urlscan.io logo urlscan.io
SecurityTrails logo

newsheater.com Open in urlscan Pro
68.183.105.106  Public Scan

Go To Rescan Add Verdict Report
URL: https://newsheater.com/2023/11/
Submission: On November 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 3 countries across 17 domains to perform 131 HTTP transactions. The main IP is 68.183.105.106, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is newsheater.com.
TLS certificate: Issued by R3 on November 8th 2023. Valid for: 3 months.
This is the only time newsheater.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 53 68.183.105.106 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 151.101.193.91 54113 (FASTLY)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2400:52e0:1e0... 200325 (BUNNYCDN)
9 23.35.228.23 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
3 54.209.119.97 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:c00... 54113 (FASTLY)
5 2.19.100.239 16625 (AKAMAI-AS)
1 34.120.63.153 396982 (GOOGLE-CL...)
4 2400:52e0:1e0... 200325 (BUNNYCDN)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
7 2a02:2638:d::2 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
2 2a02:2638:3::10 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
131 28
53    68.183.105.106 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
newsheater.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.193.91 (United States)

ASN54113 (FASTLY, US)
forms.aweber.com
3    2606:4700:20::681a:11e (United States)

ASN13335 (CLOUDFLARENET, US)
app.ardalio.com
3    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.convertbox.com
9    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
hbx.media.net
contextual.media.net
c21lg-d.media.net
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    54.209.119.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-119-97.compute-1.amazonaws.com
app.convertbox.com
5    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a04:4e42:c00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
5    2.19.100.239 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-100-239.deploy.static.akamaitechnologies.com
lg3.media.net
hblg.media.net
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
4    2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)
fonts.bunny.net
5    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com
6    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
7    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
2    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
Apex Domain
Subdomains		 Transfer
53 newsheater.com
newsheater.com
3 MB
15 media.net
hbx.media.net — Cisco Umbrella Rank: 1337
contextual.media.net — Cisco Umbrella Rank: 691
lg3.media.net — Cisco Umbrella Rank: 7529
prebid.media.net — Cisco Umbrella Rank: 1335
c21lg-d.media.net — Cisco Umbrella Rank: 2513
hblg.media.net — Cisco Umbrella Rank: 2223
318 KB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
61 KB
11 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986
csm.eu.criteo.net — Cisco Umbrella Rank: 10557
113 KB
6 convertbox.com
cdn.convertbox.com — Cisco Umbrella Rank: 27247
app.convertbox.com — Cisco Umbrella Rank: 26870
160 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
180 KB
5 gstatic.com
fonts.gstatic.com
133 KB
4 bunny.net
fonts.bunny.net — Cisco Umbrella Rank: 11673
49 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
301 KB
3 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 10450
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552
42 KB
3 ardalio.com
app.ardalio.com — Cisco Umbrella Rank: 80650
7 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
64 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1329
605 B
1 aweber.com
forms.aweber.com — Cisco Umbrella Rank: 49923
424 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
3 KB
131 17
Domain Requested by
53 newsheater.com 1 redirects newsheater.com
7 static.criteo.net ads.eu.criteo.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 securepubads.g.doubleclick.net hbx.media.net
securepubads.g.doubleclick.net
4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com
5 contextual.media.net hbx.media.net
contextual.media.net
5 fonts.gstatic.com fonts.googleapis.com
4 fonts.bunny.net cdn.convertbox.com
fonts.bunny.net
4 www.googletagmanager.com newsheater.com
www.googletagmanager.com
hbx.media.net
3 lg3.media.net newsheater.com
3 app.convertbox.com cdn.convertbox.com
3 hbx.media.net newsheater.com
hbx.media.net
3 cdn.convertbox.com newsheater.com
cdn.convertbox.com
3 app.ardalio.com newsheater.com
app.ardalio.com
2 hblg.media.net
2 csm.eu.criteo.net ads.eu.criteo.com
2 imageproxy.eu.criteo.net ads.eu.criteo.com
2 4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 region1.google-analytics.com www.googletagmanager.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 rtb.nl3.eu.criteo.com 4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com
1 www.googletagservices.com 4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com
1 ads.eu.criteo.com 4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 c21lg-d.media.net hbx.media.net
1 prebid.media.net contextual.media.net
1 polyfill.io cdn.convertbox.com
1 forms.aweber.com newsheater.com
1 fonts.googleapis.com newsheater.com
131 30

This site contains links to these domains. Also see Links.

