110d0bde8dbf406f754773eec6103d40bf5c9df0c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0Gab2YQAAAABDUG+VuD8TQJw2C9O2iK+JQU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316285-20220129183408-M/tom-brady-wraps-up-career-with-record-7-super-bowl-titles.jpeg
x-azure-ref: 0orP2YQAAAAAAQC3PkjA7TrR94HWIOPSYRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55518
scheme: https

GET
H2 200 kansas-man-accused-of-threatening-biden.jpeg
img1-azrcdn.newser.com/square-image/316266-20220129144511-M/ 45 KB
45 KB 196ms
194ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316266-20220129144511-M/kansas-man-accused-of-threatening-biden.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 04321424ef276f3762e2cc09dd99a03188d641f3a2cd02d0c8c08b7b95799f24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0caL2YQAAAACQ+h7e7TcCSqjGRf6hy50dQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316266-20220129144511-M/kansas-man-accused-of-threatening-biden.jpeg
x-azure-ref: 0orP2YQAAAAAuvMzn2gMQTJfXlhwtTMa7RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45899
scheme: https

GET
H2 200 china-is-snatching-up-cobalt-thats-where-idaho-comes-in.jpeg
img2-azrcdn.newser.com/square-image/316111-20220129140241-M/ 54 KB
55 KB 159ms
157ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316111-20220129140241-M/china-is-snatching-up-cobalt-thats-where-idaho-comes-in.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 02990729bbbb066fccf5f274626c1f0f7e7edbaeaa2d15451fb7062a7264377b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 08o72YQAAAAAA+2NSrHQzQ4EBEVVBsZZvQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316111-20220129140241-M/china-is-snatching-up-cobalt-thats-where-idaho-comes-in.jpeg
x-azure-ref: 0orP2YQAAAAAD9umPG6HZTIA+ioMgXZkORlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55657
scheme: https

GET
H2 200 mitt-romney-has-covid-will-isolate-at-home.jpeg
img1-azrcdn.newser.com/square-image/316270-20220129133956-M/ 39 KB
40 KB 189ms
186ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316270-20220129133956-M/mitt-romney-has-covid-will-isolate-at-home.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7d900ebc614ac1d2adfe556578ff35cd8ba0b821dbf70aefe901684e22e29008

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0DnP2YQAAAABnqMGt3H4nSZ/CueZwVi86QU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316270-20220129133956-M/mitt-romney-has-covid-will-isolate-at-home.jpeg
x-azure-ref: 0orP2YQAAAAA5NYLLsoaKSKvK/dJihGfoRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40268
scheme: https

GET
H2 200 surgeon-tried-to-sell-bataclan-survivors-x-ray-as-an-nft.jpeg
img2-azrcdn.newser.com/square-image/316035-20220129123556-M/ 39 KB
39 KB 150ms
148ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316035-20220129123556-M/surgeon-tried-to-sell-bataclan-survivors-x-ray-as-an-nft.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0e95603a1b75398990e8e6c8396068f556799d4efcbe58671ddceb1ab5ba0fc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0Hav2YQAAAABtZXaNVeEeSqtdLs/LWRdkQU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316035-20220129123556-M/surgeon-tried-to-sell-bataclan-survivors-x-ray-as-an-nft.jpeg
x-azure-ref: 0orP2YQAAAAAdN4P5uUrTSYigmU2Ai2laRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 39502
scheme: https

GET
H2 200 petition-questions-message-of-f-logo.jpeg
img2-azrcdn.newser.com/square-image/316279-20220129140526-M/ 49 KB
50 KB 102ms
100ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316279-20220129140526-M/petition-questions-message-of-f-logo.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d5ee43ffd22efce6a405cb805a86f3f6c28c7ed9b4a9427a2e10fad69accf2ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0mTj2YQAAAACvnGhn/9TCSqcZ+USMKCKyQU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316279-20220129140526-M/petition-questions-message-of-f-logo.jpeg
x-azure-ref: 0orP2YQAAAABJaOixacAeQoY+RQmQHjlMRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50549
scheme: https

GET
H2 200 college-student-dies-after-exposure-to-sub-zero-temps.jpeg
img2-azrcdn.newser.com/square-image/316267-20220129114126-M/ 50 KB
51 KB 135ms
132ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316267-20220129114126-M/college-student-dies-after-exposure-to-sub-zero-temps.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b889e344c4f8d84fbcb58cea388201a47caaab2ab9fcb6769a01b2152b9304e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0Hav2YQAAAACMNGuAF5fNSIVN7Lq/ZWK5QU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316267-20220129114126-M/college-student-dies-after-exposure-to-sub-zero-temps.jpeg
x-azure-ref: 0orP2YQAAAAAt0uexYAtdSa+xVXWS5L3YRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51652
scheme: https

GET
H2 200 house_grid_iphone.png
img2-azrcdn.newser.com/images/ 16 KB
16 KB 141ms
139ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/house_grid_iphone.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44da54fd69c8966482bc49d3744fff0a7fd944dc2dd5732d9f710da7df4329bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0l3z2YQAAAACmoso1ZY4fToWDxzg7sRY6QU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAAA0uh8A+tgDRbD7S7oWv2bhRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 16207

GET
H2 200 his-brain-ailment-wasnt-cancer-it-was-mold.jpeg
img1-azrcdn.newser.com/square-image/316242-20220129111041-M/ 63 KB
64 KB 179ms
177ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316242-20220129111041-M/his-brain-ailment-wasnt-cancer-it-was-mold.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8db3cdae20a2cc55562a300687c0e6863a51e53c9735457ad313c09f501422c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0caL2YQAAAAAIgBgbEkF2Q4khGe5UZxvnQU1TMDRFREdFMTkxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316242-20220129111041-M/his-brain-ailment-wasnt-cancer-it-was-mold.jpeg
x-azure-ref: 0orP2YQAAAADTF96rK4m+QL2mCbtLNtYfRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 65001
scheme: https

GET
H2 200 britneys-new-message-to-sister-you-are-scum-jamie-lynn.jpeg
img1-azrcdn.newser.com/square-image/316278-20220129105241-M/ 46 KB
46 KB 190ms
188ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316278-20220129105241-M/britneys-new-message-to-sister-you-are-scum-jamie-lynn.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bddc841f91f5c39676abff8eed53be5c5a23cb2fde6051b72caf1b758e487d64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 08Ir2YQAAAABWGSHoqr9ZSpvseGL4JFNFQU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316278-20220129105241-M/britneys-new-message-to-sister-you-are-scum-jamie-lynn.jpeg
x-azure-ref: 0orP2YQAAAABvsK9Qry4ERKrxI441Hv+BRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47198
scheme: https

GET
H2 200 observant-mail-carrier-saves-homeowners-life.jpeg
img1-azrcdn.newser.com/square-image/316264-20220129104345-M/ 44 KB
44 KB 253ms
252ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316264-20220129104345-M/observant-mail-carrier-saves-homeowners-life.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ec80b688833a13ec1a4799e36cfb5d3d3cf8ce76917ad2b36a32cda0e9386c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0orP2YQAAAACFOT4xaL/JQ6JurKkM0jXZQU1TMDRFREdFMTkwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316264-20220129104345-M/observant-mail-carrier-saves-homeowners-life.jpeg
x-azure-ref: 0orP2YQAAAABPN2lCl6o4SIRiDQy/U6x3RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44918
scheme: https

GET
H2 200 major-winter-storm-slams-east-coast.jpeg
img2-azrcdn.newser.com/square-image/316277-20220129094457-M/ 49 KB
49 KB 142ms
140ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316277-20220129094457-M/major-winter-storm-slams-east-coast.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 286e0981e7354c418fc0334ddf4b3b8fb930b623c5b67d41ed1a5bfe6fbaf2c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0caL2YQAAAADdreyioIFXQLWaUk8x6/csQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316277-20220129094457-M/major-winter-storm-slams-east-coast.jpeg
x-azure-ref: 0orP2YQAAAACeMnEZMz1GSJuUiQfVx+LrRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50377
scheme: https

GET
H2 200 joni-mitchell-im-leaving-spotify-too.jpeg
img1-azrcdn.newser.com/square-image/316262-20220129090111-M/ 49 KB
49 KB 197ms
196ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316262-20220129090111-M/joni-mitchell-im-leaving-spotify-too.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ff76febbb198182768c97dc65c99a48194b9f837e8aea60b94c6f9b776e51977

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0eWv2YQAAAABFN114emUwTIp1e/PLLW9rQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316262-20220129090111-M/joni-mitchell-im-leaving-spotify-too.jpeg
x-azure-ref: 0orP2YQAAAAB8sBAOoKS/TqNEFvzuHtfORlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 49982
scheme: https

GET
H2 200 meet-the-great-lost-female-hacker-of-the-1980s.jpeg
img1-azrcdn.newser.com/square-image/316168-20220129083256-M/ 56 KB
56 KB 252ms
251ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316168-20220129083256-M/meet-the-great-lost-female-hacker-of-the-1980s.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fa2f0e9c789e85c558c08a5b84edbc14ebd795915d13987a53032214e8fc3b1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0orP2YQAAAACC7QFFHJbARZuoEIsay+s8QU1TMDRFREdFMTkxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316168-20220129083256-M/meet-the-great-lost-female-hacker-of-the-1980s.jpeg
x-azure-ref: 0orP2YQAAAAAE9+f4/E6uTLmN1OHGR7D2RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 57340
scheme: https

GET
H2 200 stephen-breyer-its-been-a-great-honor.jpeg
img1-azrcdn.newser.com/square-image/316200-20220129081256-M/ 47 KB
48 KB 253ms
252ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316200-20220129081256-M/stephen-breyer-its-been-a-great-honor.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: af9661ddc030cee02bfbd41baf7608e14327ce95a3199e6714dd8d3a12f21c71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0orP2YQAAAADQVd7SD8LQQaD/Civ+r1jUQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316200-20220129081256-M/stephen-breyer-its-been-a-great-honor.jpeg
x-azure-ref: 0orP2YQAAAAAxoVEOVRm7Q7+W9gRF1nnHRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48471
scheme: https

GET
H2 200 dads-life-changing-find-englands-oldest-gold-coin.jpeg
img1-azrcdn.newser.com/square-image/316086-20220129071430-M/ 57 KB
57 KB 37ms
31ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316086-20220129071430-M/dads-life-changing-find-englands-oldest-gold-coin.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 69c11828cc2905f5ddbfd2b0d8f78a685c5b7a3502f5235887a22c91b5da6ee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 08o72YQAAAACcP4i4xeGqQqAvAjtAMdXoQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316086-20220129071430-M/dads-life-changing-find-englands-oldest-gold-coin.jpeg
x-azure-ref: 0orP2YQAAAAB4/ulFvWXFRZhkkUPRwqn3RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 58564
scheme: https

GET
H2 200 aussie-wins-australian-open-for-first-time-in-44-years.jpeg
img2-azrcdn.newser.com/square-image/316273-20220129074411-M/ 40 KB
41 KB 17ms
12ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316273-20220129074411-M/aussie-wins-australian-open-for-first-time-in-44-years.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: da4cf27b9fe0ae190ef96fdbd0d9cc1a69d561ae0172d4d38bf10380d4d33957

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 08Ir2YQAAAAB3hcA38qu/RpOTcf5DBLTcQU1TMDRFREdFMTkxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316273-20220129074411-M/aussie-wins-australian-open-for-first-time-in-44-years.jpeg
x-azure-ref: 0orP2YQAAAADOTSCqdniBRrQ9T57v0nqjRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41332
scheme: https

GET
H2 200 this-nation-kept-covid-out-now-a-state-of-disaster.jpeg
img2-azrcdn.newser.com/square-image/316269-20220129085739-M/ 45 KB
45 KB 30ms
24ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316269-20220129085739-M/this-nation-kept-covid-out-now-a-state-of-disaster.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cd894fd0d07d985171809c5a1bc653a3388ced6b2e32a44e53c63fc1ea30cec9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0jC72YQAAAABZ9Yt0ZFn3SZZmprI7b5KzQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316269-20220129085739-M/this-nation-kept-covid-out-now-a-state-of-disaster.jpeg
x-azure-ref: 0orP2YQAAAAB4EtqojBcxQZfY5UvXOhbZRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45569
scheme: https

GET
H2 200 joe-exotic-wants-your-prayers.jpeg
img2-azrcdn.newser.com/square-image/312977-20220129065556-M/ 45 KB
45 KB 239ms
234ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/312977-20220129065556-M/joe-exotic-wants-your-prayers.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c7dff2266b8de79be9543dc8c2aff1b841cdfd58ac0d59c082d9e6f3db5d43f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0orP2YQAAAABbESbX8BkqSodSH0Zq/obAQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/312977-20220129065556-M/joe-exotic-wants-your-prayers.jpeg
x-azure-ref: 0orP2YQAAAABGYuFvcl46S7cSYdsjoy6bRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45743
scheme: https

GET
H2 200 biden-talks-infrastructure-after-bridge-collapses.jpeg
img2-azrcdn.newser.com/square-image/316259-20220128181740-M/ 53 KB
53 KB 109ms
104ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316259-20220128181740-M/biden-talks-infrastructure-after-bridge-collapses.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a62348491ab317874ea90c67adea37df3ca6ff3c768af7c293c019ebae858d42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0orP2YQAAAAB+Ow7kuO7KTJqvS81Bb5nhQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316259-20220128181740-M/biden-talks-infrastructure-after-bridge-collapses.jpeg
x-azure-ref: 0orP2YQAAAAAQouDkQ57/Trv4iYBz6+VaRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 53805
scheme: https

GET
H2 200 house_grid_rundown.png
img1-azrcdn.newser.com/images/ 5 KB
5 KB 30ms
25ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/house_grid_rundown.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 21349b60e999f29bb11fd1384e57ea43faf7bb39d7822e81c1e30de505663228

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0Gqb2YQAAAAC1ORTdLeMFQ7AU3V2FyHeTQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAADwpJQhSMGHSoB7UUqIMZm7RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5120

GET
H2 200 swastikas-appear-at-dcs-union-station.jpeg
img1-azrcdn.newser.com/square-image/316258-20220128171442-M/ 40 KB
41 KB 22ms
16ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316258-20220128171442-M/swastikas-appear-at-dcs-union-station.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 78df9e9e47f5809e3438e700f53dd96ae52a3751c8b6f15f68c16f98f8aab900

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0Gqb2YQAAAAAS+oKiq7+ATpZ1NWSsTN/OQU1TMDRFREdFMTkxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316258-20220128171442-M/swastikas-appear-at-dcs-union-station.jpeg
x-azure-ref: 0orP2YQAAAABBrw+pGxylTaV1Xd3ftLPYRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41203
scheme: https

GET
H2 200 trial-in-notorious-jewel-heist-gets-underway.jpeg
img1-azrcdn.newser.com/square-image/316236-20220128164327-M/ 46 KB
47 KB 52ms
47ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316236-20220128164327-M/trial-in-notorious-jewel-heist-gets-underway.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4a517e84097a36e411922caf77510661b58ae21755bd2927057916420e0c4dc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0l3z2YQAAAACbPcnc3uGDTrg5cw9RcAn2QU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316236-20220128164327-M/trial-in-notorious-jewel-heist-gets-underway.jpeg
x-azure-ref: 0orP2YQAAAABvPuGa26xqTZ3t6hKfQ1bHRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47615
scheme: https

GET
H2 200 lawsuit-says-chris-brown-raped-woman-aboard-yacht.jpeg
img2-azrcdn.newser.com/square-image/316255-20220128160342-M/ 44 KB
45 KB 39ms
34ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316255-20220128160342-M/lawsuit-says-chris-brown-raped-woman-aboard-yacht.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: da8a4f547b33fd0f6139098d6945e4a4868fcad70204ab34aa4e49bb41a90c01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 08o72YQAAAABq0SI/arfyQpdbHS9tFw0mQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316255-20220128160342-M/lawsuit-says-chris-brown-raped-woman-aboard-yacht.jpeg
x-azure-ref: 0orP2YQAAAADqK/Vbc+AXRLwqvLD49q6xRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45407
scheme: https

GET
H2 200 apples-surge-helps-snap-markets-losing-streak.jpeg
img1-azrcdn.newser.com/square-image/316256-20220128155832-M/ 33 KB
33 KB 64ms
59ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316256-20220128155832-M/apples-surge-helps-snap-markets-losing-streak.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9a1c965417bb6122a80900a20c8fdfb7cf87cd495713c142d93d3c07a64e75cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0caL2YQAAAABWLxlmTjY+TaRV8ntdMNZWQU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316256-20220128155832-M/apples-surge-helps-snap-markets-losing-streak.jpeg
x-azure-ref: 0orP2YQAAAAA763HIhKoeRb7NppX/MX+ORlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 33806
scheme: https

GET
H2 200 terrorists-note-on-doomed-pms-kidnapping-sells-for-big-bucks.jpeg
img2-azrcdn.newser.com/square-image/316221-20220128150542-M/ 54 KB
55 KB 49ms
44ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316221-20220128150542-M/terrorists-note-on-doomed-pms-kidnapping-sells-for-big-bucks.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0629f743a7f2e66a09dbb03908062b6a53a33133525eb19471b930a048e6aa43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 08Ir2YQAAAABrV3fdWLihQZzZ3ZQG5lQSQU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316221-20220128150542-M/terrorists-note-on-doomed-pms-kidnapping-sells-for-big-bucks.jpeg
x-azure-ref: 0orP2YQAAAAARi3Q6LCaXQ6le2qnD7+2rRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55737
scheme: https

GET
H2 200 man-going-to-prison-after-groping-flight-attendant.jpeg
img1-azrcdn.newser.com/square-image/316234-20220128143327-M/ 51 KB
51 KB 130ms
125ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316234-20220128143327-M/man-going-to-prison-after-groping-flight-attendant.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1fa72666b437fd3fc5a9283ad1b7d64ca681f2a4e7508d1de0eaad6e0bf10750

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0orP2YQAAAABlKTSiylEWRI6t79I7KYHGQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316234-20220128143327-M/man-going-to-prison-after-groping-flight-attendant.jpeg
x-azure-ref: 0orP2YQAAAADafytX223eRYzlkjdV+ainRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51945
scheme: https

GET
H2 200 pentagon-pressures-russia-to-walk-away.jpeg
img1-azrcdn.newser.com/square-image/316254-20220128142142-M/ 42 KB
42 KB 52ms
47ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316254-20220128142142-M/pentagon-pressures-russia-to-walk-away.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d4b287e248a1bb66341367e98c58dd2c3ea543ca857717ddb94485a174dcdb63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 08o72YQAAAABF4ovVTwmURIml/787rmydQU1TMDRFREdFMTgxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316254-20220128142142-M/pentagon-pressures-russia-to-walk-away.jpeg
x-azure-ref: 0orP2YQAAAAClW+YUgmu2TI3mlwr876DgRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 42802
scheme: https

GET
H2 200 dad-whose-kids-died-in-flood-charged-with-manslaughter.jpeg
img1-azrcdn.newser.com/square-image/289212-20220128141818-M/ 51 KB
51 KB 75ms
71ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/289212-20220128141818-M/dad-whose-kids-died-in-flood-charged-with-manslaughter.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f807b7652390cbf0f3caef0abc752e93c026cf7d2c46fa8e20b9e3f3a2dfd867

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0DnP2YQAAAADetildTbNyR4yiwxDozuwBQU1TMDRFREdFMTgxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/289212-20220128141818-M/dad-whose-kids-died-in-flood-charged-with-manslaughter.jpeg
x-azure-ref: 0orP2YQAAAACwtA4fBQY3S5WlbjArcWJRRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51822
scheme: https