Domain
wordpress.org
app.convertbox.com
Subject Issuer Validity Valid
newsheater.com
R3		 2023-11-08 -
2024-02-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.aweber.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-01-24 -
2024-01-23		 a year crt.sh
ardalio.com
GTS CA 1P5		 2023-11-26 -
2024-02-24		 3 months crt.sh
cdn.convertbox.com
R3		 2023-10-21 -
2024-01-19		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
convertbox.com
Amazon RSA 2048 M01		 2023-06-27 -
2024-07-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
polyfill.io
Certainly Intermediate R1		 2023-11-12 -
2023-12-12		 a month crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
fonts.bunny.net
R3		 2023-10-16 -
2024-01-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://newsheater.com/2023/11/
Frame ID: 070C58A7F33A2EBB2C11DFE78EAF3E63
Requests: 101 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&hb=1&cv=37&cs=22&cid=8HB98NHDU&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=1&itype=HB-CM
Frame ID: F124F2689D41627C596592A5157C8E10
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8HB98NHDU&prvid=99%2C77%2C3029%2C246%2C4%2C2068%2C10000%2C459%2C229%2C9%2C262%2C461&itype=HB-CM&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: E3C2CDD883EDF4C72513602041DFE625
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CU2C156D&cs=1&cv=37&hb=1&vsSync=1&prvid=3%2C38%2C41%2C51%2C55%2C56%2C59%2C77%2C80%2C82%2C90%2C91%2C97%2C108%2C109%2C113%2C117%2C122%2C126%2C128%2C132%2C141%2C145%2C157%2C159%2C169%2C171%2C174%2C175%2C178%2C182%2C184%2C186%2C188%2C193%2C201%2C203%2C208%2C214%2C222%2C223%2C225%2C226%2C229%2C230%2C245%2C246%2C251%2C262%2C273%2C339%2C450%2C459%2C461%2C2030%2C2033%2C3007%2C3008%2C3009%2C3010%2C3012%2C3014%2C3015%2C3016%2C3017%2C3018%2C3020%2C3024%2C-1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=
Frame ID: 902F8580B007756CA6B8AE3CF6BA9F80
Requests: 2 HTTP requests in this frame

Frame: https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BA40E83C0D2AC6FA30D36743D8C54E00
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 542986ACB03F7CAB2FBC977517D35B06
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DBF581ADAAEC37B2A9AF8F4F5149BBE5
Requests: 2 HTTP requests in this frame

Frame: https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 553F09A3A984A30FC7E007E8ED594383
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWTVmAAPCJMKd_qNAA15jCsHQraMQjnJGFbQTQ&u=%7CqBpCApGdDSWDkv7Zu%2FiDoI2zhdkgIPzwFdtqG2W0m3k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Ggba7Ek_uEWjlAtlimXUzow8WqpljR2ztyEV7zyKcFBJjo-Hnl4JHWoEv3PF2VNXkL1fRqzr37PTvDjuNfkJ0ElsFRpQtYfWRaTZUwpeqo2TCF-uKwNVXdY79nce6SAlyo8PXZT5wycOIciJhG6Fq7yLS24HQFXBg3bE1eBm5q2N-rSaTn1N3AAKAha7rkLmBAEU8oJSXkgPop9TvpQWqGs8ovUJpiwAHiWNd3MVpcRRoiH4R8pyt8VSVw7bi1U52Bdao0WdfOP5tIjGRjEcehx-sbxVgRRMzsGl7Uj5b6Qh7IfTTl23iACXtYjSociiRD3Eh3zMG2kbzgyhGvPTqMlQdaIRAkdcGTeePvvOyg54uHfhVWicU3WF4OuHpGvGnNVLJ4s6nQL3X1-3Mu-aXxfCtH6ZeKE87UPThA-JOGzJv3kP_hXnA9Y9Lx3dHH1Grsk1LKqL8WR2m5OAhDf8tVDtqKJBn_2VQvpBbIQ329cZARCi4MUVXKklc7ILab37f-08Wt0oQmS_UivOvwvq0d5MDptRgc9l7p7rYMviRZ_9a-oOgu9fd8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_5wamNVkZZORPI313wOM87WoAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5Nzc1NTE0NzMzNzYzNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBMECT9DIIC06aA2W_rLzbvcqsmpHWeZgqbXZQmrcbsIRdEii3dx3qh9c8idTOLiJ5MT5MDirUCgAsj8-O181w-JUrI4sncOUVK2yI-163R85wnTrWh5oOvOClUfY7qAZLpALAUs00C5AMoEp-uyDL-ar3jvcxafIvpZrhclvRpy2hvLXAxAOsbQ2kB4t43y0gnM3TUM2y13mS8cwmAtn-cO-vucJMFrUSBN6LGbNUBdOkV-M6GXhsua-lWZVjv2u5769KfMOGTGf0euDj8fpp0zZDv7X-LEzpSPP2ruEekmJa9EZApwDpdV0iK9kAODTdQI2nPyFRNn3sxYUdRoA4a3jsQ5rziCqxiToWF6gAi6VXFpTed7mvYIzH7jFfnRQ7sPNtE6iwY6u0YDUGIj_Crvsqc8UAcBfsOQZubEOv2GlZWh64AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwi5hPLh3eSCAxWN-ncKHYx5DRXQFQGAFwE%26num%3D1%26sig%3DAOD64_05v9-5ZMeTDV-hE3oxQWToc4btHA%26client%3Dca-pub-9997755147337636%26adurl%3D
Frame ID: 23798B7E7C157E06769E23D9CE04BEF3
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