GET
H2 200 aid-ships-tonga-challenge-no-contact.jpeg
img1-azrcdn.newser.com/square-image/316228-20220128134242-M/ 44 KB
44 KB 90ms
85ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316228-20220128134242-M/aid-ships-tonga-challenge-no-contact.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b427bf3f448caf3677fabce3ccdbfd6b0d832362665297b8c392efec64c6ee4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0caL2YQAAAAAua62LfxvqT6Qn24pdD3vaQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316228-20220128134242-M/aid-ships-tonga-challenge-no-contact.jpeg
x-azure-ref: 0orP2YQAAAABM2kOLvqeAToGUnp/xR+LERlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45118
scheme: https

GET
H2 200 musk-supports-truckers-miffed-at-canadas-vax-mandate.jpeg
img1-azrcdn.newser.com/square-image/316248-20220128133427-M/ 39 KB
40 KB 102ms
98ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316248-20220128133427-M/musk-supports-truckers-miffed-at-canadas-vax-mandate.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 237a4fa7a3bc563cc5806f5d26917eb241fb6f2176fcc094e342c473016cedf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0IGX2YQAAAABeMCFSQNvuQ7lC+LYrxZoQQU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316248-20220128133427-M/musk-supports-truckers-miffed-at-canadas-vax-mandate.jpeg
x-azure-ref: 0orP2YQAAAAA7OcjRrL4eQqCFntS27fe0RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40204
scheme: https

GET
H2 200 city-calls-out-fire-chief-who-nabbed-200k-in-injury-pay.jpeg
img2-azrcdn.newser.com/square-image/316201-20220128140222-M/ 35 KB
36 KB 60ms
55ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316201-20220128140222-M/city-calls-out-fire-chief-who-nabbed-200k-in-injury-pay.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e07fac4323e918dbe03b5112e649861c72aeb3e596ef9acbedeaaec547f529ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0caL2YQAAAACMT8yRf/0OTpSk10DRVwxIQU1TMDRFREdFMTkwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316201-20220128140222-M/city-calls-out-fire-chief-who-nabbed-200k-in-injury-pay.jpeg
x-azure-ref: 0orP2YQAAAABXohxrBwlkQrPzwLgZW8ERRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 36265
scheme: https

GET
H2 200 toyota-working-on-a-moon-car.jpeg
img2-azrcdn.newser.com/square-image/316247-20220128124642-M/ 35 KB
35 KB 65ms
61ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316247-20220128124642-M/toyota-working-on-a-moon-car.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e40d12b256074d2ba43d1e8098a8bc039e3197ce0fd446a5ced2b9234f741d5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0DnP2YQAAAABYmw9UQ24sSpEkSEUCk4E/QU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316247-20220128124642-M/toyota-working-on-a-moon-car.jpeg
x-azure-ref: 0orP2YQAAAAB/jITq4CbvRq1ZxfI5xg9PRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 35631
scheme: https

GET
H2 200 / Show response
loadus.exelator.com/load/ 124 B
506 B 576ms
157ms Script
application/x-javascript 44.236.180.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://loadus.exelator.com/load/?p=320&g=001&c=700151&ctg=home&subctg=&ag=&gd=
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.180.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-180-40.us-west-2.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: 1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
content-type: application/x-javascript;charset=UTF-8
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 dpx.js Show response
i.simpli.fi/ 3 KB
4 KB 131ms
54ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=3056&m=1&referrer=http://www.newser.com

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Sun, 30 Jan 2022 15:49:54 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3095
x-request-id: Fs8XGxV29B5c1mcKPjml
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 abp.png
img2-azrcdn.newser.com/images/ 2 KB
2 KB 68ms
64ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/abp.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref-originshield: 0xZ32YQAAAAD9GO/yC9VFS4YSiQlhOB7hQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAAAavbyy1BGER4F6iyRpPBVyRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1639

GET
H2 200 ubo.png
img2-azrcdn.newser.com/images/ 2 KB
2 KB 68ms
64ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/ubo.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref-originshield: 015f2YQAAAACxXQrEY30wR6p1YX2QsNHCQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAACdW3jtgMh+QK1dwFlV+ArRRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1613

GET
H2 200 ghostery.png
img1-azrcdn.newser.com/images/ 2 KB
2 KB 105ms
101ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/ghostery.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0orP2YQAAAABDcoKhrzBrQ53Un76JaiZMQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAADMojc/8TxlQKKUcTpL+XJPRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1612

GET
H/1.1 200
OK jfYYxHwzsD.js Show response
newser.com/HsF05_E/eTjWmafZYl/Awn/ 13 KB
6 KB 631ms
237ms Script
text/javascript 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://newser.com/HsF05_E/eTjWmafZYl/Awn/jfYYxHwzsD.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 868d77bd718ef455def89186f8a2c4ed9df8cb2e1d38cac13f76281c996d6535

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:49:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
X-Tornado: yes
Content-Length: 5740

GET
H2 200 triangle_white_down.svg
img1-azrcdn.newser.com/images/header/ 618 B
840 B 12ms
9ms Image
image/svg+xml 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/triangle_white_down.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0jC72YQAAAABorklAzfQpR7Hl2nny8R+pQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAACS0d7rZZGMQY3/MLeGgFn+RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 618

GET
H2 200 user_white.svg
img2-azrcdn.newser.com/images/header/ 1 KB
843 B 14ms
10ms Image
image/svg+xml 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/user_white.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0NWj2YQAAAAC8Xa5Df8s9RLMMLOZZefz1QU1TMDRFREdFMTgwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAACepIfhzwLIQ7R45GE/GWOVRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 search_white.svg
img2-azrcdn.newser.com/images/header/ 916 B
1 KB 14ms
11ms Image
image/svg+xml 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/search_white.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 08o72YQAAAADoM+yjpExQRZAhkLpUXmz/QU1TMDRFREdFMTkyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAAC7ioEs+/q7SYqsT2QZgXW+RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 916

GET
H2 200 info-white.png
img2-azrcdn.newser.com/images/header/ 433 B
641 B 15ms
11ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/info-white.png
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0l3z2YQAAAADGTTPUVaL2QacUt6CTcqSdQU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAAAHKLbz28KdQIxwC6r9SJxDRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 433

GET
H2 200 settings2-white.jpg
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 13ms
9ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/settings2-white.jpg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0gJ/2YQAAAAAYaUh422zCSY3UhinH9FqsQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAACOTud0a/WBRJqM7gsDWpaGRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1244

GET
H2 200 newsletter_white.svg
img2-azrcdn.newser.com/images/header/ 912 B
1 KB 14ms
11ms Image
image/svg+xml 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/newsletter_white.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 08Ir2YQAAAABB3pE/6vRYQZmXJf6nIjpoQU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAAAMcSRMewemTY5SWQbH6EhNRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 912

GET
H2 200 calendar_close.png
img1-azrcdn.newser.com/images/ 303 B
534 B 105ms
101ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/calendar_close.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref-originshield: 0aqT2YQAAAABvgwAodQuSQLoLgdG9Vg9JQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAAAqpcefJlXORppA1vLBvkOGRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 303

GET
H2 200 left_month.png
img1-azrcdn.newser.com/images/ 274 B
538 B 105ms
102ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/left_month.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield: 08o72YQAAAADdZ578E7TdTIvOUfkKyM6nQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAAA376XhHI6RQ6K+TOuqK7t3RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 274

GET
H2 200 right_month.png
img2-azrcdn.newser.com/images/ 259 B
491 B 67ms
64ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/right_month.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
last-modified: Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield: 0Hav2YQAAAABtK8JqQLi1T5d04O+h0IwaQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAABn2zuEF2PGS5KN5X4R9jWwRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 259

GET
H/1.1 200
OK controlpage.aspx Show response
www.newser.com/ 83 KB
14 KB 207ms
205ms XHR
text/html 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/controlpage.aspx?control=storysquarecontainer&sectionid=1&SITEPAGENAME=Home&donotshowads=&gridrownum=49&squarewidth=320&squareheight=213&numgridrows=48&numgridcols=1&hardsoft=5&StartDate=&EndDate=&PickADate=&ShowPopular=N&PopularType=None&viewhardsoft=n&ajaxcall=y&autorefreshcall=n&lastrefreshdate=1/30/2022%209:49:53%20AM&firststorypubdate=1/30/2022%209:35:00%20AM&siteid=0&tagid=0&userid=0&taggroupid=0&type=&linkstorytype=&scrollcount=1&displayadsection=home&categoryid=0&channelid=0&ShowGridLeaderboardAds=false&ShowGridMobileAds=false&RenderUserFormat=false&StoryView=G&ShowStats=false&StoryId=0&ShowSimpleListView=True&ShowRolloversOverride=False&IsHeadlineTest=true&URLSubfolder=&Website=D&showipadads=N&ShowGridRepeatingAds=C1,C2,C4&GridFirstAdLocation=0&GridSubsequentAdLocation=0&OnClickOverride=&GridPositioning=&IsMobile=false
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 77c997e2ca9694c65e3ec1cbb1a8c7a82f6fbdfee8d560d36084bedf90e3cca7

Request headers

Accept: text/html
Referer: https://www.newser.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 15:49:53 GMT
Content-Encoding: gzip
max-age: 0
RawURL: /controlpage.aspx?control=storysquarecontainer&sectionid=1&SITEPAGENAME=Home&donotshowads=&gridrownum=49&squarewidth=320&squareheight=213&numgridrows=48&numgridcols=1&hardsoft=5&StartDate=&EndDate=&PickADate=&ShowPopular=N&PopularType=None&viewhardsoft=n&ajaxcall=y&autorefreshcall=n&lastrefreshdate=1/30/2022%209:49:53%20AM&firststorypubdate=1/30/2022%209:35:00%20AM&siteid=0&tagid=0&userid=0&taggroupid=0&type=&linkstorytype=&scrollcount=1&displayadsection=home&categoryid=0&channelid=0&ShowGridLeaderboardAds=false&ShowGridMobileAds=false&RenderUserFormat=false&StoryView=G&ShowStats=false&StoryId=0&ShowSimpleListView=True&ShowRolloversOverride=False&IsHeadlineTest=true&URLSubfolder=&Website=D&showipadads=N&ShowGridRepeatingAds=C1,C2,C4&GridFirstAdLocation=0&GridSubsequentAdLocation=0&OnClickOverride=&GridPositioning=&IsMobile=false
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Content-Length: 13381
Scheme: https

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 120ms
46ms Script
application/javascript 108.157.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 08:25:36 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 41743
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: wXrxDeUbREhBbbBQ4s0gnzBJbLCg6346SPnyJ49vNDpUcO4xAfj4Bg==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 113ms
44ms Script
application/x-javascript 2600:9000:223c:a600:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:a600:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 14:50:12 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 06:48:52 GMT
server: nginx
age: 3582
etag: W/"61f391d4-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 2t9VHJ2Id0C-0YaVC_kEwD9DMsZtBZGYAXiuhA6nXKxp3aY8OIXnlg==
expires: Sun, 30 Jan 2022 16:50:12 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 138ms
53ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: CD83941857724976
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=11469
accept-ranges: bytes
content-length: 948
x-amz-id-2: 0ZTpgIpnUMxQCBXeH9ew/82I9oq7GJ2Gfze78bXzMcqS1BRoWTIwh8fvZ+vN96IwbFGZ6f5C0Hk=

GET
H2 200 videoCard.1451368a7b5e945a3252.js Show response
cdn.intergient.com/pageos/1.6.33/ 551 B
1001 B 39ms
38ms Script
application/javascript 2600:9000:2250:d200:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/videoCard.1451368a7b5e945a3252.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 411626d5e8eb3616fad95e39e91afe59dcfd424b9492c2c43c76a5199dc69768

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 20:00:58 GMT
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 14:32:29 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578741/ctime:1639578741/gid:20/gname:staff/md5:bfb44d87e9e552efe6f335d770ab135a/mode:33188/mtime:1639578741/uid:501/uname:thomascreamer
age: 71337
etag: "bfb44d87e9e552efe6f335d770ab135a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 551
x-amz-cf-id: Wxvd5SF7lKXArbg6RozTHjJFw6WxqN9xz5I2TH0T2WnYZRrGuccFag==

GET
H2 200 batchHandler.cf8da702ed619bc8d371.js Show response
cdn.intergient.com/pageos/1.6.33/ 3 KB
2 KB 39ms
38ms Script
application/javascript 2600:9000:2250:d200:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/batchHandler.cf8da702ed619bc8d371.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ff8684ee0e3acfe08494f09ab05494bc7cc842af6834e3877eb160a949f0c7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 02:45:35 GMT
content-encoding: br
last-modified: Wed, 15 Dec 2021 14:32:24 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578741/ctime:1639578741/gid:20/gname:staff/md5:edd43592b91921f505b47b87a549edb8/mode:33188/mtime:1639578741/uid:501/uname:thomascreamer
age: 47060
etag: W/"edd43592b91921f505b47b87a549edb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: BoZKpnTGlhScd5L1ubJS20voqU0ysoI55udFn0-wPzEGQjtAhNaLtA==

GET
H2 200 banner.json Show response
config.playwire.com/1024100/v2/websites/72343/ 568 KB
9 KB 202ms
44ms XHR
application/json 2600:9000:224a:4800:1a:1459:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.playwire.com/1024100/v2/websites/72343/banner.json
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4800:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: fe443970eb7a49a4749815af2e1002e4b65aac7635a1ea7a92b9ef708e3cac4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 23:18:32 GMT
via: 1.1 vegur, 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
vary: Accept-Encoding
age: 59481
x-cache: Hit from cloudfront
content-encoding: br
server: Cowboy
access-control-max-age: 1728000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: hw-country-code
cache-control: public, max-age=600
hw-country-code: DE
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: tQjEnXEYqKQEZ5FSMN6t6xBEPOdbLzyWgcGokNkCyut2ITc9hKuE6w==

GET
H2 200 moatheader.js Show response
z.moatads.com/playwireprebidheader597261727146/ 214 KB
75 KB 92ms
54ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 714f7ca1e900b9c6cb9e4f395e0c18198004690a6ee756a416a172c2ed9414eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 15:44:49 GMT
server: AmazonS3
x-amz-request-id: 0795258WH5WKK1NJ
etag: "9a60387f389992f2729ab6cb9f623571"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37347
accept-ranges: bytes
content-length: 76469
x-amz-id-2: 9MGlKaUDTWI2SSXeh+Pyjy1UnAv5cC3Fs7rCHR87vygv/NkfMEcB4QjwK2beenPQL9Eqrchar8U=

GET
H2 200 rules-p-8dMeaPxgtnRKk.js Show response
rules.quantcount.com/ 3 B
437 B 144ms
48ms Script
application/javascript 2600:9000:223c:c000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8dMeaPxgtnRKk.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 07:26:04 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
age: 30231
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:13:40 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: s5Tbuh2qnnia--clps9rSxUxHyRhXYfLF4Y6n0jpivwfS0LCnwbKIQ==

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2082919273&utmhn=www.newser.com&utme=8(PWA*ABTesting1*LastRefDomain*OrigRef*UserClassification)9(N*A*direct*direct*P)11(1*3!2*1*...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=572046423.1643557794&jid=1304347595&_v=5.7.2&z=2082919273

35 B
430 B

171ms
49ms

Image
image/gif

2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=572046423.1643557794&jid=1304347595&_v=5.7.2&z=2082919273

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 30 Jan 2022 15:49:54 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:54 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=572046423.1643557794&jid=1304347595&_v=5.7.2&z=2082919273
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 369
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
110 B 60ms
60ms Image
image/gif 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=739935558&utmhn=www.newser.com&utme=8(PWA*ABTesting1*LastRefDomain*OrigRef*UserClassification)9(N*A*direct*direct*P)11(1*3!2*1*1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&utmhid=75894360&utmr=-&utmp=%2F&utmht=1643557794171&utmac=UA-1055596-9&utmcc=__utma%3D116631449.572046423.1643557794.1643557794.1643557794.1%3B%2B__utmz%3D116631449.1643557794.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1932783492&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 94ms
49ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1f70bd487935938cbc930fe03f210b36

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

658032138bb2e1a026be5f4f3bc8923d522b2aa591175b7887f5bdb6caae4cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.newser.com/
Origin: https://www.newser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tx5AFCbYmbL9ZHCi/yMGUg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82045
x-fb-rlafr: 0
x-fb-debug: dMgBJJAdcJE80b3/foVv9c1i7OCSQaOuLW7DUJP6CQ7N3+bS8qPrJ3wrza5oL63OYub4Z/iKTgithYDclJI1eQ==
x-fb-content-md5: ac1b71973ad04c2e6cf035b8b684fcbc
x-frame-options: DENY
date: Sun, 30 Jan 2022 15:49:54 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c657ac27941ebcdb7336758b7045d61c"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 30 Jan 2023 15:32:25 GMT

GET
H2 200 aws-sdk-kinesis.min.js Show response
cdn.intergient.com/pageos/js/libs/ 227 KB
67 KB 95ms
94ms Script
text/javascript 2600:9000:2250:d200:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.6.33/batchHandler.cf8da702ed619bc8d371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 01:37:30 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 13:03:16 GMT
server: AmazonS3
age: 51235
etag: W/"dd4723e36a9cd5d1d04946ad79b9dfe6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: HolXpNZPbXNC9Ny1oSmuGiNjt_5uQA_16rCnF8ICYD3EJ2AypLFZmQ==

GET
H2 200 just-shy-of-2-texas-boy-saves-family-from-fire.jpeg
img2-azrcdn.newser.com/square-image/316231-20220128121027-M/ 40 KB
40 KB 48ms
36ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316231-20220128121027-M/just-shy-of-2-texas-boy-saves-family-from-fire.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c14bc74eb84a60374cafb46143c0b2ea118ce9622b75c12cd7196fc129cd8a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 05rH1YQAAAADNPcEgDepCRZ1IHdbthqm3QU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316231-20220128121027-M/just-shy-of-2-texas-boy-saves-family-from-fire.jpeg
x-azure-ref: 0orP2YQAAAACUeYe6O6YISYQ5fguqFL9mRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40990
scheme: https

GET
H2 200 beware-east-coast-here-comes-kenan.jpeg
img2-azrcdn.newser.com/square-image/316245-20220128115012-M/ 44 KB
45 KB 54ms
38ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316245-20220128115012-M/beware-east-coast-here-comes-kenan.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0b7fd6d5e58c021a19ea46b59a1f91f7596fe7e5df982282a2f3a70b3e35638c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0mTj2YQAAAAANVsKsqk8PT6xXQxy9L3SGQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316245-20220128115012-M/beware-east-coast-here-comes-kenan.jpeg
x-azure-ref: 0orP2YQAAAAAqCPJE2VVOSrSd+zUfkuZ6RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45413
scheme: https

GET
H2 200 domain-name-shift-may-have-leaked-teams-new-name.jpeg
img2-azrcdn.newser.com/square-image/316241-20220128112612-M/ 51 KB
51 KB 65ms
50ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316241-20220128112612-M/domain-name-shift-may-have-leaked-teams-new-name.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9da3111da1b3998343d9494f461bc6d38b46947e5651ad71e5c455f9713f7cb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0caL2YQAAAACxgK/18+ThSojuYRC/fA1xQU1TMDRFREdFMTkxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316241-20220128112612-M/domain-name-shift-may-have-leaked-teams-new-name.jpeg
x-azure-ref: 0orP2YQAAAABkXd3FE/g3SLpRp75fvZwtRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51728
scheme: https

GET
H2 200 green-gaiter-bandit-wanted-in-string-of-bank-robberies.jpeg
img1-azrcdn.newser.com/square-image/316246-20220128111827-M/ 40 KB
41 KB 279ms
262ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316246-20220128111827-M/green-gaiter-bandit-wanted-in-string-of-bank-robberies.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3740532989eefa6c15895ca294973e460770de8e660850efc95cd560d817a1bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0orP2YQAAAADSF1CB8JowRbXo+RFIqhD7QU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316246-20220128111827-M/green-gaiter-bandit-wanted-in-string-of-bank-robberies.jpeg
x-azure-ref: 0orP2YQAAAACn0Ddc/PiBRKrDXWqRc5VJRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41258
scheme: https

GET
H2 200 heres-how-the-major-us-airlines-rank.jpeg
img1-azrcdn.newser.com/square-image/316240-20220128103927-M/ 43 KB
43 KB 92ms
75ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316240-20220128103927-M/heres-how-the-major-us-airlines-rank.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d97e795abc94a584e788c78eaa25a21d61935d7d514fa04655ddadd8e0a44896

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0cqL2YQAAAABeVWUsBQinQpk/TKf332ACQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316240-20220128103927-M/heres-how-the-major-us-airlines-rank.jpeg
x-azure-ref: 0orP2YQAAAACNfKBTDNizQ42Eda3AwQc9RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43611
scheme: https

GET
H2 200 bloodthirsty-attack-leaves-dog-walker-with-horrific-injuries.jpeg
img2-azrcdn.newser.com/square-image/316235-20220128101942-M/ 52 KB
52 KB 60ms
45ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316235-20220128101942-M/bloodthirsty-attack-leaves-dog-walker-with-horrific-injuries.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8eef6ec74a5d580cc3f8147131f97094fed7507ad69b79c23fc74f7bde66f421

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0cqL2YQAAAACsipPQTgA5QKSmUdO6HjXJQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316235-20220128101942-M/bloodthirsty-attack-leaves-dog-walker-with-horrific-injuries.jpeg
x-azure-ref: 0orP2YQAAAAAjNQNe1zecTKZTGUkxwdOpRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 53149
scheme: https

GET
H2 200 guy-claims-he-broke-a-world-record-a-week-in-2021.jpeg
img1-azrcdn.newser.com/square-image/316220-20220128100427-M/ 47 KB
48 KB 92ms
76ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316220-20220128100427-M/guy-claims-he-broke-a-world-record-a-week-in-2021.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ca7cd2a4608296a9ff32e81e120d27a5a37a77f7e67079efba169b43a8743ea2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0Hqv2YQAAAABZo6puHM9tQpynS7ag0DgrQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316220-20220128100427-M/guy-claims-he-broke-a-world-record-a-week-in-2021.jpeg
x-azure-ref: 0orP2YQAAAAC4ts4/m/Z2RpyhCP0TU8w9RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48326
scheme: https

GET
H2 200 key-inflation-gauge-hasnt-risen-this-much-since-1982.jpeg
img2-azrcdn.newser.com/square-image/316243-20220128094127-M/ 45 KB
45 KB 115ms
98ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316243-20220128094127-M/key-inflation-gauge-hasnt-risen-this-much-since-1982.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9d5019bd2fae955cf530cf7f1a6d48a40595abadfa86a956c118b2c97e9d4779

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0cqL2YQAAAAAZ1AjCEGBlRL+7Ois/83u8QU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316243-20220128094127-M/key-inflation-gauge-hasnt-risen-this-much-since-1982.jpeg
x-azure-ref: 0orP2YQAAAAAhqA2pK5yvQLuzE2S3IsntRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45739
scheme: https

GET
H2 200 10-hurt-as-bridge-collapses-in-pittsburgh.jpeg
img1-azrcdn.newser.com/square-image/316238-20220128092010-M/ 56 KB
57 KB 282ms
267ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316238-20220128092010-M/10-hurt-as-bridge-collapses-in-pittsburgh.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 65db3d75c61bd51568b39a016efa0cb90f3df0514fcfb6ca65c83892d66e1691

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0orP2YQAAAABek1ZNkhW8TYgrACqe+jtAQU1TMDRFREdFMTgwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316238-20220128092010-M/10-hurt-as-bridge-collapses-in-pittsburgh.jpeg
x-azure-ref: 0orP2YQAAAABsA/jVmbtwR6/LY9cdTcICRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 57676
scheme: https

GET
H2 200 anti-maskers-cause-10-day-shutdown-at-kids-museum.jpeg
img1-azrcdn.newser.com/square-image/316230-20220128085212-M/ 38 KB
38 KB 288ms
273ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316230-20220128085212-M/anti-maskers-cause-10-day-shutdown-at-kids-museum.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 97dde2799af977e4004e45c29b84b8be9b26ed417ef708b702b34af287ff254d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0orP2YQAAAAA/Td5vXCrFSYh2V0pnW2i+QU1TMDRFREdFMTgxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316230-20220128085212-M/anti-maskers-cause-10-day-shutdown-at-kids-museum.jpeg
x-azure-ref: 0orP2YQAAAABR/NJqCxsfRojZa8ulFgd7RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 39032
scheme: https

GET
H2 200 father-to-bes-shooting-death-called-a-modern-day-lynching.jpeg
img1-azrcdn.newser.com/square-image/316232-20220128082827-M/ 40 KB
40 KB 120ms
105ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316232-20220128082827-M/father-to-bes-shooting-death-called-a-modern-day-lynching.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c0d8c7a6bf76c57da334c1b75724fbb20f592e5040c9088779bc21ed33b177a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0eWv2YQAAAADiU4+RZ/+WT7YqLdFXbYTPQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316232-20220128082827-M/father-to-bes-shooting-death-called-a-modern-day-lynching.jpeg
x-azure-ref: 0orP2YQAAAACyIESMkQR8RJO+OzgVLvweRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40473
scheme: https

GET
H2 200 scientists-rogan-podcast-now-spouting-climate-anti-science.jpeg
img1-azrcdn.newser.com/square-image/316222-20220128081142-M/ 36 KB
36 KB 125ms
111ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316222-20220128081142-M/scientists-rogan-podcast-now-spouting-climate-anti-science.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 23248ff4b7464d9f03a44d8ca0738f1c418f0e002b3431a33eb78da15eea8d03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0D3P2YQAAAAAjypR6yHKtT5cmPJy1LwnTQU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316222-20220128081142-M/scientists-rogan-podcast-now-spouting-climate-anti-science.jpeg
x-azure-ref: 0orP2YQAAAACmxAAsm0W9RKl9GVSRLpr5RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 36458
scheme: https

GET
H2 200 america-now-has-a-first-cat.jpeg
img2-azrcdn.newser.com/square-image/316229-20220128075857-M/ 40 KB
41 KB 113ms
98ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316229-20220128075857-M/america-now-has-a-first-cat.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e4ad92e954944eac3807c7f50b2c213d8ddc2bc8a1324ed8986a733d4196e94a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0Hqv2YQAAAACjj6rPfbkwTrF4DhYAnWbUQU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316229-20220128075857-M/america-now-has-a-first-cat.jpeg
x-azure-ref: 0orP2YQAAAAAFpFbWxLyvS7zhWVLm20w0RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41446
scheme: https

GET
H2 200 theres-something-weird-about-djokovics-covid-test.jpeg
img2-azrcdn.newser.com/square-image/316233-20220128072957-M/ 49 KB
50 KB 116ms
100ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316233-20220128072957-M/theres-something-weird-about-djokovics-covid-test.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 49f8584d1d0dbff1c1347ad1db13ef74f8edd89e3f6ccdb5636e3c7b0ca8ea6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 08Ir2YQAAAACW8zStwX/2RpE0hWJP5zDzQU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316233-20220128072957-M/theres-something-weird-about-djokovics-covid-test.jpeg
x-azure-ref: 0orP2YQAAAADrxsbwpe1OSouqpZA8fXUtRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50474
scheme: https

GET
H2 200 stormy-daniels-michael-avenatti-clash-in-court.jpeg
img2-azrcdn.newser.com/square-image/316217-20220128071557-M/ 57 KB
57 KB 147ms
132ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316217-20220128071557-M/stormy-daniels-michael-avenatti-clash-in-court.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0c82e3739d9fd652c6ac2d8a3745d4a35fbd7a9277b0ef2b2885c1db030c3cb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0eWv2YQAAAAD5Qs5VRZe/S6cOWn9eM1fiQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316217-20220128071557-M/stormy-daniels-michael-avenatti-clash-in-court.jpeg
x-azure-ref: 0orP2YQAAAAAJdHnjNb3sR6DN8bUyIzGNRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 57975
scheme: https

GET
H2 200 race-for-sunken-f35-is-hunt-for-red-october-meets-the-abyss.jpeg
img2-azrcdn.newser.com/square-image/316215-20220128060457-M/ 54 KB
55 KB 142ms
127ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316215-20220128060457-M/race-for-sunken-f35-is-hunt-for-red-october-meets-the-abyss.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a162db4d4ec665954b0c34e7fdec5dc2c7f1f42b54072683b5d5cccfcaf3b11d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0cqL2YQAAAADVpe6cD2oiQbahjQea7nmnQU1TMDRFREdFMTkxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316215-20220128060457-M/race-for-sunken-f35-is-hunt-for-red-october-meets-the-abyss.jpeg
x-azure-ref: 0orP2YQAAAADO7lIIok+SQKOOnRBkXL1uRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55613
scheme: https

GET
H2 200 4-including-baby-freeze-to-death-in-attempt-to-enter-us.jpeg
img1-azrcdn.newser.com/square-image/315928-20220128053209-M/ 54 KB
55 KB 168ms
152ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/315928-20220128053209-M/4-including-baby-freeze-to-death-in-attempt-to-enter-us.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bf93cf51f40cdffc7e84c2267d234704d29fe9941fd22a738c0fea22f221f82b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0D3P2YQAAAADXOLulZ96PQoPN0i4B8FOnQU1TMDRFREdFMTgxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/315928-20220128053209-M/4-including-baby-freeze-to-death-in-attempt-to-enter-us.jpeg
x-azure-ref: 0orP2YQAAAAArrRY5Rey1SK4mrmuZbON5RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55527
scheme: https

GET
H2 200 evangeline-lilly-says-she-was-at-rfk-jr-anti-vax-rally.jpeg
img1-azrcdn.newser.com/square-image/316218-20220128053740-M/ 42 KB
42 KB 159ms
144ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316218-20220128053740-M/evangeline-lilly-says-she-was-at-rfk-jr-anti-vax-rally.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4e5703b23d96dbffc24fa6f316bad0cfc3d8221f487d45fdbeceb8b26c85b14b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0Gqb2YQAAAAA5wOVtgr36TIFtoY3C/y69QU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316218-20220128053740-M/evangeline-lilly-says-she-was-at-rfk-jr-anti-vax-rally.jpeg
x-azure-ref: 0orP2YQAAAADtS7+nxkbgQLqPdb/14TMSRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43151
scheme: https

GET
H2 200 alabama-inmate-executed-after-scotus-clears-way.jpeg
img1-azrcdn.newser.com/square-image/316224-20220128054042-M/ 47 KB
48 KB 163ms
148ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316224-20220128054042-M/alabama-inmate-executed-after-scotus-clears-way.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8b38afb8226ce92ae65edd3bb8011a83628178ca577ef4a2148f0c99a1d80e4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 08472YQAAAACEMfrFn5eXRb/IOcVNUf8yQU1TMDRFREdFMTgxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316224-20220128054042-M/alabama-inmate-executed-after-scotus-clears-way.jpeg
x-azure-ref: 0orP2YQAAAADEHl3Y0g+TRayEDBR/pBs5RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48492
scheme: https

GET
H2 200 michael-madsen-loses-26-year-old-son-hudson.jpeg
img2-azrcdn.newser.com/square-image/316107-20220128024457-M/ 45 KB
45 KB 151ms
137ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316107-20220128024457-M/michael-madsen-loses-26-year-old-son-hudson.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4e7fc8052650e22f03ac26e86cb617119d57ec5d3198b8559e3cf433b279e99f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 08Ir2YQAAAAAlTrYqNcodTYFKraZ2edVsQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316107-20220128024457-M/michael-madsen-loses-26-year-old-son-hudson.jpeg
x-azure-ref: 0orP2YQAAAAChUe8RTfRZSI4oM4JHa5SdRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45803
scheme: https

GET
H2 200 bills-want-couple-prosecuted-over-allegedly-fake-vaccine-cards.jpeg
img2-azrcdn.newser.com/square-image/316223-20220128021458-M/ 70 KB
70 KB 115ms
101ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316223-20220128021458-M/bills-want-couple-prosecuted-over-allegedly-fake-vaccine-cards.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 594deea2cdcf15cb176a4cf6bcfb074ba22cc55c698833db25a8ac30d5ede92c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0mzj2YQAAAADAyRLwbhg4RIFFjr6k/IL2QU1TMDRFREdFMTgxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316223-20220128021458-M/bills-want-couple-prosecuted-over-allegedly-fake-vaccine-cards.jpeg
x-azure-ref: 0orP2YQAAAAD2z3acb46FQ6/nejtFyedKRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 71283
scheme: https

GET
H2 200 judge-hands-green-advocates-big-win-on-offshore-drilling.jpeg
img2-azrcdn.newser.com/square-image/316225-20220128052934-M/ 42 KB
42 KB 219ms
205ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316225-20220128052934-M/judge-hands-green-advocates-big-win-on-offshore-drilling.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c3a99bb651bce59ca498c2c9c97290408da53d49dc917232ed4a0dadf10a57e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0orP2YQAAAACU0xbgdxdrQJlzr7DQFgReQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316225-20220128052934-M/judge-hands-green-advocates-big-win-on-offshore-drilling.jpeg
x-azure-ref: 0orP2YQAAAACavi5CxKILRa4CdQyJdp6iRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 42934
scheme: https

GET
H2 200 6th-victim-added-to-tally-of-1970s-doodler-serial-killer.jpeg
img2-azrcdn.newser.com/square-image/316219-20220128080349-M/ 42 KB
43 KB 113ms
99ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316219-20220128080349-M/6th-victim-added-to-tally-of-1970s-doodler-serial-killer.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f414033c9b93d7223d3651dc723bf66c6c368d2a6616f4500b300e805efc4419

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 057H1YQAAAABitU4ljD5eQKoVWu9GO332QU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316219-20220128080349-M/6th-victim-added-to-tally-of-1970s-doodler-serial-killer.jpeg
x-azure-ref: 0orP2YQAAAACJu4fQHjIVQ6ZGJckKd+hCRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43501
scheme: https

GET
H2 200 ukraine-hears-discouraging-assessments.jpeg
img1-azrcdn.newser.com/square-image/316212-20220127201058-M/ 54 KB
54 KB 133ms
119ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316212-20220127201058-M/ukraine-hears-discouraging-assessments.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bc779eca15675ccd4bf6aa23f0e6d04638f805f346d46092add71be913fa621d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 08472YQAAAAAuxgdGxsCbTaSHRwETiengQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316212-20220127201058-M/ukraine-hears-discouraging-assessments.jpeg
x-azure-ref: 0orP2YQAAAACPiBVLu+rWTJo4cCbj1paORlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55344
scheme: https

GET
H2 200 house_grid_morning.png
img1-azrcdn.newser.com/images/ 33 KB
34 KB 126ms
112ms Image
image/png 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/house_grid_morning.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 185b7539076b9f8d807c5740180aac4e2a4b3bc2912b4e9485950ccddb4cb39e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0Gqb2YQAAAAAMy0iaXiIbSYdhUyH5Y82wQU1TMDRFREdFMTkwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 0orP2YQAAAAAsR85l7Gr2TrGWbAMYK23IRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 34113

GET
H2 200 chiefs-fans-honor-bills-by-donating-to-hospital.jpeg
img2-azrcdn.newser.com/square-image/316209-20220128044834-M/ 43 KB
43 KB 244ms
230ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316209-20220128044834-M/chiefs-fans-honor-bills-by-donating-to-hospital.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cba00eeef256b0662dfe41916464ddbd5c1b30f701e8373b760e0cbaf425c98e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0orP2YQAAAABzwwJRtjpVS5uUE3ea1hixQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316209-20220128044834-M/chiefs-fans-honor-bills-by-donating-to-hospital.jpeg
x-azure-ref: 0orP2YQAAAABSMZjLybXWSZKVZKxiFEVeRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44210
scheme: https

GET
H2 200 after-testing-positive-palin-causes-a-stir-at-restaurants.jpeg
img1-azrcdn.newser.com/square-image/316206-20220127184443-M/ 37 KB
37 KB 129ms
115ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316206-20220127184443-M/after-testing-positive-palin-causes-a-stir-at-restaurants.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 51b3d1a2d7433f93d0cd3dfcf5838e7221e07329c4806adc9d860e788a17d4fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 08Ir2YQAAAACP2WZqlvC3Rrg8ngdAgRv2QU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316206-20220127184443-M/after-testing-positive-palin-causes-a-stir-at-restaurants.jpeg
x-azure-ref: 0orP2YQAAAADMBdE3wmNAT6gveoGflx8eRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 38086
scheme: https

GET
H2 200 gunfire-hits-bushs-car-without-her-in-it.jpeg
img2-azrcdn.newser.com/square-image/316207-20220127181358-M/ 40 KB
41 KB 174ms
159ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316207-20220127181358-M/gunfire-hits-bushs-car-without-her-in-it.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dd93a97df4a101c9d0b60d1e6ab6ce5a33c8e00b10d4f2f0fdba7554faffd73b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0Gab2YQAAAADvX1Ykig0tT46/t8zbdWUNQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316207-20220127181358-M/gunfire-hits-bushs-car-without-her-in-it.jpeg
x-azure-ref: 0orP2YQAAAAD7jb/6BvCHRaQc5bWKygBNRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41320
scheme: https

GET
H2 200 schools-sends-errant-you-won-a-scholarship-notices.jpeg
img1-azrcdn.newser.com/square-image/316204-20220127175358-M/ 58 KB
58 KB 224ms
210ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316204-20220127175358-M/schools-sends-errant-you-won-a-scholarship-notices.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a5e0a2f44a9b19aab51c0429ab10594535ded41e004c5dc2ebdcf022b84b1944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0IGX2YQAAAACXsAw7apIiRaI2dOufXRFmQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316204-20220127175358-M/schools-sends-errant-you-won-a-scholarship-notices.jpeg
x-azure-ref: 0orP2YQAAAABMOO4vaIKwR6WYtIYycHyMRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 59134
scheme: https

GET
H2 200 one-joke-crypto-coin-begets-another.jpeg
img2-azrcdn.newser.com/square-image/316205-20220127172128-M/ 40 KB
41 KB 184ms
170ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316205-20220127172128-M/one-joke-crypto-coin-begets-another.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9dd77e07919ca643d4e7976497fda21e4484c64936e15b54ad6c348257af48f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 00UL2YQAAAAAbK8kfBGvmQ5YyF52N8+qLQU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316205-20220127172128-M/one-joke-crypto-coin-begets-another.jpeg
x-azure-ref: 0orP2YQAAAACnNRR+tWE/RrbNHyGjlFv5RlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41423
scheme: https

GET
H2 200 rally-fades-as-reality-on-interest-rates-sinks-in.jpeg
img2-azrcdn.newser.com/square-image/316211-20220127170358-M/ 48 KB
48 KB 177ms
163ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316211-20220127170358-M/rally-fades-as-reality-on-interest-rates-sinks-in.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ee860898fcc938895b1b12a278cb8f997f65b23214b102ba2c42738a028f1a17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0wZz2YQAAAAAzIl3oDLLNRr6d+EUEDYtrQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316211-20220127170358-M/rally-fades-as-reality-on-interest-rates-sinks-in.jpeg
x-azure-ref: 0orP2YQAAAAC1JmiPl5uXQJL+Yz5XJLmDRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48934
scheme: https

GET
H2 200 its-an-obamacare-enrollment-record.jpeg
img1-azrcdn.newser.com/square-image/316182-20220129052210-M/ 46 KB
46 KB 203ms
190ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316182-20220129052210-M/its-an-obamacare-enrollment-record.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 486ab000e859d030da7f768b4c96401d995b79f5b8620eefaafcc2cfcbdd057c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0wZz2YQAAAAAVVyf3jmZBRb02pj0Za+LLQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316182-20220129052210-M/its-an-obamacare-enrollment-record.jpeg
x-azure-ref: 0orP2YQAAAAD9y91dXDMORKsGhZfTDHmyRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47293
scheme: https