November 2023 - News Heater

Page URL History Show full URLs

  1. https://newsheater.com/2023/11 HTTP 301
    https://newsheater.com/2023/11/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • backbone.*\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • \.aweber\.com/
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

131
Requests

99 %
HTTPS

74 %
IPv6

17
Domains

30
Subdomains

28
IPs

3
Countries

4945 kB
Transfer

8751 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://newsheater.com/2023/11 HTTP 301
    https://newsheater.com/2023/11/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

131 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newsheater.com/2023/11/
Redirect Chain
  • https://newsheater.com/2023/11
  • https://newsheater.com/2023/11/
138 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
144dafaa7d28ca8b3de61dade976701c1b73097d22a2cad300b1c303462d986e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
42984
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Nov 2023 17:44:54 GMT
Keep-Alive
timeout=5, max=99
Link
<https://newsheater.com/wp-json/>; rel="https://api.w.org/"
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Nov 2023 17:44:53 GMT
Expires
Mon, 27 Nov 2023 18:44:53 GMT
Keep-Alive
timeout=5, max=100
Location
https://newsheater.com/2023/11/
Server
Apache/2.4.41 (Ubuntu)
X-Redirect-By
WordPress
4e48bacb-9313-4978-bf4e-f61c64df4732
https://newsheater.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://newsheater.com/4e48bacb-9313-4978-bf4e-f61c64df4732
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
style.min.css
newsheater.com/wp-includes/css/dist/block-library/ 		107 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 02:14:38 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
14499
wpda_public.css
newsheater.com/wp-content/plugins/wp-data-access/assets/css/ 		90 B
421 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/wp-data-access/assets/css/wpda_public.css?ver=5.3.9
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
bc770011243e9d2b1a735dbe4a8bf6cdd6b60a0968bce0bcb6eef84190efb1b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 May 2023 07:17:46 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
102
style.min.css
newsheater.com/wp-content/themes/hello-elementor/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/themes/hello-elementor/style.min.css?ver=2.9.0
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3c3c0ebe37e4fd4187131a0a8d039064a9014215c4b83199d909e7e0b2d7f450

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Oct 2023 14:00:14 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1873
theme.min.css
newsheater.com/wp-content/themes/hello-elementor/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.9.0
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5f9d3a91d5bbc09131900b7dc64ba4328bab03dc7221c5c2773397cb656bca18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Oct 2023 14:00:14 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2490
frontend-lite.min.css
newsheater.com/wp-content/plugins/elementor/assets/css/ 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.16.4
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f2505437c541fbb54d3381687c49fded570dbc01ef97032d3db827f11825e971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 11:28:32 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
13772
swiper.min.css
newsheater.com/wp-content/plugins/elementor/assets/lib/swiper/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 11:28:32 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2409
post-247826.css
newsheater.com/wp-content/uploads/elementor/css/ 		1 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/uploads/elementor/css/post-247826.css?ver=1696343318
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2885ecf0260f961f6f52cea907d8b2d6cc117ae4e7caae017d5da0934f0cec2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 14:28:38 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
409
frontend-lite.min.css
newsheater.com/wp-content/plugins/elementor-pro/assets/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.16.2
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
41eac43c1137e23dc691d5605126f42c477b739d40867c3022a1c9a857dd3194

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 11:28:38 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1637
global.css
newsheater.com/wp-content/uploads/elementor/css/ 		40 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/uploads/elementor/css/global.css?ver=1696343319
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1166085fa6a2be346719c0be8353fcdbe5edf138bff9a15371389bda76a4077b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 14:28:39 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2946
post-263378.css
newsheater.com/wp-content/uploads/elementor/css/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/uploads/elementor/css/post-263378.css?ver=1696343321
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
00812b0d9c485c5f5769d77e5cc34e246c5d1c6c9c5fae3888b0ebf4ce0b7e2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 14:28:41 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1097
post-263380.css
newsheater.com/wp-content/uploads/elementor/css/ 		4 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/uploads/elementor/css/post-263380.css?ver=1696343319
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
553bc0ffe126354a05cfbacb788eb50c1083ad0fe4044adac5d36d9d7c9a93a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 14:28:39 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
650
gdpr-main.css
newsheater.com/wp-content/plugins/gdpr-cookie-compliance/dist/styles/ 		85 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.12.8
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ee03ca80fc937d6ca1b81c8be5e977dc79607f89522363679028724f990b3991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Oct 2023 11:47:46 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
8792
css
fonts.googleapis.com/ 		97 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRubik%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.4.1
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ffdc34db789f2889829350e5d09d4e124d51a5d8e957d0b8d9bb87563814e813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Nov 2023 17:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 17:43:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Nov 2023 17:44:54 GMT
jquery.min.js
newsheater.com/wp-includes/js/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 02:14:38 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
30368
jquery-migrate.min.js
newsheater.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 15:19:45 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4872
underscore.min.js
newsheater.com/wp-includes/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 15:19:45 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
7311
backbone.min.js
newsheater.com/wp-includes/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-includes/js/backbone.min.js?ver=1.5.0
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
90554181b9d143453475bb69bbce45d406f2d2119409db9b71da8552536681a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 02:14:38 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
7960
api-request.min.js
newsheater.com/wp-includes/js/ 		1023 B
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-includes/js/api-request.min.js?ver=6.4.1
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1a234275545ba883616ac6b4151a0f06d9bb097146e806e40317a263bbf1c51e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 15:19:45 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
590
wp-api.min.js
newsheater.com/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-includes/js/wp-api.min.js?ver=6.4.1
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
947960adcbb708c908d60c1fb55b6c617e11c93876ecf9f525f13accf7ddb591