GET
H2 200 coast-guard-nears-end-of-search-for-migrants.jpeg
img1-azrcdn.newser.com/square-image/316210-20220127160813-M/ 40 KB
41 KB 194ms
181ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316210-20220127160813-M/coast-guard-nears-end-of-search-for-migrants.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0d06df2e703c6ea6489fa19139cfd5f375495183c4145762127dfb5208f2540d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0Gqb2YQAAAAAi2fjtF0LFRrMjEfPTmZpaQU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316210-20220127160813-M/coast-guard-nears-end-of-search-for-migrants.jpeg
x-azure-ref: 0orP2YQAAAAB3tFfY6fk6QoyWCxZ1x4qvRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41337
scheme: https

GET
H2 200 salary-of-nyc-mayors-brother-is-cut-from-210k-to-1.jpeg
img1-azrcdn.newser.com/square-image/316208-20220127151543-M/ 55 KB
56 KB 292ms
279ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316208-20220127151543-M/salary-of-nyc-mayors-brother-is-cut-from-210k-to-1.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1b38f2172e240cd582d97f048c5e8cb35554e3c405d03fa229b4e82c3f01438a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0orP2YQAAAADh4icV5xBsTpbxbf5j1ahGQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316208-20220127151543-M/salary-of-nyc-mayors-brother-is-cut-from-210k-to-1.jpeg
x-azure-ref: 0orP2YQAAAACOLvWobXiBQLGUMnrrsjAvRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 56760
scheme: https

GET
H2 200 twin-of-man-jailed-for-murder-since-03-i-did-it.jpeg
img2-azrcdn.newser.com/square-image/231609-20220127144758-M/ 43 KB
44 KB 202ms
188ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/231609-20220127144758-M/twin-of-man-jailed-for-murder-since-03-i-did-it.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9769b09b9532fb94b22909364ad7ab7dc2683f4575ef1ee606cb3a6db73748f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 057H1YQAAAADBNfvFP4YAQYcmbg+Bt/0VQU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/231609-20220127144758-M/twin-of-man-jailed-for-murder-since-03-i-did-it.jpeg
x-azure-ref: 0orP2YQAAAAAySCEvd1tdT4dxmMeXD3wPRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44477
scheme: https

GET
H2 200 mellow-methuselah-is-worlds-oldest-aquarium-fish.jpeg
img2-azrcdn.newser.com/square-image/316183-20220127142458-M/ 38 KB
38 KB 207ms
193ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316183-20220127142458-M/mellow-methuselah-is-worlds-oldest-aquarium-fish.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4e7305acb88ef6d07c54958cfa21ab76ce94e637678140ac4abf5ebc3ae76a92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 08Ir2YQAAAADAJoQnoJeIS5A5q0EElf4iQU1TMDRFREdFMTgxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316183-20220127142458-M/mellow-methuselah-is-worlds-oldest-aquarium-fish.jpeg
x-azure-ref: 0orP2YQAAAAAat8K40b2uQbwx+M+Bp3CxRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 38731
scheme: https

GET
H2 200 dont-expect-big-fight-over-pick-for-supreme-court.jpeg
img1-azrcdn.newser.com/square-image/316184-20220127135658-M/ 46 KB
46 KB 197ms
186ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316184-20220127135658-M/dont-expect-big-fight-over-pick-for-supreme-court.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3bbf185a378e69925f774e6d5844a9884d37561698c585cc9b748cea127c2c2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0mHz2YQAAAABkyDOct8MVRa5EcH5LU24OQU1TMDRFREdFMTkxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316184-20220127135658-M/dont-expect-big-fight-over-pick-for-supreme-court.jpeg
x-azure-ref: 0orP2YQAAAACAlO7Fjwe7QYJtRojrz/IIRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47185
scheme: https

GET
H2 200 janet-jackson-addresses-old-secret-baby-rumors.jpeg
img2-azrcdn.newser.com/square-image/316199-20220127130913-M/ 37 KB
37 KB 210ms
197ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316199-20220127130913-M/janet-jackson-addresses-old-secret-baby-rumors.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3ff1c2b22a22f605896511bca1355785ea2ed61d904a4220c49da9112008fc0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 08472YQAAAAC6B5CFcs6KSb/3urEDc3fLQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316199-20220127130913-M/janet-jackson-addresses-old-secret-baby-rumors.jpeg
x-azure-ref: 0orP2YQAAAABYj6mSNwpSTowtywi54HzpRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 37467
scheme: https

GET
H2 200 strange-case-of-teens-gym-mat-death-reopened.jpeg
img2-azrcdn.newser.com/square-image/303499-20220127124428-M/ 51 KB
51 KB 179ms
167ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/303499-20220127124428-M/strange-case-of-teens-gym-mat-death-reopened.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d7996ae15bbdf9fa23302679f82c6341f27dcbf3709e6d033c3e3f3ae7876b24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0eWv2YQAAAAAsi17+96QsT4l7DrL4knxwQU1TMDRFREdFMTkxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/303499-20220127124428-M/strange-case-of-teens-gym-mat-death-reopened.jpeg
x-azure-ref: 0orP2YQAAAADJ+Y7f0BaYSbFFtm9U55wDRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51754
scheme: https

GET
H2 200 he-found-his-parents-via-social-media-then-tragedy.jpeg
img1-azrcdn.newser.com/square-image/316158-20220127114913-M/ 43 KB
43 KB 188ms
177ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316158-20220127114913-M/he-found-his-parents-via-social-media-then-tragedy.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4d51312ee5a72f1a96b6b5dc7c3bad427a65c0cab8812e49bb40018919232f67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0D3P2YQAAAACGKVvmjR/eT7Gd8sczuLnNQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316158-20220127114913-M/he-found-his-parents-via-social-media-then-tragedy.jpeg
x-azure-ref: 0orP2YQAAAAC3PKWuE15cTLVzohLGQBoERlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43902
scheme: https

GET
H2 200 in-our-galactic-backyard-signals-never-seen-before.jpeg
img1-azrcdn.newser.com/square-image/316156-20220127114511-M/ 38 KB
38 KB 184ms
173ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316156-20220127114511-M/in-our-galactic-backyard-signals-never-seen-before.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 50bd57f4bdc1ee6ea9a3457cd38b3c0cb3f8293230f579da45e43fb5d66d5fca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 08Ir2YQAAAACi2nPHEDxKQ7XNkqoXDSOBQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316156-20220127114511-M/in-our-galactic-backyard-signals-never-seen-before.jpeg
x-azure-ref: 0orP2YQAAAAAgIqGYHPBRT6FpzjPZl22vRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 39025
scheme: https

GET
H2 200 tenn-school-board-bans-holocaust-graphic-novel.jpeg
img2-azrcdn.newser.com/square-image/316187-20220127111058-M/ 44 KB
44 KB 244ms
232ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316187-20220127111058-M/tenn-school-board-bans-holocaust-graphic-novel.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8c853ed75b7345b3d2d9f5af9fb56be87fef7bcf2863f8836345ec318396758d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0eWv2YQAAAAArSR944wbKS5TeMjZrSH2vQU1TMDRFREdFMTgxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316187-20220127111058-M/tenn-school-board-bans-holocaust-graphic-novel.jpeg
x-azure-ref: 0orP2YQAAAADR3dC7cLrMRLbW2+bie+jLRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44902
scheme: https

GET
H2 200 guy-who-jumped-from-plane-allegedly-smoked-a-lot-of-meth.jpeg
img2-azrcdn.newser.com/square-image/307971-20220127110745-M/ 43 KB
43 KB 248ms
236ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307971-20220127110745-M/guy-who-jumped-from-plane-allegedly-smoked-a-lot-of-meth.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4aa42d7442c394096d40efad6d8d533232c025738083b5c07b34691696888dd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 0eWv2YQAAAAAP7DLGzq5YRqDaixDZF5XkQU1TMDRFREdFMTkxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307971-20220127110745-M/guy-who-jumped-from-plane-allegedly-smoked-a-lot-of-meth.jpeg
x-azure-ref: 0orP2YQAAAABno5vwDKrbTKwvnEXJy2roRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43826
scheme: https

GET
H2 200 ben-roethlisberger-retires-after-18-years-in-nfl.jpeg
img2-azrcdn.newser.com/square-image/316195-20220127101843-M/ 47 KB
47 KB 251ms
240ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316195-20220127101843-M/ben-roethlisberger-retires-after-18-years-in-nfl.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 41fa061fd8a72f16e9eee21d78b071c6bca68ddc63ca4df9588986ecc62dae28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:53 GMT
x-azure-ref-originshield: 08Ir2YQAAAACBh1FGIjyhSYkY4WkhDTMjQU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316195-20220127101843-M/ben-roethlisberger-retires-after-18-years-in-nfl.jpeg
x-azure-ref: 0orP2YQAAAABa3WKNGNmhQLiktZ1cO35HRlJBRURHRTEwMjEAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47983
scheme: https

GET
H2 200 hiker-falls-700-feet-trying-to-snap-midnight-selfie.jpeg
img1-azrcdn.newser.com/square-image/316188-20220127095758-M/ 61 KB
62 KB 255ms
246ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316188-20220127095758-M/hiker-falls-700-feet-trying-to-snap-midnight-selfie.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c86dd20594d0c4ac6874b84f72ca727f390e0c2948807088a789ddaf38ea5f07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0cqL2YQAAAAArCvdH1bvIRaoFUQtAqsqmQU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316188-20220127095758-M/hiker-falls-700-feet-trying-to-snap-midnight-selfie.jpeg
x-azure-ref: 0orP2YQAAAABtA69FYskeSLqgkZ+K9mnERlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 62787
scheme: https

GET
H2 200 man-in-camp-auschwitz-shirt-has-been-arrested.jpeg
img1-azrcdn.newser.com/square-image/301272-20220128011039-M/ 48 KB
49 KB 234ms
224ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/301272-20220128011039-M/man-in-camp-auschwitz-shirt-has-been-arrested.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 04230c3031ba7b616cd9f7c720d87023387dd16cf74c56188edc2049de753bc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0IGX2YQAAAACgn5LZQgJkTp1tcOstVbbrQU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/301272-20220128011039-M/man-in-camp-auschwitz-shirt-has-been-arrested.jpeg
x-azure-ref: 0orP2YQAAAABK0w3L6t2dT4nxdR+8NYIkRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 49660
scheme: https

GET
H2 200 statue-of-kobe-gianna-unveiled-at-crash-site.jpeg
img1-azrcdn.newser.com/square-image/316190-20220127092143-M/ 45 KB
45 KB 229ms
220ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316190-20220127092143-M/statue-of-kobe-gianna-unveiled-at-crash-site.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1794ce66c6f7b83e3a027cc5b104ad113159a32529a70e3380d47f6e09dbfff5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 08Ir2YQAAAAASfU1t3lEqRqZUGFYeCo6UQU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316190-20220127092143-M/statue-of-kobe-gianna-unveiled-at-crash-site.jpeg
x-azure-ref: 0orP2YQAAAAAYsqFKnhoySajEArHCHSmzRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45898
scheme: https

GET
H2 200 us-economy-grew-in-2021-at-fastest-pace-since-reagan-years.jpeg
img1-azrcdn.newser.com/square-image/316192-20220127085258-M/ 50 KB
51 KB 261ms
250ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316192-20220127085258-M/us-economy-grew-in-2021-at-fastest-pace-since-reagan-years.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 034b0077589cb2fdf5f045f587740877d385374de54fb733c7626bb1119a67ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 08472YQAAAAAtmewS9qkhRbl8VVxn3V48QU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316192-20220127085258-M/us-economy-grew-in-2021-at-fastest-pace-since-reagan-years.jpeg
x-azure-ref: 0orP2YQAAAABKD7NkZf5RRY+PUt3HK4BgRlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51467
scheme: https

GET
H2 200 texas-man-arrested-in-connection-with-synagogue-standoff.jpeg
img1-azrcdn.newser.com/square-image/316166-20220127084058-M/ 59 KB
59 KB 283ms
273ms Image
image/jpeg 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316166-20220127084058-M/texas-man-arrested-in-connection-with-synagogue-standoff.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4475d2347dac904117a6f94f0c6ae4de9c7c022f44731afa213e4ea9ae86c0a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
x-azure-ref-originshield: 0orP2YQAAAADw3YonCY/iTJkLCYOZuH+HQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316166-20220127084058-M/texas-man-arrested-in-connection-with-synagogue-standoff.jpeg
x-azure-ref: 0orP2YQAAAAARwDQWGZO2TY5EKoANWkX4RlJBRURHRTEwMTYAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_REMOTE_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 59992
scheme: https

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035830&ns__t=1643557794226&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1643557794226&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2...

0
225 B

45ms
45ms

Image
text/plain

108.157.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1643557794226&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Server: 108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: g_EUBlLtokCS1PHWccWW9Y1VZr-eLBrHpWZeoVqK33ukK1JNe2ehYQ==
x-cache: Miss from cloudfront

Redirect headers

date: Sun, 30 Jan 2022 15:49:54 GMT
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1643557794226&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=
content-length: 241
x-amz-cf-id: xjgneirPEqaUKFJpNZwbh-DIUqHGn4xN7fBDtXe5WK2qAPE8F2u5Sg==

GET
H2 200 pixel;r=1706360361;rf=0;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=1;fpa=P0-101518974-1643557794287;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=newser.co...
pixel.quantserve.com/ 35 B
371 B 49ms
47ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1706360361;rf=0;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=1;fpa=P0-101518974-1643557794287;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=newser.com;je=0;sr=1600x1200x24;dst=0;et=1643557794287;tzo=0;ogl=

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 Tag.engine Show response
engine.4dsply.com/ 2 KB
2 KB 248ms
248ms Script
application/json 2606:4700::6810:9e11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.4dsply.com/Tag.engine?time=0&id=7f1a7287-2f7e-4f83-800d-06bd711ee14e&rand=8135&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.newser.com%2F&kw=
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c95057e6d5bba1023fddc1946001723435dd163fec996823f5dcf2fbaa01cee1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: private, no-transform
cf-ray: 6d5bda56cb0d374f-MXP
content-type: application/json; charset=utf-8

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 439 B
615 B 154ms
46ms Script
text/html 52.208.32.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-D%2BAlZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-mg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.newser.com%2F&pcode=playwireprebidheader597261727146&rx=697472743975&callback=MoatNadoAllJsonpRequest_54981935
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.32.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-32-237.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 9a92ec3f2d9cab561e7a65d28f9f8e94480c49d12f108df905075fbe6854f8db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "778e5b79a838d35a6d34df73c4a8d86ef19b1894"
content-length: 439
content-type: text/html; charset=UTF-8

GET
H2 200 vendors~gdpr.f92225b828d740c7c57f.js Show response
cdn.intergient.com/pageos/1.6.33/ 65 KB
17 KB 40ms
39ms Script
application/javascript 2600:9000:2250:d200:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/vendors~gdpr.f92225b828d740c7c57f.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a87d4c2682d10f0750f0e1142e25fce055f0ae596c7a277bbaf2427ddae146bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 18:09:14 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 14:32:29 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578741/ctime:1639578741/gid:20/gname:staff/md5:9b5e3fdd31d877679a5666fe44299ea9/mode:33188/mtime:1639578741/uid:501/uname:thomascreamer
age: 134391
etag: W/"9b5e3fdd31d877679a5666fe44299ea9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: jyTQxNj7KlIAfyitym7MS2vE61GxC_w1sSktRP2uvC7HEjJbJgCF6Q==

GET
H2 200 gdpr.c3cd42c3b61853b20836.js Show response
cdn.intergient.com/pageos/1.6.33/ 9 KB
3 KB 40ms
39ms Script
application/javascript 2600:9000:2250:d200:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/gdpr.c3cd42c3b61853b20836.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5aefa167c7b8f3305b610d93f3a198818ade815d5f9150df9fbedf00b34b705a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 03:06:36 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 14:32:28 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578741/ctime:1639578741/gid:20/gname:staff/md5:b8e305f83486f7ae9d609860bb488fd6/mode:33188/mtime:1639578741/uid:501/uname:thomascreamer
age: 45799
etag: W/"b8e305f83486f7ae9d609860bb488fd6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: dkdfbBZX_uhXPUYZl8x1omONqnz_P4maDeu4-r40PwrzXhQQfJJj2Q==

GET
H2 200 iframe.html Show response
cdn.intergient.com/pageos/1.6.33/iframe/ Frame A7A2 542 B
984 B 10ms
9ms Document
text/html 2600:9000:2250:d200:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/iframe/iframe.html
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6147bd9ef55a8d63dc00d57f9bbf6aa9577e5baff33b6a0e11242b1ee588294

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

content-type: text/html
content-length: 542
last-modified: Wed, 15 Dec 2021 14:32:28 GMT
x-amz-meta-s3cmd-attrs: atime:1639578738/ctime:1639578738/gid:20/gname:staff/md5:bbee404d3593d86503e44f89a385794c/mode:33188/mtime:1639578738/uid:501/uname:thomascreamer
accept-ranges: bytes
server: AmazonS3
date: Sun, 30 Jan 2022 02:42:19 GMT
etag: "bbee404d3593d86503e44f89a385794c"
x-cache: Hit from cloudfront
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: AG9lVhRGV-ySsLTn8FXOwkVMxVswflQe9rWbFJXPwODN6OeYnivcOQ==
age: 47490

GET
H2 200 stickyVideo.cb12701cdcec7f559c8b.js Show response
cdn.intergient.com/pageos/1.6.33/ 10 KB
4 KB 11ms
10ms Script
application/javascript 2600:9000:2250:d200:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/stickyVideo.cb12701cdcec7f559c8b.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13aff0812c49276fdb1ef2b2292b396ce5e3325a7c13e9582212577d2f0ce975

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 03:20:46 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 14:32:29 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578741/ctime:1639578741/gid:20/gname:staff/md5:ec2da3bd6d30c123d732f4b65cb1f2df/mode:33188/mtime:1639578741/uid:501/uname:thomascreamer
age: 47259
etag: W/"ec2da3bd6d30c123d732f4b65cb1f2df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: 6Mdz1n0gpd01AVpJawvKiUKWljwLOdamcsfQPF7YbSUbRRAYO6JPFg==

GET
H2 200 tyche.js Show response
cdn.intergi.com/hera/releases/4.4.29/ 1 KB
976 B 9ms
9ms Script
application/javascript 2600:9000:223d:ec00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ec00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e755eee43bcdcb69b3f7b2dbff081a9af26e9da32c92ec2f175ac0efe0f51423

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 0qxthXTXeoc5PRlEsFiNVKZOVGERs_w6
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:395fd1c8bfff848b8f9889b4fb81cc09/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 35451
etag: W/"395fd1c8bfff848b8f9889b4fb81cc09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 05:59:03 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: FvXFzqhHmTIv3SY6vFkyzuNCnlXLhwyq80OpUizMh2rFPvILretZdQ==

GET
H2 200 runtime.eb7abf17bcce520541c8.js Show response
cdn.intergi.com/hera/releases/4.4.29/ 2 KB
2 KB 7ms
6ms Script
application/javascript 2600:9000:223d:ec00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/runtime.eb7abf17bcce520541c8.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ec00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8f20718bcf79ae5797599afb4e59612f2bb75334dc8d40aa8a56d21417ac73c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: nsHome9btOvv.SKdK3Rpl_8W8qit3rOP
content-encoding: br
last-modified: Tue, 25 Jan 2022 21:03:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:471e1f82e1db56b5f90638c4e15c5280/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 36798
etag: W/"471e1f82e1db56b5f90638c4e15c5280"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 05:36:37 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: cCx1L56vFaQtUWVaSPRJI-2-fFlzViGvjyQj7fFrSqt5mx8gl1CRGg==

GET
H2 200 npm.core-js.ffb4b0a70697fbafb4fe.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 24 KB
9 KB 8ms
7ms Script
application/javascript 2600:9000:223d:ec00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.core-js.ffb4b0a70697fbafb4fe.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ec00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb0da9c5679e4e04fe036c10e42d93ed5a9a3a8f632db1cfdcdf6352ee4ff789

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: GHlCKVDIBfBStDhRzJSZKeqjiBt8htMF
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:804f5a4d76247f98873a77739d825de0/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 51726
etag: W/"804f5a4d76247f98873a77739d825de0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 14:04:21 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: 4Ly3QlSmcvpqxZ658qPYd4FevexUFRvWBSu7q2D51y2_ffADrgmQJg==

GET
H2 200 npm.babel.e42d14b31536f4c718ea.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 2 KB
1 KB 8ms
7ms Script
application/javascript 2600:9000:223d:ec00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.babel.e42d14b31536f4c718ea.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ec00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f33f6446320fb034227d51337ec86a0f263cb1ed53e4275cae2fb55b322504cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: z3_tSBHIn0fzmcblAfWrNkzzM7z0jySj
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:f3bb19c23da5015c288c890ccb181355/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 40193
etag: W/"f3bb19c23da5015c288c890ccb181355"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 04:40:01 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: B8WtjictJlahx79LR7f0g6TX3jjgKCayVk6kBieUOiXyGoHolNTknw==

GET
H2 200 npm.lodash.922cd3f43a34caef1c38.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 3 KB
2 KB 8ms
7ms Script
application/javascript 2600:9000:223d:ec00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.lodash.922cd3f43a34caef1c38.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ec00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2cddcc76dd7b01e07130b647637c2c81f27ab4a0214973a010e712813f311138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: ddE0OhkjsnffGGVdrfYcFTUAmSPYT4n0
content-encoding: br
last-modified: Tue, 25 Jan 2022 21:03:39 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:0c61d46da45d9ab039a485d6e9e04701/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 36798
etag: W/"0c61d46da45d9ab039a485d6e9e04701"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 05:36:37 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: qj62w06u5gZ9vZtXWFJ08AvN9hac1FbSXs-4mKL4Q8OB4lTyLr7DfQ==

GET
H2 200 npm.intersection-observer.8aa2efdfa26796cda0fc.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 9 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:223d:ec00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.intersection-observer.8aa2efdfa26796cda0fc.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ec00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e990f8a7023db06444f9552e7bde007060d0e1e86b72ae845f24471bce3339e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 8VyNV.luapStoTkHzHDTrT_DHzWs1.kH
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:2be2cdb69171257c85e47d90ae2f6b2f/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 37294
etag: W/"2be2cdb69171257c85e47d90ae2f6b2f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 05:28:21 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: iavFCBXZXIWAmCY4qUjuBV8RQQ-trEV9CMJrNat67_lO5bvGYaVRQA==

GET
H2 200 npm.process.940d3a7ac2b6ed08f335.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 2 KB
1 KB 8ms
7ms Script
application/javascript 2600:9000:223d:ec00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.process.940d3a7ac2b6ed08f335.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ec00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5122ba93a9303c1dd09b760b3195122db1beef3b3d673b2274ec5ff2e8512ad1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: ASdNZtyXCyog2RHiR_n3fHyqimVVVUBO
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:39 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:c3f55d7eac6bd8289f3c5184e9fd1118/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 49652
etag: W/"c3f55d7eac6bd8289f3c5184e9fd1118"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 02:02:22 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: -lwf97oVigTV7DEGP9RLRmViG4wez7ntIK9AgrQchLOUxJs_yR2Lhw==

GET
H2 200 npm.webpack.1e0f2b4c3cee24713006.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 231 B
718 B 8ms
8ms Script
application/javascript 2600:9000:223d:ec00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.webpack.1e0f2b4c3cee24713006.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ec00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bed31c2062d8bcd1167d1be160c5d65dbf8b1ea2a75fe7f91a5396fe71e51cc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: HbzQivus2B4S.Fxidin0LQ7upfj1Sh9h
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jan 2022 21:03:39 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:436272b3faaa8c97115625bc8504abbf/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 36794
etag: "436272b3faaa8c97115625bc8504abbf"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 30 Jan 2022 05:36:41 GMT
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 231
x-amz-cf-id: WaAGlEfQU2m4A2R2VXh8e_QPzaQiVHWR5tvsR1GJgdTXWO2XKuNadg==

GET
H2 200 lib-main.aa0becec495b9d9b6de4.js Show response
cdn.intergi.com/hera/releases/4.4.29/lib/ 4 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:223d:ec00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/lib/lib-main.aa0becec495b9d9b6de4.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ec00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5347c78f51c7cf4a4e84d4be12317338a93ff8da7df24519360728769e48a91b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 5jFob_TgduaPlHTsFdJOT6O3LAhV7BRF
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:30 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:4f9983efbe731c3569545c1c49d9a965/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 49162
etag: W/"4f9983efbe731c3569545c1c49d9a965"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 02:10:33 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: RCGAbsCL3GkdVXOodv4L5OdSdS5PTlW1akLzk36AML1Z3B4LsoFV_g==

GET
H2 200 main.3b43c80328deaa9a5b3e.js Show response
cdn.intergi.com/hera/releases/4.4.29/ 101 KB
30 KB 11ms
10ms Script
application/javascript 2600:9000:223d:ec00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/main.3b43c80328deaa9a5b3e.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ec00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23130a986b2d780260ca7295774432d7c5ee94cf277a8052a136b910b05f120e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: nQbStFD0ZKksS3LkjA_aMNGxhaRs5E8v
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:31 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:aebdf745bda3a8d0841a0fc45c877fe8/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 41852
etag: W/"aebdf745bda3a8d0841a0fc45c877fe8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 04:12:23 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: OXjiqRgtvhO4U24w_wUse1vkf7Eb8SLxCF_hrAxQD-MM8yhBOnedEA==

GET
H2 200 lib.55782284870bfbbd6c84.js Show response
cdn.intergi.com/hera/releases/4.4.29/lib/ 138 B
628 B 12ms
12ms Script
application/javascript 2600:9000:223d:ec00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/lib/lib.55782284870bfbbd6c84.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ec00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94360a6ab3ea5a75cb34a06ef2ff905d7ea0a7dc43eefcff9b6f90e737fa4e41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: mxAZFLZqBALnmIchlVccFp46LdnVBg4k
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jan 2022 21:03:30 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:64d609d6dc753b7c1abf5d5d2b095aa1/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 35321
etag: "64d609d6dc753b7c1abf5d5d2b095aa1"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 30 Jan 2022 06:01:14 GMT
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 138
x-amz-cf-id: 8qb8cWEh6NXkYbF5DAAiW2UcZRdYhx3lwsj7fFzsnUwZyHP0oAMAwA==

GET
H2 200 iframe.js Show response
cdn.intergient.com/pageos/1.6.33/iframe/ Frame A7A2 18 KB
7 KB 7ms
7ms Script
application/javascript 2600:9000:2250:d200:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/iframe/iframe.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.6.33/iframe/iframe.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d200:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba7d96e96816ad55477d28aa986a4a867c7531d2168feb5066585dd94195743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.intergient.com/pageos/1.6.33/iframe/iframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 03:52:06 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 14:32:28 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578738/ctime:1639578738/gid:20/gname:staff/md5:288ed62918bdae27ff8a6aa679b002bb/mode:33188/mtime:1639578738/uid:501/uname:thomascreamer
age: 43069
etag: W/"288ed62918bdae27ff8a6aa679b002bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: 9RPnk-yFy4nHk-h5yRR5_-wcgkaMzos33AauwjFHvFxI77puhRrY1g==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 45ms
19ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/main.3b43c80328deaa9a5b3e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

380e14fb281d1d8fc0b4bbf0601d448942501f3581085c07bc373aec1adefdf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27097
x-xss-protection: 0
server: sffe
etag: "1117 / 641 of 1000 / last-modified: 1643411190"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 30 Jan 2022 15:49:54 GMT

GET
H2 200 prebid.js Show response
cdn.intergi.com/prebid/ 549 KB
145 KB 7ms
7ms Script
text/javascript 2600:9000:223d:ec00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/prebid/prebid.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ec00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be045d5a8274db64724bbb9a8c2846e2247c17ec9ea7e13f2a319dde7626ec8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: LSF1tThV78k3KjASeXY49GwSspH8LIVR
content-encoding: br
last-modified: Wed, 15 Dec 2021 17:37:45 GMT
server: AmazonS3
age: 45283
etag: W/"d1d699f254dc61269af62c40328a924d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 03:15:12 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: 7WGMVXQ4gHd1g7ouCIJ-DB-Ucc4lKbrFiHI0eU7ZIsrwNzCBGctPaw==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 32ms
15ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/main.3b43c80328deaa9a5b3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding: gzip
etag: 8d3665a9b316600491247ca6d78c204c
age: 462
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0BYKPC23MJBH7X3GSMQP
date: Sun, 30 Jan 2022 15:42:20 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: qjCkezymP_NGgx2x3jRm5-maRHsnFJcrLaYcy905kKYnAaOayQ0TaA==

GET
H2 200 pixel.gif
load77.exelator.com/ 43 B
334 B 65ms
15ms Image
image/gif 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1rzVqbmX/y0cNAA==
x-accel-expires: @1643724247
date: Sun, 30 Jan 2022 15:49:54 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: Az1oR0oB5HU=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 870347
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

GET
H3 200 pubads_impl_2022012501.js Show response
securepubads.g.doubleclick.net/gpt/ 354 KB
119 KB 48ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

346e6776ffc7796ca15034c67c043bad204bb5295a56186d04625aa7b7985748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2368
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122264
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 09:35:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 30 Jan 2023 15:10:26 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 34ms
8ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 02:10:32 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 49163
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: zF-o2fORirhPLsKYksR20i2xpc5pWdfko9iLTHV7vETfwo-AEQzRQw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 67ms
33ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newser.com
URL: https://newser.com/HsF05_E/eTjWmafZYl/Awn/jfYYxHwzsD.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2e978b977e1df195c0172ea1e1a1e2271890f7ed292b799e20a414fd42acb33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52056
x-xss-protection: 0
server: cafe
etag: 9380205099544461453
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Jan 2022 15:49:54 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
602 B 202ms
75ms Script
application/javascript 2606:4700:3036::ac43:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: newser.com
URL: https://newser.com/HsF05_E/eTjWmafZYl/Awn/jfYYxHwzsD.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33824
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9
last-modified: Sun, 30 Jan 2022 06:26:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9IfOefASLzGRq%2BIUhEiavawvyC2TKAFel%2BsnwB5Ch9cD3DVBVgaMdjzhwKIwgKckFFmENB4jtiMp3D%2FxndlviizTMSKlQynpCDXpSgznpyYEa3byN%2FJnX16pmjyhObdCiYFQQNPNe%2FS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6d5bda5978fb83b8-MXP

GET
H2 200 adcode.png
rddywd.com/ 43 B
634 B 100ms
35ms Image
image/gif 2606:4700:3036::ac43:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newser.com/
Origin: https://www.newser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 69370
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlzPg5nPHgiBwafUw8DZ%2FTcuYIHhjaaUpsGUrJ%2BnKqOAQCi2FlclXW%2F56LC7Vl2qlBGkyB%2Bh%2F%2BciG3Ysg%2BevyXRqPGveQ7LxpBoOo7HzwkSvLoy5zyGRX27djh%2BU8TVu4lXgTrj%2Blztx"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6d5bda591ef44bf4-AMS

GET
H2 204 generate_204
www.googleapis.com/ 0
178 B 44ms
7ms Image
text/plain 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/newser/ 1005 B
556 B 337ms
308ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/newser/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 870c196156856ec66eb4e1d7b376eca50e218883c93775524484b4fe4603f5ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
content-encoding: gzip
etag: -1912583789--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=57, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 379

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 171ms
150ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61f6b3a220d9d32e&bkl=0&bl=1&pdt=696&sid=61f6b3a220d9d32e&pub=newser&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.newser.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1643557794681&jsl=143521&uvs=61f6b3a28f6a4611000&skipb=1&callback=addthis.cbs.jsonp__78435121951317340
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 10ed555da042a1e6d6fe0c6b22f87d91f84f8f22fe066a92737a4243df776bd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:54 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 1A11 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame A286 71 KB
26 KB 12ms
12ms Document
text/html 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-140-111.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 30 Jan 2022 15:49:54 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html Show response
platform.twitter.com/widgets/ Frame 206B 319 KB
104 KB 87ms
87ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.newser.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF6) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 229411
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 30 Jan 2022 15:49:54 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 19 Jan 2022 19:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF6)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 295ms
98ms Image
image/gif 3.209.102.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newser.com&p=%2F&u=DcQ9q-CTN_eeHsNEA&d=newser.com&g=19359&g0=Home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2851&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1560&t=5RE5ACRHHw-B1YvHDDdMKCBDX6Fq&V=129&i=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&tz=0&sn=1&sv=DDZfHsCJAFyID4oZ5XRaylbCzf8Lc&sd=1&im=062b073f&_
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.102.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-102-28.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:54 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 8ms
7ms XHR
text/plain 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.newser.com&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 12:03:22 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
server: Server
age: 13592
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.newser.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: UNqvDrU0DK_waJanxirlgMaK5E_3svhr4YqcQOY6ggfJAVD86OkP-Q==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 49ms
49ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.newser.com%2F&pid=iQjPS0Cmmsab7&cb=0&ws=1600x1200&v=7.72.0&t=2500&slots=%5B%7B%22sd%22%3A%22leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf3%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%5D&schain=1.0%2C1!playwire.com%2C72343%2C1%2C%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-109-174.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:54 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: 98GZGVBPXPPA0S3C4WYF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.newser.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: aee9qyFhaw0oLsG2UNW97f7bzozHVXqt2givHWe9Q4jsxQ1WuMOpIA==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.newser.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 15:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newser.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 15:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
30 KB 315ms
314ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3245706725619496&correlator=2468075411268797&output=ldjh&impl=fifs&eid=31061814%2C31064562%2C44752540&vrg=2022012501&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20220130&iu_parts=154013155%3A1028224%2C1024100%2C72343%2C1024100-72343-desktop_leaderboard%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90&prev_scp=pos%3Datf%26slot_id%3Dleaderboard_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DCP%255Bhome%255D%26lld_id%3Dc7638c889bb345adb0d4bff63b1d274f57794760%26amznbid%3D1%26amznp%3D1%26in_view%3Dtrue&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_death_injury%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26sitecont_cat%3Dnews%252Cbusiness_and_finance%252Cbusiness_and_finance%252Centertainment%26hour%3D15%26day%3DSunday%26OS%3DWindows%252010%26browser%3DChrome%252097%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.4.29%26kver%3Dv1%26ab_test%3Dna_A%26got_consent%3Dfalse%26page_focus%3Dtrue&cookie_enabled=1&bc=31&abxe=1&dt=1643557794790&lmt=1643557794&dlt=1643557793779&idt=969&frm=20&biw=1600&bih=1200&oid=2&adxs=561&adys=55&adks=2039480262&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.newser.com%2F&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=572046423.1643557794&ga_sid=1643557794&ga_hid=75894360&ga_fc=true&fws=4&ohw=728&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f97b3767fd2ddc96826e92f29805f1a85f0c768b31380394d251b4bf3b84d513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30447
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newser.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 313ms
312ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3245706725619496&correlator=592450895881811&output=ldjh&impl=fifs&eid=31061814%2C31064562%2C44752540&vrg=2022012501&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20220130&iu_parts=154013155%3A1028224%2C1024100%2C72343%2C1024100-72343-desktop_leaderboard%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90&prev_scp=pos%3Dbtf%26slot_id%3Dleaderboard_btf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DCP%255Bhome%255D%26lld_id%3D07a68f767a7345ed8f94439bfaddc79457794762%26amznbid%3D1%26amznp%3D1%26in_view%3Dtrue&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_death_injury%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26sitecont_cat%3Dnews%252Cbusiness_and_finance%252Cbusiness_and_finance%252Centertainment%26hour%3D15%26day%3DSunday%26OS%3DWindows%252010%26browser%3DChrome%252097%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.4.29%26kver%3Dv1%26ab_test%3Dna_A%26got_consent%3Dfalse%26page_focus%3Dtrue&cookie_enabled=1&bc=31&abxe=1&dt=1643557794797&lmt=1643557794&dlt=1643557793779&idt=969&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=684&adks=2039479053&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.newser.com%2F&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=572046423.1643557794&ga_sid=1643557794&ga_hid=75894360&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

808040f86e3312efdf38a2c7ccbae07dc72534f75ff4a36989deb3c721077612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10611
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newser.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 114 KB
30 KB 309ms
309ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3245706725619496&correlator=4350928762605463&output=ldjh&impl=fifs&eid=31061814%2C31064562%2C44752540&vrg=2022012501&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20220130&iu_parts=154013155%3A1028224%2C1024100%2C72343%2Cpublisher%3A1024100-website%3A72343-web_interstitial%2Cpublisher%3A1024100-website%3A72343-web_interstitial-CP%2Cpublisher%3A1024100-website%3A72343-web_interstitial-CP-home&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=pos%3DFIXED%26slot_id%3Dweb_interstitial%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DCP%255Bhome%255D%26lld_id%3D8cb42c8a1cb14463855a30f9ff152e1d57794774&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_death_injury%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26sitecont_cat%3Dnews%252Cbusiness_and_finance%252Cbusiness_and_finance%252Centertainment%26hour%3D15%26day%3DSunday%26OS%3DWindows%252010%26browser%3DChrome%252097%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.4.29%26kver%3Dv1%26ab_test%3Dna_A%26got_consent%3Dfalse%26page_focus%3Dtrue&cookie_enabled=1&bc=31&abxe=1&dt=1643557794800&lmt=1643557794&dlt=1643557793779&idt=969&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3239307466&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.newser.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=572046423.1643557794&ga_sid=1643557794&ga_hid=75894360&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0cea0e91eed9da266a8fa318966de2409dfb9e80a4fa7b090b433da5918364a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30780
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newser.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8EA4 6 KB
4 KB 78ms
19ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 30 Jan 2022 15:49:54 GMT
expires: Mon, 30 Jan 2023 15:49:54 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2022012501.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 8ms
8ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022012501.js?cb=31064562

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

fc7f3dfe9ae1dda7006736f8f5a8671565609dfe6b48d8e9a06a1fc64f1c9cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 23:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12991
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 09:35:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 23:14:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame DEE2 10 KB
5 KB 31ms
9ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Sat, 29 Jan 2022 15:52:32 GMT
expires: Sat, 12 Feb 2022 15:52:32 GMT
cache-control: public, max-age=1209600
age: 86242
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 206B 232 B
448 B 147ms
123ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=00ffa6da52ead1060cdc9a94b7790c9c8f76ae60

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.newser.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 112
date: Sun, 30 Jan 2022 15:49:54 GMT
content-encoding: gzip
last-modified: Sun, 30 Jan 2022 15:49:54 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 8b2b96f2c243ad8839d4772dedd00f9c09bad6193e5cadaf615938cfd9de57d9
content-length: 166

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 11ms
11ms Script
application/javascript 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-140-111.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 30 Jan 2022 15:49:55 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77619

GET
H2 200 p Show response
i.simpli.fi/ 774 B
1 KB 21ms
21ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp

Requested by

Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=3056&m=1&referrer=http://www.newser.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

b80091da8d4f1250950427e99ccf9db587c6569b5fffa986ec425e37363117c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 40ms
22ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff86a593e9d927067863a7662d4f3d04bec6c02ca2259f6a9e91a486e4345142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 15:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8875
x-xss-protection: 0

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&dongle=yf3
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=

37 B
354 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7969&xuid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=
date: Sun, 30 Jan 2022 15:49:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=9A303D4DCB984D64A0FA0CAC9DCAB1CB

43 B
183 B

279ms
93ms

Image
image/gif

2600:1f18:612b:4216:1314:397:4325:f0c1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=9A303D4DCB984D64A0FA0CAC9DCAB1CB
Protocol: H2
Server: 2600:1f18:612b:4216:1314:397:4325:f0c1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=9A303D4DCB984D64A0FA0CAC9DCAB1CB
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:49:55 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=9A303D4DCB984D64A0FA0CAC9DCAB1CB
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=9A303D4DCB984D64A0FA0CAC9DCAB1CB