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 15:19:45 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4136
wpda_rest_api.js
newsheater.com/wp-content/plugins/wp-data-access/assets/js/ 		26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/wp-data-access/assets/js/wpda_rest_api.js?ver=5.3.9
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4b276941b3ad41900406cfc43d937394baa0471ba2304c9b915ec6391132357d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 May 2023 07:17:46 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
11919
js
www.googletagmanager.com/gtag/ 		254 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W1J31YHC98
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e27cef80cd97ee72facda07cbec137ca947db7f5431754e5a277890aa75a3fb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88569
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 27 Nov 2023 17:44:55 GMT
widget-posts.min.css
newsheater.com/wp-content/plugins/elementor-pro/assets/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1a829e1d6e41d31c49d5da4fc80f0d3a7ec3a42346706e092e19515ac518a057

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 11:28:38 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2316
Image-113.png
newsheater.com/wp-content/uploads/2020/01/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsheater.com/wp-content/uploads/2020/01/Image-113.png
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a962d5a46476dfe466b3807c6cd96d3cb7b9fbc48f1c4110e1f0598f7ed5db45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Apr 2021 11:39:35 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Image-112.png
newsheater.com/wp-content/uploads/2020/01/ 		325 KB
325 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsheater.com/wp-content/uploads/2020/01/Image-112.png
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
17a150703b586d6b7b045dd1dbbf1fa5071f454e8bc85940da6596f2b0a1e384

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Mar 2023 10:32:53 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Image-111.png
newsheater.com/wp-content/uploads/2020/01/ 		382 KB
383 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsheater.com/wp-content/uploads/2020/01/Image-111.png
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
586ad022c62858f3f6e6e5259fb817178f72ff60aa1ffe6436da5414536b1135

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Mar 2023 10:33:06 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
widget-icon-list.min.css
newsheater.com/wp-content/plugins/elementor/assets/css/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e0aa068ac5dfad098da734d929000446f50930d7411a075c031ea96a9352970b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 11:28:32 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
972
displays.htm
forms.aweber.com/form/ 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.aweber.com/form/displays.htm?id=TAzMzOxMTOzszA==
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
webform/1.5.2 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 27 Nov 2023 17:44:55 GMT
via
1.1 varnish
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-served-by
cache-fra-eddf8230057-FRA
correlation-id
a8fcabb6-48d9-425f-a488-ba802ce995df
referrer-policy
no-referrer-when-downgrade
server
webform/1.5.2
x-timer
S1701107095.357306,VS0,VE105
etag
"b80b11203d97fe01c5597ca3be70406ea48f5709"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
expires
Mon, 27 Nov 2023 17:44:55 -0000
main.js
newsheater.com/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/ 		60 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.12.8
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
89e11befadb453147740e47b21db4b639b8dff43259487ccd25c7e61c39906c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Oct 2023 11:47:46 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
14178
imagesloaded.min.js
newsheater.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 02:14:38 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1803
log7.js
app.ardalio.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ardalio.com/log7.js?ver=6.4.1
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:11e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b80b5e1f503e8e7c0d3badbc0ed4cab9c1b573c1422d05232c42400f8e2c484
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35706
cf-polished
origSize=24486
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 25 Nov 2023 03:38:17 GMT
server
cloudflare
etag
W/"5fa6-60af1ccb17ea2-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqnISZoKQDIn%2BEVYGtqPbWmDp2VDHR6%2FzOBZENdTwP7LtbokgflkcpZ5%2BivRVwYJJbcXMOjOf308BxB8HBoViPl0sGJ1mRpBvc8hv2dHtTGAWTZuU3xqU9NSK6UHqSkOPYZI%2Be0NIojSy8yu0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=691200, must-revalidate
cf-ray
82cc2e920fb1918e-FRA
webpack-pro.runtime.min.js
newsheater.com/wp-content/plugins/elementor-pro/assets/js/ 		31 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.16.2
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a8663b09bb0498246633a4de554b8ba9ec2ff267138d48947fd7832de70bee51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 11:28:38 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
14289
webpack.runtime.min.js
newsheater.com/wp-content/plugins/elementor/assets/js/ 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.16.4
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ec32eda321717c0da617841751a60dd4dfe70950fecebe013883dbe581e9d64c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 11:28:32 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
13867
frontend-modules.min.js
newsheater.com/wp-content/plugins/elementor/assets/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.16.4
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5484b3e4d8d0a6fbea5b7902a05890c0199033c49783cfd4eaa20e8608ce712c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 11:28:32 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
28608
wp-polyfill-inert.min.js
newsheater.com/wp-includes/js/dist/vendor/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 15:19:45 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
2484
regenerator-runtime.min.js
newsheater.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 02:14:38 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
2502
wp-polyfill.min.js
newsheater.com/wp-includes/js/dist/vendor/ 		112 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 02:14:38 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
35888
hooks.min.js
newsheater.com/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 15:19:45 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
1567
i18n.min.js
newsheater.com/wp-includes/js/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 15:19:45 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
3692
frontend.min.js
newsheater.com/wp-content/plugins/elementor-pro/assets/js/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.16.2
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9306fb20421302a5cc7601757596d43a3452338da05641f111ef1c3d31759d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 11:28:38 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
18402
waypoints.min.js
newsheater.com/wp-content/plugins/elementor/assets/lib/waypoints/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1d12188dd79efc303757b6e5db8c5209b86dc96267310d401e3941bcd85fedde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 11:28:32 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
14691
core.min.js
newsheater.com/wp-includes/js/jquery/ui/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 15:19:45 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
7099
frontend.min.js
newsheater.com/wp-content/plugins/elementor/assets/js/ 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.16.4
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0070bb19e063d11fcb6c67ed646297928888394ec14de90f4c94a75be89c407a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 11:28:32 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
24033
elements-handlers.min.js
newsheater.com/wp-content/plugins/elementor-pro/assets/js/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.16.2
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4044b2a3b08bd6d4813c8056b92eddc837d2288f31ca9da984f3ce7aa5e24494