95 B
426 B

15ms
15ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=9A303D4DCB984D64A0FA0CAC9DCAB1CB

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=9A303D4DCB984D64A0FA0CAC9DCAB1CB
date: Sun, 30 Jan 2022 15:49:55 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB
https://d.agkn.com/pixel/10751/?che=1643557781&ip=217.64.151.10&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164880204047000341185
https://um.simpli.fi/aa_px?sk=164880204047000341185

43 B
361 B

20ms
20ms

Image
image/gif

169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164880204047000341185

Protocol

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:49:54 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164880204047000341185
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nexage
um.simpli.fi/ 43 B
409 B 77ms
20ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 29 Jan 2022 15:49:55 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=9A303D4DCB984D64A0FA0CAC9DCAB1CB

0
0

27ms
6ms

Image
text/html

52.222.214.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=9A303D4DCB984D64A0FA0CAC9DCAB1CB
Protocol: H2
Server: 52.222.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-42.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=9A303D4DCB984D64A0FA0CAC9DCAB1CB
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:49:55 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 46ms
41ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 29 Jan 2022 15:49:55 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 46ms
42ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 29 Jan 2022 15:49:55 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=9A303D4DCB984D64A0FA0CAC9DCAB1CB;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=9A303D4DCB984D64A0FA0CAC9DCAB1CB;mimetype=img;sr
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=7520687762043519741

0
0

6ms
6ms

Image
text/html

52.222.214.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=7520687762043519741
Protocol: H2
Server: 52.222.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-42.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:54 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=7520687762043519741
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&j=0&xl8blockcheck=1

0
2 KB

160ms
159ms

Image
text/plain

44.236.180.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&j=0&xl8blockcheck=1
Protocol: H2
Server: 44.236.180.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-180-40.us-west-2.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sun, 30 Jan 2022 15:49:55 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 46ms
43ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 29 Jan 2022 15:49:55 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB

0
421 B

397ms
97ms

Image
text/plain

3.212.89.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB
Protocol: HTTP/1.1
Server: 3.212.89.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-89-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 30 Jan 2022 15:49:55 GMT

Redirect headers

date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:49:55 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=9A303D4DCB984D64A0FA0CAC9DCAB1CB

62 B
603 B

200ms
156ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=9A303D4DCB984D64A0FA0CAC9DCAB1CB
Protocol: HTTP/1.1
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 15:49:55 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=9A303D4DCB984D64A0FA0CAC9DCAB1CB
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:49:55 GMT

GET
H2

200

tpid=9A303D4DCB984D64A0FA0CAC9DCAB1CB
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=9A303D4DCB984D64A0FA0CAC9DCAB1CB
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=9A303D4DCB984D64A0FA0CAC9DCAB1CB

49 B
740 B

40ms
40ms

Image
image/gif

52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=9A303D4DCB984D64A0FA0CAC9DCAB1CB
Protocol: H2
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.15.135
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=9A303D4DCB984D64A0FA0CAC9DCAB1CB
cache-control: no-cache
x-server: 10.45.27.172
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=9A303D4DCB984D64A0FA0CAC9DCAB1CB

0
348 B

45ms
14ms

Image
text/plain

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=9A303D4DCB984D64A0FA0CAC9DCAB1CB
Protocol: HTTP/1.1
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:49:55 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=9A303D4DCB984D64A0FA0CAC9DCAB1CB
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:49:55 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB

0
66 B

37ms
15ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:49:55 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1643557795065&cv=7&fst=1643557795065&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=628200627&cv=7&fst=1643557795065&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
https://www.google.com/pagead/1p-conversion/1026675585/?random=628200627&cv=7&fst=1643557795065&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
https://www.google.de/pagead/1p-conversion/1026675585/?random=628200627&cv=7&fst=1643557795065&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...

42 B
548 B

47ms
23ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=628200627&cv=7&fst=1643557795065&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=o7P2Yff3Bp_V7_UPhNeu8AU&cid=CAQSKQCNIrLMJgpEnCw6mIB9jEnLOjuPKLHdPsiRIkJ1Uscmwh4yfGMXvmxp&random=4249242052&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=628200627&cv=7&fst=1643557795065&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=o7P2Yff3Bp_V7_UPhNeu8AU&cid=CAQSKQCNIrLMJgpEnCw6mIB9jEnLOjuPKLHdPsiRIkJ1Uscmwh4yfGMXvmxp&random=4249242052&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&__user_check__=1&sync_id=4549f1ff-81e4-11ec-9fe9-1e1d47870206

43 B
548 B

19ms
19ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&__user_check__=1&sync_id=4549f1ff-81e4-11ec-9fe9-1e1d47870206
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 15:49:55 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 65
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sun, 30 Jan 2022 15:49:55 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB&__user_check__=1&sync_id=4549f1ff-81e4-11ec-9fe9-1e1d47870206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 104
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=9A303D4DCB984D64A0FA0CAC9DCAB1CB
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D9A303D4DCB984D64A0FA0CAC9DCAB1CB

43 B
1 KB

13ms
13ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D9A303D4DCB984D64A0FA0CAC9DCAB1CB

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:49:55 GMT
X-Proxy-Origin: 217.64.151.10; 217.64.151.10; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: df04f307-fe1c-4961-9f64-fd17c05d3a8d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:49:55 GMT
X-Proxy-Origin: 217.64.151.10; 217.64.151.10; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9832de8c-1bf6-4334-8a7d-8745668ef0e7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D9A303D4DCB984D64A0FA0CAC9DCAB1CB
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9A303D4DCB984D64A0FA0CAC9DCAB1CB&expires=365

0
239 B

30ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9A303D4DCB984D64A0FA0CAC9DCAB1CB&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9A303D4DCB984D64A0FA0CAC9DCAB1CB&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:49:55 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=9A303D4DCB984D64A0FA0CAC9DCAB1CB

43 B
274 B

34ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=9A303D4DCB984D64A0FA0CAC9DCAB1CB
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:55 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=9A303D4DCB984D64A0FA0CAC9DCAB1CB
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:49:55 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESELXCPxgYE3lshyrFZ-Dlp2I&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9A303D4DCB984D64A0FA0CAC9DCAB1CB
https://um.simpli.fi/g_match?id=

0
320 B

21ms
21ms

Image
text/plain

169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 29 Jan 2022 15:49:55 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 64ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 15:49:55 GMT

GET
H/1.1 200
OK utility.aspx Show response
www.newser.com/ 0
482 B 103ms
102ms XHR
text/html 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/utility.aspx?function=metricsab&b=false&platform=D&visitorid=1558940940&visitorclassification=P
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.newser.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:49:54 GMT
RawURL: /utility.aspx?function=metricsab&b=false&platform=D&visitorid=1558940940&visitorclassification=P
Content-Type: text/html
Cache-Control: private, no-store
Scheme: https
Content-Length: 0
Expires: Sun, 30 Jan 2022 15:48:55 GMT

GET
H3 200 container.html Show response
3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AB5E 6 KB
3 KB 23ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:49:54 GMT
expires: Mon, 30 Jan 2023 15:49:54 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111152338000/ Frame F456 190 KB
55 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 188628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55581
x-xss-protection: 0
server: sffe
date: Fri, 28 Jan 2022 11:26:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8559bae154d80579"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 28 Jan 2023 11:26:07 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame F456 13 KB
5 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 188628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4994
x-xss-protection: 0
server: sffe
date: Fri, 28 Jan 2022 11:26:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b314c3eb801664ba"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 28 Jan 2023 11:26:07 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame F456 89 KB
28 KB 27ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 188628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28443
x-xss-protection: 0
server: sffe
date: Fri, 28 Jan 2022 11:26:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "976e6f5df80f4e35"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 28 Jan 2023 11:26:07 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame F456 5 KB
2 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 188628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1727
x-xss-protection: 0
server: sffe
date: Fri, 28 Jan 2022 11:26:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "423ab13fb6ff63c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 28 Jan 2023 11:26:07 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame F456 40 KB
13 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 188628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12843
x-xss-protection: 0
server: sffe
date: Fri, 28 Jan 2022 11:26:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08cf721d9e54e414"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 28 Jan 2023 11:26:07 GMT

GET
DATA 200
OK truncated
/ Frame F456 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: badc6e9e3ae34d5ee181ba969b024cc330ffd812f5977d5e989cf6fcbd4ca1b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 11574151330850962259
tpc.googlesyndication.com/simgad/ Frame F456 35 KB
36 KB 9ms
9ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11574151330850962259?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnmgxNT5lAz6C1EJT3v0i9BYMPXpw

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

543c6a7a7a7f6703901337e93a45487781689a53efb697386dfbfd24786d160e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 17:09:40 GMT
x-content-type-options: nosniff
age: 427215
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36015
x-xss-protection: 0
last-modified: Sat, 05 Dec 2020 06:00:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Jan 2023 17:09:40 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F456 2 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 22097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 31 Jan 2022 09:41:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F456 295 B
399 B 7ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 21410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 31 Jan 2022 09:53:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F456 0
0 40ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1W3R9YYX4QR-laqde-FhBZQK-3qGnIaDNvcuHX89cgM6BJrlKGjxm0IAKT-LTSrB5JJny
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F456 0
0 48ms
47ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CO4m9orP2Ya6YM76g7_UPqeSu4ASvqeiIaMT7s_-tDr_hHhABIPub1UlglYKAgLAHoAGl44XZA8gBAuACAKgDAcgDCKoEjgJP0LsxgCkHnVaHGvM-V9RvsoNnUipes7yyYZtB9ENxbsEZNV0lB85otSCZHDoz-YmMlGGMQHgMvwzSlFxP2mXTlQZ9ZWlTuD-_eFav4AV-gs2fUeFYOeaKCTV2tmxZmIqF5RGy5LIWJCuAWymyIfCY2-OthUgtu4d96ZJfv8_PMfaluCNuv-4MnT8q9fLXO6MJysffsgDjPgm7nZuszqDfoHCaK37vgz6HlyoS75woCg818Yw8drEQpuR_V-4YQUyYcOi5pO5CFHNOPJoGBhXl_uhk056UanjdJilHjuEqK-uHzO5wNpCUSNafQ569SzjE2cHeYw3IWESyYlBRnm5wky0qdWHhtkjn5t31wMTABNXkwPGaAuAEAZIFBAgEGAGSBQQIBRgEoAYCgAeCla9-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQr6YD0ggJCIjhgHAQARgdgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTU4MTIzNTczNTIzMzUwNzUY26Ih&sigh=zDKdsWk7t9g&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 container.html Show response
3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 75C1 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:49:54 GMT
expires: Mon, 30 Jan 2023 15:49:54 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 52CB 13 KB
5 KB 27ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:45:26 GMT
expires: Mon, 30 Jan 2023 15:45:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 737C 783 B
1001 B 21ms
17ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e316d9c0a8107047e2725228fc152be951f1ad069c3f2f3935b19e5dcfbaba8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iDmrSn6O3htHBWmAPgtXzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 30 Jan 2022 15:49:55 GMT
date: Sun, 30 Jan 2022 15:49:55 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-iDmrSn6O3htHBWmAPgtXzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame AB5E 4 KB
634 B 33ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 14:23:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 15:49:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 15:49:55 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AB5E 205 B
744 B 32ms
6ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:11:23 GMT
x-content-type-options: nosniff
age: 146312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 Jan 2023 23:11:23 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AB5E 604 B
694 B 32ms
6ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 14:59:41 GMT
x-content-type-options: nosniff
age: 3014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 30 Jan 2023 14:59:41 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame AB5E 18 KB
8 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7952
x-xss-protection: 0
server: cafe
etag: 4804491876264876803
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:19:21 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B9FA 0
16 B 20ms
19ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGIX8s7sBMAE&v=APEucNVtmBwOcxKRjvOve9uOc8UP1OaOPzjMZEH2EDh4KJ3-zL-WQOPx4LZPZXsoWnJysUFh8tJO5nuzCfoc9MKiUK0Cthwc2w

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 30 Jan 2022 15:49:55 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 75C1 18 KB
7 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:28:51 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame 75C1 6 KB
3 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:42:29 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 75C1 0
571 B 108ms
83ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4zcmeKsTMBN7NCf7T6QjIYWitTgxlBYYHPIvj9F85AokH3hsmpbQ8Q7V_dwxeLN-QS8cxWn_wHq2MF40ywIHeJ5d8nnnMh7Dc5jLQqwC3r9W_vyN6H24vjNBQrXo_TUYCHFMKFhoBsLlrsEMBS7xOCQF3wwZRzao2D_7C7wW26ZUok9OqdxMFJ0e2yGpKyUPrgLuUQnxkhpJNMGF32dfi18jbbWIYg9zaOL57ZRgOZ9Rp3YEj0Q5ejU9mSUW7ouit142ThQDuR2nhEUwX9WV67UehJFpGCaYwy9Es7QzdKyXSrtYw7k7FAhQV3WCHcU4SLIYW-97tFUn_iCGTSQqWAyik7MIDq7zZsdAcRmyto9oB8_GAWgrDqbLe7O0TYxUVQfy-2EV33b_1pINNkBnO4qjWgM3J44zut85ZIUFs2ya1TdncnYsMuPWrq8OwLHUVX8dzuTG-fLNOfuV9YUDxVa1skT9KGg3tyeWU6pLnrS_o83RDdRLDNGPfUuzSF95qjSGlpS1wNmBR8YV7tjpaFZAAPI9qtHjuPpJaWlllvrqkwm2sae87PaOLOC4uyiOMGTTMyYjHnIIJVPd1o9gykOve8j0y7vtsUfGLvmkKMRi_z8lPFGgQnGXVmlUl9GPnOB9vmSy5C0wQ9wvwHXpE0eR5Af8sYXobRB7uSyay3hac9N3QhvJcL04H2ABr5LhGQ5IwWKEtsTEcxSu_WGoamBjcbaVzkND41N37anEaKhSRyenAx4tES91SECiJQSMzGsR7ZJyoIK48W5lPiRh5I6rWFTDHUaXGESPNm1Bvg6lsDf2kVIDigWFoGEdmc2Z_upcA33M82yC83NstYlLfMOi520HXb-q5_SKD-g31MjD1HJ4qj8GIZix6xSZ0lHVMnnBXhjbebC467Ka-ERV4qNECnI9qLn3RIBkNg5-oVyJXBAM3dat5tx2MShJpdtuzTGRpfbvZzXWCCgjti7kfaUoPfgME2NdZlxxYOrzAIw8Ciw9nzb9gBgLJ6UZWawAvygkFDjDSf1JY_-f0Yp8x9Uqu56iglj_9Gv2SemXMkdTB3de9IpgGGeiP2kvmrvPpkGgeb7fHabnjAvwA7JyfOLA7pRBjuQynRKRSiROcCc4YjhvepvjYoTdKto96uPVIL-vRs9BU6g10dN7clHcWWC8ER8fsLcQCWP-hcL4&sai=AMfl-YSkPeHKxJaKzPz70pXmxUKy9oghZyaZ2APnei3m2Kxbfr2IWrZevADJYCPUZsh33iyPhTz_hXETr5cIwbKecKlNH-extvQtkPUUEVu2BPk7_fGzp_9GioFy16HHWJHQOqHoNHHtu0Rory4VhAuEGy-dv6kUhYngQwPWXuJS4V7s6FjMSp-qJCI9uvHAZ0yiZScDd8xIZmMjcDqeNNJTc2Z7mCQPDPWSEu66UxFlHQ0OP-V07EwHeeGpD59CrH0jTJJtvvySFMZalQol5gaJ26g-hWxgPtQttI6spbHuCJnj-FuuGx8I2s9ZaongzIdsj7mFXlbCDuXq5eNzq0KE-jQke_DED3lmN7yzwmYSyyPFDBCeU0xPYNyaITxLU1ZB6XpVaLjTSOoUQTg&sig=Cg0ArKJSzAgH-agu0XgTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220126.02891&adurl=

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 30 Jan 2022 15:49:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 75C1 41 KB
15 KB 15ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 17:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80284
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Jan 2023 17:31:51 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 75C1 42 B
63 B 53ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C6XwQ3TAGM7wUKzhEBvwgOtfSbMUSDedpqgVxb0Mmo-uUC-2VxmpjJ2oAV9hOyz1f1dYNjdGcLIS7xzf6UCUWEkLvhTR6jXuXbSKMHiX3hqWmuBEo

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 75C1 2 KB
1 KB 17ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:47:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:47:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 75C1 123 KB
38 KB 51ms
27ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 15:49:55 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 75C1 14 KB
6 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:47:59 GMT

GET
H2 200 11999222735642290822
s0.2mdn.net/simgad/ Frame 75C1 44 KB
44 KB 32ms
8ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11999222735642290822

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e755f8a3afc69374a35aaeb73deb4c6a57bd6bc9803642b1a721052918001547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 08:53:40 GMT
x-content-type-options: nosniff
age: 197775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44695
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 11:54:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Jan 2023 08:53:40 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F456
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

57ms
57ms

Image
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H3
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 75C1 0
60 B 44ms
43ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 css
fonts.googleapis.com/ Frame 5360 8 KB
888 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 14:19:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 15:49:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 15:49:55 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 5360 1 KB
875 B 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:46:32 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 5360 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:49:20 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 5360 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:47:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:47:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5360 123 KB
37 KB 68ms
53ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 15:49:55 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 5360 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:47:59 GMT

GET
H3 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame 5360 27 KB
11 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 16:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 02:23:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 16:51:03 GMT

GET
DATA 200
OK truncated
/ Frame 75C1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c799a6f6787bb0fb745ed4594193d09ddb720cabec27bff4234b052979637a4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 619B 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 80281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 737C 0
0 55ms
55ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012501&jk=3245706725619496&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 OQeXulqavt2yHYod1yFVtMfB5cE7WnIBzfht8HOtA8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 52CB 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OQeXulqavt2yHYod1yFVtMfB5cE7WnIBzfht8HOtA8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

390797ba5a9abeddb21d8a1dd72155b4c7c1e5c13b5a7201cdf86df073ad03c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13499
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 15:10:35 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2C9D 143 B
163 B 14ms
12ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:03:04 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 OQeXulqavt2yHYod1yFVtMfB5cE7WnIBzfht8HOtA8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 619B 35 KB
13 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OQeXulqavt2yHYod1yFVtMfB5cE7WnIBzfht8HOtA8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

390797ba5a9abeddb21d8a1dd72155b4c7c1e5c13b5a7201cdf86df073ad03c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13499
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 15:10:35 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2C9D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