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 11:28:38 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
20313
gdpr-logo.png
newsheater.com/wp-content/plugins/gdpr-cookie-compliance/dist/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsheater.com/wp-content/plugins/gdpr-cookie-compliance/dist/images/gdpr-logo.png
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2d91c5b43406f8e7f61aca23cec58ee76a8e9a9d4b9a7c96cc9700a3376ca42b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Oct 2023 11:47:46 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
1476
/
newsheater.com/wp-json/wp/v2/ 		165 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-json/wp/v2/
Requested by
Host: newsheater.com
URL: https://newsheater.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
688b9eeaf39cbec743ebc86439bc4f1d5c23a9429cb714ba5c568b3127f08ecc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://newsheater.com/2023/11/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache/2.4.41 (Ubuntu)
Allow
GET
Vary
Origin,Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Expose-Headers
X-WP-Total, X-WP-TotalPages, Link
Connection
Keep-Alive
X-Robots-Tag
noindex
Link
<https://newsheater.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Allow-Headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Content-Length
10368
Keep-Alive
timeout=5, max=97
embed.js
cdn.convertbox.com/convertbox/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.convertbox.com/convertbox/js/embed.js
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
e8548e68a845ea4998a36c690829772b8c8176e4b4bbf00ac77615bc4b282f84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:55 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-cachedat
10/31/2023 19:00:40
cdn-pullzone
53020
last-modified
Thu, 25 May 2023 08:50:41 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"646f2161-c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31
cache-control
public, max-age=31919000
cdn-requestid
3e998c38118045294c2bc16d7b1b3452
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
bidexchange.js
hbx.media.net/ 		707 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bidexchange.js?cid=8CU2C156D&version=5.1&dn=newsheater.com
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1de03408004e1f8ce0f19bddfd6cfe1e65637f24487c8e0d427356fe78853436
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Mon, 27 Nov 2023 17:44:55 GMT
server
Apache
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
timing-allow-origin
*
link
<https://hbx.media.net/__media__/js/ucreative.js?cv=1>;rel=prefetch;as=script
expires
Mon, 27 Nov 2023 18:14:55 GMT
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRubik%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.4.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsheater.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 22:38:08 GMT
x-content-type-options
nosniff
age
241607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35448
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 22:38:08 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRubik%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.4.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsheater.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 23:58:11 GMT
x-content-type-options
nosniff
age
236804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 23:58:11 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRubik%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.4.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsheater.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 18:16:19 GMT
x-content-type-options
nosniff
age
343716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 18:16:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRubik%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.4.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsheater.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 21:25:42 GMT
x-content-type-options
nosniff
age
245953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 21:25:42 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRubik%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.4.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsheater.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 04:45:35 GMT
x-content-type-options
nosniff
age
219560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 04:45:35 GMT
Image-110.png
newsheater.com/wp-content/uploads/2020/01/ 		299 KB
300 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsheater.com/wp-content/uploads/2020/01/Image-110.png
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d61f9fa9e5f8e0c5912113986625a5b2fbd6fc75895c45968cf58d50350a4fa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Mar 2023 10:33:23 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Image-109.png
newsheater.com/wp-content/uploads/2020/01/ 		254 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsheater.com/wp-content/uploads/2020/01/Image-109.png
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fc9c3669a7b2d5268b1d9d412e55358df011907d751c9fc8114fe3828f8a191a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Mar 2023 10:33:43 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Image-108.png
newsheater.com/wp-content/uploads/2020/01/ 		489 KB
490 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsheater.com/wp-content/uploads/2020/01/Image-108.png
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9fb9b8f933abf3d4fef5803208d59f7cff8b83ecd94a8cb4cca08d14b2996865

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Mar 2023 10:33:55 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Image-107.png
newsheater.com/wp-content/uploads/2020/01/ 		372 KB
373 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsheater.com/wp-content/uploads/2020/01/Image-107.png
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
592ec571c6d7f993075f2ab81124c4d1ad74da70567495f7880713087574b02e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Mar 2023 10:34:10 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Image-106.png
newsheater.com/wp-content/uploads/2020/01/ 		406 KB
407 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsheater.com/wp-content/uploads/2020/01/Image-106.png
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
733db8956fa0731fcff3bfba5d5bd27336db5f4af024544401fb5389d6481dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Mar 2023 10:34:24 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Image-104.png
newsheater.com/wp-content/uploads/2020/01/ 		428 KB
429 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsheater.com/wp-content/uploads/2020/01/Image-104.png
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
093fae69f8afca84866a78031a34fdda3f77bb4abc1fb8f9cda9ef97d608d043

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Mar 2023 10:34:40 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
NewsHeater-Logo.png
newsheater.com/wp-content/uploads/2021/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsheater.com/wp-content/uploads/2021/03/NewsHeater-Logo.png
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fc251ac3b509987441c5e0716919cda4d4f05266733a2f1fd6fcd53501c506fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Apr 2021 09:07:58 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
2700
collect
region1.google-analytics.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-W1J31YHC98&gtm=45je3b81v892916756&_p=1701107095317&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=911717999.1701107095&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701107095&sct=1&seg=0&dl=https%3A%2F%2Fnewsheater.com%2F2023%2F11%2F&dt=November%202023%20-%20News%20Heater&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1933
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1J31YHC98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 17:44:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsheater.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user
app.convertbox.com/embed/ 		0
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.convertbox.com/embed/user?uuid=ade71b4b-f461-475b-8a88-465515ea09f8
Requested by
Host: cdn.convertbox.com
URL: https://cdn.convertbox.com/convertbox/js/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.119.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-119-97.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.20.0
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Connection
keep-alive
Content-Length
20
X-XSS-Protection
1; mode=block
ucreative.js
hbx.media.net/__media__/js/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/__media__/js/ucreative.js?cv=1
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Mon, 27 Nov 2023 17:44:55 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=134329
content-length
2114
expires
Wed, 29 Nov 2023 07:03:44 GMT
tcb.js
contextual.media.net/ 		50 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/tcb.js?&cb=window.advBidxc.nativetemplatefetch&req=T31K017_120x60%7CT31K017_300x250%7CT9VJI4H_728x90%7CTC59MJ7_300x250%7CTC59MJ7_300x600&v=20|20|18|18|18
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU2C156D&version=5.1&dn=newsheater.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1c10ec3d9d29980a757cead0f0185e6da7fef102cf549c2579975016093d80fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 27 Nov 2023 17:44:55 GMT
server
Apache
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=172800
content-length
10615
expires
Wed, 29 Nov 2023 17:44:55 GMT
dmedianet.js
contextual.media.net/ 		292 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CUB2ECYP
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU2C156D&version=5.1&dn=newsheater.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f8bbcaaf86834ea210fe83a4089c20a247e5feccd2afff1ccd187d9adc9a2507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-mnt-h
22-s1v0
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 27 Nov 2023 17:44:55 GMT
server
Apache
etag
"a2f690053ca758d61a2d8e6113c9052a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-s1v0
timing-allow-origin
*
expires
Mon, 27 Nov 2023 17:49:55 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-136162586-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1J31YHC98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
46ab0227a3fbb2bd75d81e2a1fa0e44ca7f6cd5d314c50e3da924bd3883ee6f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68798
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Nov 2023 17:44:55 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-136162586-1
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU2C156D&version=5.1&dn=newsheater.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f9d8fc350d1c2dcfc6d4bd4c21c46ee22c9e181221ebb1696ecc52443748e72d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68653
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Nov 2023 17:44:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU2C156D&version=5.1&dn=newsheater.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97bc01d437b723fc9d5bd34f36c58d0b413c63905bc4a7d0f58ad9cc219b44c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31384