48ms
47ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
URL: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 30 Jan 2022 15:49:55 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Jan 2022 15:49:55 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 30 Jan 2022 15:49:55 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 52CB 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bFy75w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 619B 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcA0oorP2YcCSM4WT7_UPjNC20AIAAAAAOAHgBAI&bg=!eXqlej7NAAY6OBv_Ojg7ACkAdvg8Wosr5gxqx0EqTs2dtsYVuBHxmc6EH-VSot6y1QmIU3SWObsmEwIAAAB0UgAAAAJoAQcKAGAQmwAiWiRtsWfjKT0nIECnK-b-TAh6agdRSUusRTxVO8v1PtVI-rrbW7fXx3zxBjQ8PMT-Sny_EsPYT92YvBUyhjGL9msynA6D12LGY5h510UW5ejRu_S8avi6sjLuquWZAwuegzD2HiNifyi84uQuLxljJ4mxRKetdTOuPrygr1CnJZXsZjud3dd0PSsrXqcjLsPQVNjv7RzgBTvsKpASkzi0BywR-oOQ3NkURvjjKY-Bh-NJho__orgD7m9Roe-IxITZqKK1Sv5Tfv9h43ZLnCTS7kvDMj7jBT0lP42XO9gC17y891xt8x2gah8PLk2ara3kQKKX3ybMeMSDXJbUkhBTagnjfnSm_A4gDQL458E6eAU3RwPW9DLMMWkjUry6lxEwOglohSMwW991AOrV6V9Vqlv_BnPDOHqsbXD-rpn-eF1yu3XtJyyH6BMY0r0ZjyPf6rYdoK4rF23zSOOHdAgYUU4VdHR0tFahZYr3pxAPu1UCXKXz1U0loIrUfC_4k3DL3X5zAJCrk7WVfl2KfVWsFNjezzuM7XCp7LGWZSgvp2WQDxUpjQwJerwcsygfYuWjt_SLZS4wKdmXz5UZtr5zpyUsaXn3b5WGdldI86sgbndO0fZkLvn0Gnp0gv-tawK07Dy-WtJzEQWLDGcRYT3QJBqxssVGnoobvSiThM9T6VYzQlXhwIyhaJfqpd3yrtYVod_98K9n911zNTBA20HDI2BoZ1kCV_I3Uefg584n3EZRDaGZ6QcZOxeuJ7GvTtDJgfE5nDsBn3l3m-8L2G6t8f8QI_UBlQLh1P2v8B_Ieok1wRoWtK0Z3OH8Vz3YOiZjHCsDRk76naSTDdM5frzTJ16sq2fUw-Eh1z9-HjccnsytWn-c6h7m2-q5Crb5aM8NXf24jgSh4liR9LKQyZsPRYi4IDQa__3r56U7rwM5hq0oA7hxWz4iFXkpBoyANjfzZWJ0tF2FIrYy2-LStPFlrVMUmPib6wtSWlOGE15Q_y5pjTaT2AfCu_SmfBIzUR709X5Ht6_BRrhujsGZR3dRIGOcsHBFwtmRA_2yMEbnMSXgiHgorba4YI_vCFBLSZEUNhKSmDL8MoeZ9SK_NpRMcKnQTDf3ovQC5bVj0J5qu-hL2qMvWkB45HVRxXLpogvjuOebm78zwsVaog

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012501&jk=3245706725619496&bg=!7u2l7anNAAY6OBv_Ojg7ACkAdvg8Wk_PHjaphixeuf3n4gh83fy14ll74dMwV5X22KCwkFyg65-4GgIAAACHUgAAAAFoAQcKAJznJY77lxllh_ib58RWboKkfxdmWtfuajkcwOpkeuwIobC_4UUVuALTRuTy4WKQcoHpMQVn7WedPk11dMhTk1Ioz7KN7eiLgK0qpffVXkpmMkcvu1FpokkP0CNagwDvH3tIMo_wzIC84VczGPW2p3HkxBnbYkzsCWEt5-e4F3rvVLYhbN9ATeT-T4fk_jh_bR3UTkShZ4SIT_pfSOGZAr2GoXzCMSKlmIR5rJU2bfcD8jlTV0j1mNWzgkEByBE3MM3IPMQG1co0zM4tuW2nYlzRizJxqc8WIuP_K_jiydvnS0yKFgJ-e4tdqlxnCjcUT3CUxrScloxY_Lr2HBfAEcENdm1aW7hxBec6dHA-fy2hrpEpkE8MeKaP9W784Y2rpOb4oTs9Zjb0498ya65YgDy8FQmpedYwHJG_FT8-MR9Msevvg-Uai0jNWTHIKuWSSZx6gvek6FY0NDP8HPvR4F4I5wyTxVYuErmQa18Dx94-yX-qWH26DIqR77KNU8vZYXE0sJwqVtGSwbrlvzhZSBd61evlxfCUXiZfoG5WdmtQPZ3J3moylFfPMTbejft1_UdRqdVqASnvimrJtiRPkJrTjP6OgBHlQ5zt-yuLxHrPAMnDEQV5TmGE2dGG187CAQroFIXzAF9aRV90uXT7PUvVwMw8FgLzhrskGr0JxQqoy7DT7qtzGMZ9jVJgfCK1X75cGoQpbHzFRXm-TjYrrGRegormJd6a6acEoyBJcjw20076H_e026n3how0KNXqZaSlergZPlMUySBDauDyMJwuxUXCUhngSq3bCnojaUSGHLQPKQ7-gZnKvs-lGGD761ZxhaLkNK0SGaQEVQR3NPBEnkbMTtwcUGHiyJkITMLac-4DLpi6qnLuWjbr9-kUN7YydvYjPB7eAfa4n09KHcmpq-Od5A_L5Ly2PNXZkUqUCjYZGxbkXxx-TuY7tLtl6BVOvFeOWGLzAxQSJUjMmjs5iiGpP-Kozp3xre8LvoLSFIGk07M59jv9knGJ9VsVQmR6IC27RpeKX-ToB-nZbwgMJq8uMWGofvPIHBZXd0oGOmADoDwYylEQInqYquzgaXTVk-7waILngjt9oUP985f1FwLzKiZDo1DBYfQi745YaBwLjw5xiLfZxuPGfg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 75C1 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYxc57Wn0rN5EGKuyidRXT6ZyaOBMlg8XtupXY-QCw9q7LycuyOTJd6Ea_sAVnxDhDQFj7ZM5Uz0uf3PajLA0NFsj1yycKt9CFoxkE&sai=AMfl-YTAmpALR1L67lcEOWM-uTbO_DuzydvYi6T3FCAaubXg486TE3FVO8yMBFEieOJFATs2ZSK6afT7UYUOx2LVQOp0nWPegaecJ6ztSViSkV3ArGSgY1DeVzf5G5-wVXA&sig=Cg0ArKJSzFItp2J-xxyxEAE&cid=CAASPeRoxpZFj1ZVnCEjiWEimF7Y53ZXOFji1J6vTh2U8OC8v4NdZ3URKNJxfSa9-Sxxft2lQJPcgQSbrwzoCQQ&id=lidar2&mcvt=1000&p=55,561,149,1289&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=2039480262&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643557795161&rpt=191&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F456 42 B
64 B 74ms
73ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSkNf-GZ_G785HrwLrmY36ytzCEQmc7-DtF1YI-W4OSl5Tm0Wh-33u1JngjnHY0cwtSnqbsvFxQCbVfj6cdqbC46biO1EXKRBvb8myZuPv6ZZQJmSfoA&sai=AMfl-YSCmPupjdpJna35kBY49X00heSNP_HjO9A7A0POG9ok78HcHDys-wWdKHxEXGgdyyYOdqkaD3UtC-yWm-kc_KBxm-hNHyqMUYeKPXqIMFcjMYqCZB_B-63gRKbC4SuH&sig=Cg0ArKJSzC9EfiBxccsMEAE&cid=CAASPeRotVG0zltZgdGyG_wJ44wumtoplrEdCtvwnGfcgyVhaTTIne6OCRSdq_Jvi940eKkK6PpeehoswxbvNfg&id=ampim&o=315,684&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=234&tls=1234&g=100&h=100&tt=1234&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2039479053

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:49:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ 146 B
582 B 106ms
106ms XHR
application/x-amz-json-1.1 3.227.250.175

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.175 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e6b38f7ae14da07f70cdbec2a4590a70af4bf7de5480106b74c39a7979cad5d

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIA44GIABD57PYVUX6G/20220130/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=827778c495d1fb49913709d5b9226ec38a9bd22df48e8ec26955df4de5447837
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 556b2f931051b83e75b2a2ba7a70d195174954970712a8212862febe25434d2e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer: https://www.newser.com/
X-Amz-Target: Kinesis_20131202.PutRecords
X-Amz-Date: 20220130T154959Z
X-Amz-User-Agent: aws-sdk-js/2.387.0 callback

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
x-amzn-RequestId: dfa920f7-230b-6651-85d9-9510cd9fed68
Date: Sun, 30 Jan 2022 15:49:59 GMT
Content-Length: 146
x-amz-id-2: T3JXDJ8AHnCOeIGsPf2X2LvzWD9OBYhkf9lOkSMgl3wNdmb9YtVWYU+Hmxx3XVqlH2ahH/RaNkNGvCSM/FUMqXCDE1yXxrZZ
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 300ms
97ms Preflight 3.227.250.175

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.175 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Origin: https://www.newser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-amzn-RequestId: f3df8b20-ee28-11aa-a9af-3ec700bc9a93
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Date: Sun, 30 Jan 2022 15:49:59 GMT
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

636 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.newser.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: fn3i30b5qhyo2nzp4tpruimo
www.newser.com/	1970-01-23 16:08:37	Name: USERCREDENTIALS Value: EMAIL=&PASSWORD=&USERID=0&VISITORID=1558940940&VISITORCLASSIFICATION=P
.simpli.fi/	1970-01-20 09:19:40	Name: suid Value: 9A303D4DCB984D64A0FA0CAC9DCAB1CB
.newser.com/	1970-01-20 18:03:49	Name: __utma Value: 116631449.572046423.1643557794.1643557794.1643557794.1
.newser.com/	1969-12-31 23:59:59	Name: __utmc Value: 116631449
.newser.com/	1970-01-20 04:55:25	Name: __utmz Value: 116631449.1643557794.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.newser.com/	1970-01-20 18:03:49	Name: __utmv Value: 116631449.\|1=PWA=N=1^4=OrigRef=direct=1^5=UserClassification=P=1
.newser.com/	1970-01-20 00:32:38	Name: __utmt_pageTracker Value: 1
.newser.com/	1970-01-20 00:32:38	Name: __utmt_eventTracker Value: 1
.newser.com/	1970-01-20 00:32:39	Name: __utmb Value: 116631449.2.10.1643557794
www.newser.com/	1970-01-20 10:01:25	Name: _cb_ls Value: 1
.scorecardresearch.com/	1970-01-20 17:49:25	Name: UID Value: 1713861bb8273e7ed2ad75d1643557794
.quantserve.com/	1970-01-20 10:02:52	Name: mc Value: 61f6b3a2-48900-c1225-9490f
www.newser.com/	1969-12-31 23:59:59	Name: g36FastPopSessionRequestNumber Value: 1
.newser.com/	1970-01-20 09:57:06	Name: __qca Value: P0-101518974-1643557794287
www.newser.com/	1970-01-20 09:54:13	Name: usprivacy Value: 1---
engine.4dsply.com/	1969-12-31 23:59:59	Name: IKSR Value: {}
engine.4dsply.com/	1969-12-31 23:59:59	Name: INF_DFL8 Value: false
engine.4dsply.com/	1970-01-23 16:11:30	Name: IUID Value: fc6d74a4-88d8-42e8-b6f6-11b9584bbc09
engine.4dsply.com/	1969-12-31 23:59:59	Name: ISSH Value: 60F355
engine.4dsply.com/	1969-12-31 23:59:59	Name: VMI Value:
engine.4dsply.com/	1970-01-23 16:11:30	Name: CHN Value: #[]
engine.4dsply.com/	1970-01-23 16:11:30	Name: MSSH Value: #{}
engine.4dsply.com/	1970-01-23 16:11:30	Name: MSRH Value: #{}
engine.4dsply.com/	1970-01-23 16:11:30	Name: ILP Value: null
engine.4dsply.com/	1970-01-23 16:11:30	Name: ILPLU Value: #1/1/0001 12:00:00 AM
engine.4dsply.com/	1970-01-23 16:11:30	Name: ILEALC Value: #1/1/0001 12:00:00 AM
engine.4dsply.com/	1970-01-20 00:32:52	Name: ILMPF Value: #False
engine.4dsply.com/	1970-01-23 16:11:30	Name: IPMPLU Value: #
engine.4dsply.com/	1970-01-23 16:11:30	Name: IPMUID Value: #
engine.4dsply.com/	1970-01-23 16:11:30	Name: BSWUID Value: #
engine.4dsply.com/	1970-01-23 16:11:30	Name: IBL Value: #[]
engine.4dsply.com/	1970-01-23 16:11:30	Name: ISH Value: #{"1148":[{"SId":"60F355","D":"22/1/30T7:49:54"}]}
engine.4dsply.com/	1970-01-23 16:11:30	Name: ISH_Q Value: #[1148]
www.newser.com/	1970-01-23 16:08:37	Name: PWA Value: N
www.newser.com/	1970-01-20 10:02:52	Name: __atuvc Value: 1%7C5
www.newser.com/	1970-01-20 00:32:39	Name: __atuvs Value: 61f6b3a28f6a4611000
www.newser.com/	1970-01-20 10:01:25	Name: _cb Value: DcQ9q-CTN_eeHsNEA
www.newser.com/	1970-01-20 10:01:25	Name: _chartbeat2 Value: .1643557794688.1643557794688.1.DDZfHsCJAFyID4oZ5XRaylbCzf8Lc.1
www.newser.com/	1970-01-20 00:32:39	Name: _cb_svref Value: null
.addthis.com/	1970-01-20 10:02:52	Name: uvc Value: 1%7C5
.addthis.com/	1970-01-20 10:02:52	Name: loc Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==
.newser.com/	1970-01-20 00:42:42	Name: __asAB Value: false
.simpli.fi/	1970-01-20 00:42:42	Name: uid_syncd_secure Value: true
www.newser.com/	1970-01-23 16:08:37	Name: AB Value: N
.newser.com/	1970-01-20 09:54:13	Name: __gads Value: ID=04bd3cc98b6264d1-225234b62fcd005a:T=1643557794:S=ALNI_MbfKQ8cyQqxcFrfNewNbGplOFWaxg
.3lift.com/	1970-01-20 02:42:13	Name: tluid Value: 507717379306058693374
.doubleclick.net/	1970-01-20 09:54:13	Name: IDE Value: AHWqTUnBWleg1OQPMPhT8l6J7ELI-B0TYYvMXIIBtzSM-Q_ft2r2YsjNgu9pxm4N
.tapad.com/	1970-01-20 01:59:01	Name: TapAd_TS Value: 1643557795204
.tapad.com/	1970-01-20 01:59:01	Name: TapAd_DID Value: b004c1ec-f4bd-4ae2-928d-281f71a4ae10
.agkn.com/	1970-01-20 09:18:13	Name: ab Value: 0001%3Ab5vveA1fWmuWNgAcJ3EXmoe7%2Bv5RKwOf
.tapad.com/	1970-01-20 01:59:01	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-20 02:42:13	Name: uuid2 Value: 2954541852904385848
.adnxs.com/	1970-01-20 02:42:13	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2E?ily+=e!]tbPl1N!7OnM$=BX)k^L1^e8YISidewEgk'tIh0fB`iJqxjl!Vulkm$XEt6?33(j#iP(Md+>)fy*?Ksjx7
.pro-market.net/	1970-01-20 04:51:49	Name: anProfile Value: "1l4zpb9nwz8ql+1+1f=1+1g=1+1j=41+rs=s+rt=20010AC800203C0010119910AF584F21+s2=(r6j5b7)+vm=24-9A303D4DCB984D64A0FA0CAC9DCAB1CB"
.pro-market.net/	1970-01-20 01:15:49	Name: anHistory Value: "1l4zpb9nwz8ql+2+!#7')!A#'Wf"
.agkn.com/	1970-01-20 09:18:13	Name: u Value: C\|0AAAAAAAAKYlwIwAAAAAA
.exelator.com/	1970-01-20 03:25:25	Name: EE Value: "b8ec0c62ce6da378786457640718dc3a"
.crwdcntrl.net/	1970-01-20 07:01:23	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 07:01:23	Name: _cc_id Value: 8445f9e84d35524fd3748d49f85f9b15
.crwdcntrl.net/	1970-01-20 07:01:25	Name: _cc_cc Value: "ACZ4XmNQsDAxMU2zTLUwSTE2NTUySUsxNjexSDGxTLMACicZmjIAQeK3zYtBNBQAAFCtCyU%3D"
.crwdcntrl.net/	1970-01-20 07:01:25	Name: _cc_aud Value: "ABR4XmNgYGBI%2FLZ5MZCCAgAhQwKu"
.doubleclick.net/	1970-01-20 00:32:41	Name: DSID Value: NO_DATA
.exelator.com/	1970-01-20 03:25:25	Name: udo Value: "gAAAAAQAAATtKLUv%252FWDtA3UaAJauqkgAjaoO%252FDv9%252F826KpMHqPo2wrny%252Bo6rbwj974T%252BxJNML7st325YiwgSNv180BYLJDOxIFZECPDKHlxw%252BKqpBxOZDbeCJjmpLAWWAJUAlQD7EyL7%252FsKOrXvWWretyD1yOLyTHOCJZsncC6upohRKRt6z7jDrPK2t6SMJdUKOzOkZ1OHX1nFIJD0g%252FsG2y6Z1HjqZHPnng6aJOR7%252B9RAZfp1vsMMmCh5F%252BqYgqxgIfKr%252BBaDeQYKQACAq5fmIFP9f8SsrKytv4P8BOHiVEPhUbR2X0HZdbRABe2Go%252BDfhvjGC9oRVIwEjZ3UYvzC%252F2vP9YE%252FrKEtLdXXb84NyYqqlyCzXVuQit8elbSjt6V5Y240Lo%252FE8DGbjOkvJC7esx%252BiDFSG1Nf963mI2acFONy1JHki%252B4WIfQ5j5ppnHXU4tUOSuUo21yCmE9sbYipASdyiKWUXLU3Yqs7f9IHmoZUtCKSnVOCRycJP524DG1w43OP9IdAifsOvr4Z6aFRckzFRKCpvScEllQIWy7h2S7OAeX6iNDn56R4dV4FGA9HjTtM67kGQOLSqz93zRtnS%252BKpqpLLyG%252BIzhlhB7eAhusdxGZsbiaVznYbgu42W8rTS7c3TpRtrozIiyV9EhSOVpYnF3tEoq%252BrqrKVSBi5%252FNZ9nkT2u%252B%252FGmZo2Wu01xGs%252Fk0pzdty5rsVTg4I6ddxm6iHy9Wz8HiP%252BVNiFyIXJQ48CfMEquKsSdUhWJH8WYxgvH%252FCwY8ga%252F4CouRz8hwFoyGKcqwaCZXg5QB4VVIJFErw8hOXJoGmoaFB6fJYGuM0wQBenKnZxDL9Krr6RXzMLmmVWzUocgFiZBSt24ro2Ewq0wKghGSoqXpQrFirlqe6ZeW6OhkXVgHT7jp%252FHs9%252Be0JG97FPYJM%252FjlYkCilRAJAKEACQpSqKw8RcDyM1RCRFFu2A1SFA0uKKYy1RkolI9GhCTtsRCpw726uDCH6gK4cdAr4msaKQ5m0mOhlySqcL%252F5iCw1fOw2OtJQ011Y%252FK5BF6UHFoWjZj4IPUAJ4IS5kfQi9YETafkfFNF9wk4A110b86ukKzRseaKUc3mFOuH4D83ywNfp6Wf6fM60%252FtFHB%252BsYJz6FCUyH8y%252BLQ0%252BfuEw%253D%253D"
.exelator.com/	1970-01-20 03:25:25	Name: ud Value: "eJxrXxzq6XKLQSHJIjXZINnMKDnVLCXR2NzC3MLMxNTczMTA3NAiJdk4cXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ8SX5RZvoiF9fFRSlpDItKik8F7w%252B9DgB35Coz"
.bfmio.com/	1970-01-20 09:18:13	Name: __141_cid Value: 9A303D4DCB984D64A0FA0CAC9DCAB1CB
.bfmio.com/	1970-01-20 09:18:13	Name: __io_cid Value: ac472030d0ea27f132c1faed3367effe263b91aa
.spotxchange.com/	1970-01-20 09:18:17	Name: audience Value: 4549f1c7-81e4-11ec-9fe9-1e1d47870206