x-xss-protection
0
server
cafe
etag
995 / 19688 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 17:44:55 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ECEZM82RYR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136162586-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b321c3963b3208dc5918c586b3463ee4f51c24dccb39cf8e1b0b7b79802d6a65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81043
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 27 Nov 2023 17:44:55 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136162586-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 17:19:54 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1501
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 27 Nov 2023 19:19:54 GMT
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=409626772&t=pageview&_s=1&dl=https%3A%2F%2Fnewsheater.com%2F2023%2F11%2F&ul=en-us&de=UTF-8&dt=November%202023%20-%20News%20Heater&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1112311863&gjid=183423393&cid=911717999.1701107095&tid=UA-136162586-1&_gid=1240701949.1701107096&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=118099168
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsheater.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 17:44:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsheater.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
46 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ECEZM82RYR&gtm=45je3b81v9125148242&_p=1701107095317&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=911717999.1701107095&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701107095&sct=1&seg=0&dl=https%3A%2F%2Fnewsheater.com%2F2023%2F11%2F&dt=November%202023%20-%20News%20Heater&en=page_view&_fv=1&_ss=1&tfd=2248
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ECEZM82RYR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 17:44:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsheater.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:17:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
1620
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 26 Nov 2024 17:17:55 GMT
mix-manifest.json
app.convertbox.com/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.convertbox.com/mix-manifest.json?1701107096
Requested by
Host: cdn.convertbox.com
URL: https://cdn.convertbox.com/convertbox/js/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.119.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-119-97.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
aea7e17f4010e12e77894178e1b5e1f35c65b7313868e1da18c198ed4e78f0dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 May 2023 08:51:55 GMT
Server
nginx/1.20.0
ETag
W/"646f21ab-f99"
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
1016
polyfill.min.js
polyfill.io/v3/ 		101 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated%7Calways&rum=true&features=Array.prototype.entries%2CArray.prototype.forEach%2CArray.prototype.includes%2CNodeList.prototype.forEach%2CObject.values%2CPromise%2CString.prototype.includes%2CSymbol%2CSymbol.iterator%2CObject.assign%2CArray.from%2CArray.isArray%2CArray.of%2CArray.prototype.findIndex%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.values%2CString.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2CArray.prototype.find%2CArray.prototype.filter%2CObject.defineProperty%2CObject.defineProperties%2CObject.entries%2CObject.keys
Requested by
Host: cdn.convertbox.com
URL: https://cdn.convertbox.com/convertbox/js/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:c00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 17:44:56 GMT
age
2346266
detected-user-agent
Chrome/119.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/119.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
wp-emoji-release.min.js
newsheater.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/2023/11/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2023 15:19:45 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
5039
ajax.htm
app.ardalio.com/ 		23 B
521 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.ardalio.com/ajax.htm?action=lookup_WP_account&params=fG5ld3NoZWF0ZXIuY29tfDY0NGEwYTdmYjZlZmIwLjkxMTA3ODUwfDB8fHplZXNoYW5AYnJpbGxpYW50aW5ub3ZhdG9ycy5jb218ZW4tVVN8MS40Ljc=
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:11e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2dc151792dd1ca49f54e24274a40ead4439e02ba91224e47b82855fc8392b09
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QaATlyCu5yNRvQVYE5wh3Aw7FoAY9d0dEfTDZwsLSbSFNy5qqgTp05XT70b8PvYcqCadLr3iMwdGnj6CLeNwzU4gxxyP1NkUo42GfLC8lIwia3YTmA6S0JMKAq%2BqBfX%2B6gnP2Z9mkkaJEW7tAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
82cc2e967ba62c49-FRA
alt-svc
h3=":443"; ma=86400
checksync.php
contextual.media.net/ Frame F124 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&hb=1&cv=37&cs=22&cid=8HB98NHDU&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=1&itype=HB-CM
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUB2ECYP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
89b53086e45a2b4624c8bd2967646e87522e484969f94c4e42b9ec0e99f18552
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://newsheater.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8048
content-type
text/html; charset=UTF-8
date
Mon, 27 Nov 2023 17:44:56 GMT
expires
Wed, 29 Nov 2023 17:44:56 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
truncated
/ 		270 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1eceed1288db493e03f13e6095f196792ff339be20b5f2d969def668587f1332