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=9A303D4DCB984D64A0FA0CAC9DCAB1CB Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=9A303D4DCB984D64A0FA0CAC9DCAB1CB Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=7520687762043519741 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3deaaf54bf7a852d828065c17ff598b2.safeframe.googlesyndication.com
aa.agkn.com
adservice.google.com
adservice.google.de
api.ipify.org
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn.ampproject.org
cdn.engine.4dsply.com
cdn.intergi.com
cdn.intergient.com
ce.lijit.com
cm.g.doubleclick.net
config.playwire.com
connect.facebook.net
d.agkn.com
eb2.3lift.com
engine.4dsply.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
img1-azrcdn.newser.com
img2-azrcdn.newser.com
kinesis.us-east-1.amazonaws.com
load77.exelator.com
loadm.exelator.com
loadus.exelator.com
m.addthis.com
mb.moatads.com
newser.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
rddywd.com
rules.quantcount.com
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
ssl.google-analytics.com
stags.bluekai.com
static.chartbeat.com
static1-azrcdn.newser.com
static2-azrcdn.newser.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
syndication.twitter.com
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
v1.addthisedge.com
www.google.com
www.google.de
www.googleadservices.com
www.googleapis.com
www.googletagservices.com
www.gstatic.com
www.newser.com
z.moatads.com
s7.addthis.com
104.111.215.191
104.244.42.136
108.157.4.80
142.250.184.226
142.250.185.162
142.250.185.194
142.250.185.66
169.50.137.176
169.50.137.184
18.135.35.213
18.66.109.174
184.30.24.121
185.33.221.13
185.94.180.125
2.21.140.111
2600:1901:0:8eee::
2600:1f18:612b:4216:1314:397:4325:f0c1
2600:9000:223c:a600:18:1fcd:34f:cdc1
2600:9000:223c:c000:6:44e3:f8c0:93a1
2600:9000:223d:ec00:14:2602:6e80:93a1
2600:9000:224a:4800:1a:1459:5cc0:93a1
2600:9000:2250:d200:12:4abd:d340:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:3036::ac43:8a2c
2606:4700::6810:9e11
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:46::44
2620:1ec:bdf::44
2620:1ec:bdf::69
2a00:1450:4001:802::2006
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9d
2a02:6ea0:c700::4
2a03:2880:f02d:100:face:b00c:0:3
3.122.111.84
3.209.102.28
3.212.89.65
3.227.250.175
3.232.242.170
35.227.248.159
35.244.159.8
35.244.174.68
40.114.51.62
44.236.180.40
52.208.32.237
52.222.214.42
52.30.14.23
69.173.144.139
72.247.226.64
72.251.249.13
76.223.111.18
02990729bbbb066fccf5f274626c1f0f7e7edbaeaa2d15451fb7062a7264377b
034b0077589cb2fdf5f045f587740877d385374de54fb733c7626bb1119a67ce
04230c3031ba7b616cd9f7c720d87023387dd16cf74c56188edc2049de753bc8
04321424ef276f3762e2cc09dd99a03188d641f3a2cd02d0c8c08b7b95799f24
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
059e5a44ec9f8bab93a45cbf617ac529605f99891cfe7f5e9cb19a5b4cf9cdfe
0629f743a7f2e66a09dbb03908062b6a53a33133525eb19471b930a048e6aa43
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b7fd6d5e58c021a19ea46b59a1f91f7596fe7e5df982282a2f3a70b3e35638c
0c82e3739d9fd652c6ac2d8a3745d4a35fbd7a9277b0ef2b2885c1db030c3cb8
0cea0e91eed9da266a8fa318966de2409dfb9e80a4fa7b090b433da5918364a9
0d06df2e703c6ea6489fa19139cfd5f375495183c4145762127dfb5208f2540d
0e6b38f7ae14da07f70cdbec2a4590a70af4bf7de5480106b74c39a7979cad5d
0e95603a1b75398990e8e6c8396068f556799d4efcbe58671ddceb1ab5ba0fc8
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10ed555da042a1e6d6fe0c6b22f87d91f84f8f22fe066a92737a4243df776bd6
1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134c165adca320e5fe0db5fa155e5bd92a55b44879c0dc3c6b9f0a9fe343d994
13aff0812c49276fdb1ef2b2292b396ce5e3325a7c13e9582212577d2f0ce975
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f
1794ce66c6f7b83e3a027cc5b104ad113159a32529a70e3380d47f6e09dbfff5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185b7539076b9f8d807c5740180aac4e2a4b3bc2912b4e9485950ccddb4cb39e
1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0
1b38f2172e240cd582d97f048c5e8cb35554e3c405d03fa229b4e82c3f01438a
1ba7d96e96816ad55477d28aa986a4a867c7531d2168feb5066585dd94195743
1be3ecbdae57ca411ab97f5447e69535659b58815f06d4b9790d403f2fc8356b
1fa72666b437fd3fc5a9283ad1b7d64ca681f2a4e7508d1de0eaad6e0bf10750
21349b60e999f29bb11fd1384e57ea43faf7bb39d7822e81c1e30de505663228
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
23130a986b2d780260ca7295774432d7c5ee94cf277a8052a136b910b05f120e
23248ff4b7464d9f03a44d8ca0738f1c418f0e002b3431a33eb78da15eea8d03
237a4fa7a3bc563cc5806f5d26917eb241fb6f2176fcc094e342c473016cedf2
247c59dd1937ee82306ec0ce802ab322157aaeca683dffdeb51508c5716e6977
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
286e0981e7354c418fc0334ddf4b3b8fb930b623c5b67d41ed1a5bfe6fbaf2c8
2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762
2cddcc76dd7b01e07130b647637c2c81f27ab4a0214973a010e712813f311138
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2dd76b128ad19839d224eb21e2f208e9894bea040b9429bf695eb32d511e6e21
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba
2ff8684ee0e3acfe08494f09ab05494bc7cc842af6834e3877eb160a949f0c7e
307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb
316f775333e0567a2ea23141b96349652855962025964f0ba097c64c06fb639a
31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b
346e6776ffc7796ca15034c67c043bad204bb5295a56186d04625aa7b7985748
354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3740532989eefa6c15895ca294973e460770de8e660850efc95cd560d817a1bc
380e14fb281d1d8fc0b4bbf0601d448942501f3581085c07bc373aec1adefdf5
390797ba5a9abeddb21d8a1dd72155b4c7c1e5c13b5a7201cdf86df073ad03c1
3aaa5c9fc7d99f8a956ca2481a72f36d142246ad42f68d6ba90ac4edb95a7515
3b556e6cee32c4b0c80ef893fd00eaea90330b3a127a8dffecabbedaf6aba7c5
3bbf185a378e69925f774e6d5844a9884d37561698c585cc9b748cea127c2c2f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f9ebf128c9383c5fc8f3a73439f0e2dfb997f34318383e554b124e37c319c2e
3ff1c2b22a22f605896511bca1355785ea2ed61d904a4220c49da9112008fc0a
411626d5e8eb3616fad95e39e91afe59dcfd424b9492c2c43c76a5199dc69768
41f9fdd28cd3937d5e42d631b42b9779215ffafe8bf13e9472c4583d94265f7c
41fa061fd8a72f16e9eee21d78b071c6bca68ddc63ca4df9588986ecc62dae28
43a9d053c33ab061ab1cc70ddeebb86270a32c7db64742a1326852d81c0df9e0
4475d2347dac904117a6f94f0c6ae4de9c7c022f44731afa213e4ea9ae86c0a1
44da54fd69c8966482bc49d3744fff0a7fd944dc2dd5732d9f710da7df4329bf
486ab000e859d030da7f768b4c96401d995b79f5b8620eefaafcc2cfcbdd057c
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
49f8584d1d0dbff1c1347ad1db13ef74f8edd89e3f6ccdb5636e3c7b0ca8ea6b
4a517e84097a36e411922caf77510661b58ae21755bd2927057916420e0c4dc4
4a5d81507b6b90d018c7b1ad981d08416582cd454c72a8d93ece700f92f24936
4aa42d7442c394096d40efad6d8d533232c025738083b5c07b34691696888dd1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d51312ee5a72f1a96b6b5dc7c3bad427a65c0cab8812e49bb40018919232f67
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
4e5703b23d96dbffc24fa6f316bad0cfc3d8221f487d45fdbeceb8b26c85b14b
4e7305acb88ef6d07c54958cfa21ab76ce94e637678140ac4abf5ebc3ae76a92
4e7fc8052650e22f03ac26e86cb617119d57ec5d3198b8559e3cf433b279e99f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50bd57f4bdc1ee6ea9a3457cd38b3c0cb3f8293230f579da45e43fb5d66d5fca
5122ba93a9303c1dd09b760b3195122db1beef3b3d673b2274ec5ff2e8512ad1
51b3d1a2d7433f93d0cd3dfcf5838e7221e07329c4806adc9d860e788a17d4fc
5347c78f51c7cf4a4e84d4be12317338a93ff8da7df24519360728769e48a91b
543c6a7a7a7f6703901337e93a45487781689a53efb697386dfbfd24786d160e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594deea2cdcf15cb176a4cf6bcfb074ba22cc55c698833db25a8ac30d5ede92c
5aefa167c7b8f3305b610d93f3a198818ade815d5f9150df9fbedf00b34b705a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c8e2b63593c31e87391f96f1a9b4b1c19b67966e560256a40cea1ac6c51307b
5d4fdbd46d6083390a561c90d45d68d23843ec3053b58e25fa3cc702a87b2b7a
5ec80b688833a13ec1a4799e36cfb5d3d3cf8ce76917ad2b36a32cda0e9386c1
607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
658032138bb2e1a026be5f4f3bc8923d522b2aa591175b7887f5bdb6caae4cb1
65db3d75c61bd51568b39a016efa0cb90f3df0514fcfb6ca65c83892d66e1691
69c11828cc2905f5ddbfd2b0d8f78a685c5b7a3502f5235887a22c91b5da6ee9
6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14
714f7ca1e900b9c6cb9e4f395e0c18198004690a6ee756a416a172c2ed9414eb
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
73f0cc9da2374ff54b9647526db4113ab88116b60f6e72ca118cd10b291fae24
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77c997e2ca9694c65e3ec1cbb1a8c7a82f6fbdfee8d560d36084bedf90e3cca7
78df9e9e47f5809e3438e700f53dd96ae52a3751c8b6f15f68c16f98f8aab900
798f04d4f989a6f4062a630a1e1d642749391b9d4d8ec416f6554c0bc3bbf408
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95
7d900ebc614ac1d2adfe556578ff35cd8ba0b821dbf70aefe901684e22e29008
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
808040f86e3312efdf38a2c7ccbae07dc72534f75ff4a36989deb3c721077612
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
868d77bd718ef455def89186f8a2c4ed9df8cb2e1d38cac13f76281c996d6535
870c196156856ec66eb4e1d7b376eca50e218883c93775524484b4fe4603f5ed
8b38afb8226ce92ae65edd3bb8011a83628178ca577ef4a2148f0c99a1d80e4f
8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192
8c853ed75b7345b3d2d9f5af9fb56be87fef7bcf2863f8836345ec318396758d
8cd898214e275702c8334ad5a771326582c3298ddf418760b09b8b6d043289d8
8db3cdae20a2cc55562a300687c0e6863a51e53c9735457ad313c09f501422c7
8eef6ec74a5d580cc3f8147131f97094fed7507ad69b79c23fc74f7bde66f421
93f0ec34228e9151b334449d32c5d17945e69fcf81c2579da92c11ea892d8927
94360a6ab3ea5a75cb34a06ef2ff905d7ea0a7dc43eefcff9b6f90e737fa4e41
9464c8837610579e5ac316fc46c1e136c65433f989cf1c6a30c62e840e258348
9769b09b9532fb94b22909364ad7ab7dc2683f4575ef1ee606cb3a6db73748f2
978f69abae4d7fa60114fcea9ee790caa3599e4aa961d630bf8204e8ceb883b4
97dde2799af977e4004e45c29b84b8be9b26ed417ef708b702b34af287ff254d
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269
9a1c965417bb6122a80900a20c8fdfb7cf87cd495713c142d93d3c07a64e75cb
9a92ec3f2d9cab561e7a65d28f9f8e94480c49d12f108df905075fbe6854f8db
9d5019bd2fae955cf530cf7f1a6d48a40595abadfa86a956c118b2c97e9d4779
9da3111da1b3998343d9494f461bc6d38b46947e5651ad71e5c455f9713f7cb3
9dd77e07919ca643d4e7976497fda21e4484c64936e15b54ad6c348257af48f8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86
a162db4d4ec665954b0c34e7fdec5dc2c7f1f42b54072683b5d5cccfcaf3b11d
a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a5a55d04b4ac5561544c97f9d552b1e45ecfdab797c37d2b1e5d941b8648c4ff
a5e0a2f44a9b19aab51c0429ab10594535ded41e004c5dc2ebdcf022b84b1944
a62348491ab317874ea90c67adea37df3ca6ff3c768af7c293c019ebae858d42
a67c13f917d49cb6abae4b521e55f61a83da2c4b5ba4393b4e59acc954be1c20
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a87d4c2682d10f0750f0e1142e25fce055f0ae596c7a277bbaf2427ddae146bc
a8f20718bcf79ae5797599afb4e59612f2bb75334dc8d40aa8a56d21417ac73c
a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac95d8cf8cb82ae4d077cb942c54f3a130d83902cd407743a770c6b34c4d98b9
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc
af9661ddc030cee02bfbd41baf7608e14327ce95a3199e6714dd8d3a12f21c71
b2e978b977e1df195c0172ea1e1a1e2271890f7ed292b799e20a414fd42acb33
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
b427bf3f448caf3677fabce3ccdbfd6b0d832362665297b8c392efec64c6ee4b
b4fb0434eba77c4e60becbf6a700e1b1f53f8ecc7331a59fb38f1d8771b7efa6
b59ced8df3736c9ab974d831b1718afe1b29e6e8a2a64f34eb4321aa1a103b01
b80091da8d4f1250950427e99ccf9db587c6569b5fffa986ec425e37363117c5
b889e344c4f8d84fbcb58cea388201a47caaab2ab9fcb6769a01b2152b9304e2
badc6e9e3ae34d5ee181ba969b024cc330ffd812f5977d5e989cf6fcbd4ca1b9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9b673f70e36909c34e071263c99d8fdade84b1ced55968c3b658ea5c3f0fa8
bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703
bc779eca15675ccd4bf6aa23f0e6d04638f805f346d46092add71be913fa621d
bd51c6d77f3f20cc41d472110d0bde8dbf406f754773eec6103d40bf5c9df0c1
bddc841f91f5c39676abff8eed53be5c5a23cb2fde6051b72caf1b758e487d64
be045d5a8274db64724bbb9a8c2846e2247c17ec9ea7e13f2a319dde7626ec8e
bed31c2062d8bcd1167d1be160c5d65dbf8b1ea2a75fe7f91a5396fe71e51cc0
bf93cf51f40cdffc7e84c2267d234704d29fe9941fd22a738c0fea22f221f82b
c00e4b444e4089660152f10bb0cf87d45be907756bf33150841afc2f8a69d791
c0d8c7a6bf76c57da334c1b75724fbb20f592e5040c9088779bc21ed33b177a7
c0e2de1910c51b9146fec0cc847f64b28a62b86f030e1ea05a7d8b05c130dc9f
c14bc74eb84a60374cafb46143c0b2ea118ce9622b75c12cd7196fc129cd8a5c
c3a99bb651bce59ca498c2c9c97290408da53d49dc917232ed4a0dadf10a57e5
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c6147bd9ef55a8d63dc00d57f9bbf6aa9577e5baff33b6a0e11242b1ee588294
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c799a6f6787bb0fb745ed4594193d09ddb720cabec27bff4234b052979637a4e
c7dff2266b8de79be9543dc8c2aff1b841cdfd58ac0d59c082d9e6f3db5d43f2
c86dd20594d0c4ac6874b84f72ca727f390e0c2948807088a789ddaf38ea5f07
c95057e6d5bba1023fddc1946001723435dd163fec996823f5dcf2fbaa01cee1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7cd2a4608296a9ff32e81e120d27a5a37a77f7e67079efba169b43a8743ea2
cba00eeef256b0662dfe41916464ddbd5c1b30f701e8373b760e0cbaf425c98e
cd894fd0d07d985171809c5a1bc653a3388ced6b2e32a44e53c63fc1ea30cec9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c
d27516c986b068ec31188f9787d4489255df48361ff089c815b8c2aec5a1bb9c
d4b287e248a1bb66341367e98c58dd2c3ea543ca857717ddb94485a174dcdb63
d5ee43ffd22efce6a405cb805a86f3f6c28c7ed9b4a9427a2e10fad69accf2ef
d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857
d7996ae15bbdf9fa23302679f82c6341f27dcbf3709e6d033c3e3f3ae7876b24
d8396d650599691373314b1cf6fb728df811aba509f8a9bfc0b2499a89da3aab
d8f64ca73c0faaf5d9d1e56252a2d89a23262ea516e7d731adaf5f255d4081a3
d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211
d97e795abc94a584e788c78eaa25a21d61935d7d514fa04655ddadd8e0a44896
da4cf27b9fe0ae190ef96fdbd0d9cc1a69d561ae0172d4d38bf10380d4d33957
da8a4f547b33fd0f6139098d6945e4a4868fcad70204ab34aa4e49bb41a90c01
dd93a97df4a101c9d0b60d1e6ab6ce5a33c8e00b10d4f2f0fdba7554faffd73b
e07fac4323e918dbe03b5112e649861c72aeb3e596ef9acbedeaaec547f529ef
e10b19c837b2c17d7e4b3cb62a9646323d4d0829b88bdb922aa6296dbca9e4cc
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e316d9c0a8107047e2725228fc152be951f1ad069c3f2f3935b19e5dcfbaba8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc
e40d12b256074d2ba43d1e8098a8bc039e3197ce0fd446a5ced2b9234f741d5c
e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca
e4ad92e954944eac3807c7f50b2c213d8ddc2bc8a1324ed8986a733d4196e94a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e755eee43bcdcb69b3f7b2dbff081a9af26e9da32c92ec2f175ac0efe0f51423
e755f8a3afc69374a35aaeb73deb4c6a57bd6bc9803642b1a721052918001547
e990f8a7023db06444f9552e7bde007060d0e1e86b72ae845f24471bce3339e5
e9ccd332287bfaea95a1e04ace91e3cffacfe152528b98fcab5ca60fc634f4ea
ee860898fcc938895b1b12a278cb8f997f65b23214b102ba2c42738a028f1a17
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f33f6446320fb034227d51337ec86a0f263cb1ed53e4275cae2fb55b322504cc
f414033c9b93d7223d3651dc723bf66c6c368d2a6616f4500b300e805efc4419
f807b7652390cbf0f3caef0abc752e93c026cf7d2c46fa8e20b9e3f3a2dfd867
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
f97b3767fd2ddc96826e92f29805f1a85f0c768b31380394d251b4bf3b84d513
fa2f0e9c789e85c558c08a5b84edbc14ebd795915d13987a53032214e8fc3b1a
fb0da9c5679e4e04fe036c10e42d93ed5a9a3a8f632db1cfdcdf6352ee4ff789
fc7f3dfe9ae1dda7006736f8f5a8671565609dfe6b48d8e9a06a1fc64f1c9cfb
fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fe443970eb7a49a4749815af2e1002e4b65aac7635a1ea7a92b9ef708e3cac4a
febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8
ff76febbb198182768c97dc65c99a48194b9f837e8aea60b94c6f9b776e51977
ff86a593e9d927067863a7662d4f3d04bec6c02ca2259f6a9e91a486e4345142
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4

www.newser.com Open in urlscan Pro 40.114.51.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

287 Requests

92 %HTTPS

51 %IPv6

47 Domains

71 Subdomains

61 IPs

6 Countries

6559 kBTransfer

11087 kBSize

68 Cookies

4 Outgoing links

Redirected requests

287 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newser.com Open in urlscan Pro
40.114.51.62 Public Scan

Screenshot
Live screenshot

Full Image

287
Requests

92 %
HTTPS

51 %
IPv6

47
Domains

71
Subdomains

61
IPs

6
Countries

6559 kB
Transfer

11087 kB
Size

68
Cookies

287 HTTP transactions
1 data transactions