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
bping.php
lg3.media.net/ 		35 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=591&&vgd_cdv=1123&vgd_cage=6&vgd_tsce=L330&vgd_mcf=67119&gdpr=1&mspa=0&prid=8PRHGG6T9&cid=8CUB2ECYP&crid=273941585&vi=1701107095291957594&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=170785191&r=1701107096075&requrl=https%3A%2F%2Fnewsheater.com%2F2023%2F11%2F&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1701107095167143210&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pbcm=1&vgd_pgid=p11399905783t202311271744&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22SPAMPXL%22%2C%22URLDC%22%5D&hvsid=00001701107096069007642542085410&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.100.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-100-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Mon, 27 Nov 2023 17:44:56 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 27 Nov 2023 17:44:56 GMT
log
lg3.media.net/ 		35 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/log?logid=kfk&evtid=lnafl&&gdpr=1&mspa=0&cid=8CUB2ECYP&crid=644311823&size=786x410&requrl=https%3A%2F%2Fnewsheater.com%2F2023%2F11%2F%40-%40mnetugd%3D4%40-%40&con=%7B%22xpa%22%3A%7B%22%2F%2F*%5B%40class%3D%5C%22elementor-section%20elementor-top-section%20elementor-element%20elementor-element-3fa33c1a%20elementor-section-boxed%20elementor-section-height-default%20elementor-section-height-default%5C%22%5D%22%3A%7B%22placement%22%3A%22below%22%7D%7D%2C%22fpl%22%3A0%2C%22rep%22%3A0%2C%22repc%22%3A0%2C%22minp%22%3A0%2C%22size%22%3A%22786x410%22%2C%22multi%22%3A0%7D&flres=2
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.100.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-100-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Nov 2023 17:44:56 GMT
Strict-Transport-Security
max-age=21600
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 27 Nov 2023 17:44:56 GMT
hb-cm
prebid.media.net/rtb/ 		396 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/hb-cm?cid=8HB98NHDU
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUB2ECYP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
b588d9e258399729c26c0e2dd4ac6b291da9e6fea15ac74f609c5076277529db

Request headers

Referer
https://newsheater.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 17:44:55 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://newsheater.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
18
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 27 Nov 2023 17:44:56 GMT
smtr
contextual.media.net/ 		583 B
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?ule=507&&4C=)zs9S)NTZkp50Kzf6N%24-fjIcjjcIco-mojo-I-oh&kkdd=Hn%7CW%7CAu9h3n*H&44=pW&64=.W&4849=tF4)hvv!EKrs2cJE4AS3aE%3D%3D&Oz=jIcjjcIco-mojo-I-oh&E98b=j&Z68K=c&49O=jjmy&0645=uyyc&4z9=PADemWAJU&4bz9=mIyohj-P-&6z25=yoc1jPc&t0086=j&b5aGbf=t0086%3A%2F%2Fs5)6t5K05bN4SZ%2Fmcmy%2Fjj%2F&s65=-&f)=j&GE9=h&K90j=P.eoPk.pD&K90m=jmjjc--IP&z)=jwcc&F00f5=kSO5ZC5b%20mcmy%20*%20k5)6%20.5K05b&Z4x=wIjjo&8Ez9=8jjyoooc-IPy0mcmyjjmIjIhh&b0C6=j&s0O0=y&sC=j&xf4C=)zs9S)NTZkp50Kzf6Nzsz0Hf&sflct=2121212&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUB2ECYP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
08b70622cb674b9618a08e88631f59b27dbe931a68004344a4c1a27b61f0e546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 17:44:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-22an
content-length
347
expires
Mon, 27 Nov 2023 17:44:56 GMT
checksync.php
contextual.media.net/ Frame E3C2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8HB98NHDU&prvid=99%2C77%2C3029%2C246%2C4%2C2068%2C10000%2C459%2C229%2C9%2C262%2C461&itype=HB-CM&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUB2ECYP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
46e7e77bcb4a5230afb6b802ae869aed536726faba990e82a8d28c40cf3cc27e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://newsheater.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8065
content-type
text/html; charset=UTF-8
date
Mon, 27 Nov 2023 17:44:56 GMT
expires
Wed, 29 Nov 2023 17:44:56 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
count7.pl
app.ardalio.com/ 		879 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ardalio.com/count7.pl?2145191&1&&&&&November%202023%20-%20News%20Heater&https%3A%2F%2Fnewsheater.com%2F2023%2F11&&&1600x1200&record&1701107096&&0&&0&0&wordPress&no&&undefined&8.256&&0.43058845525002143
Requested by
Host: app.ardalio.com
URL: https://app.ardalio.com/log7.js?ver=6.4.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:11e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecad23944a77486d8434a8b360c2b6c1d5cbf21cf29d1506b048b2bd44d97b9a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYHxzvLRh8uRZng6hK8ose7aDDJv%2FOjgBAXmU4UxtZWHii1xJ6aWAd%2BW894SNGzkX8%2FKEGB82oRtH1pXeiZ%2FE2h8GBeQeKRNQcVTnwGq4Rrg%2B4eek7fQIBDtO%2FLKqqDy%2BzjILU3m3mhEsqrH5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
82cc2e975ff2918e-FRA
alt-svc
h3=":443"; ma=86400
embed-core.js
cdn.convertbox.com//convertbox/js/ 		519 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.convertbox.com//convertbox/js/embed-core.js?id=d52f4c09a24bf2889838
Requested by
Host: cdn.convertbox.com
URL: https://cdn.convertbox.com/convertbox/js/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
1ac45add80ea63b7d6b0ce78678a28ae818218e25c7d7eb0631de430c81a6bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:56 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-cachedat
10/31/2023 18:59:57
cdn-pullzone
53020
last-modified
Thu, 25 May 2023 08:50:41 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"646f2161-81cb8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31
cache-control
public, max-age=31919000
cdn-requestid
840041b755315ca30e1b40917c52993b
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
log
lg3.media.net/ 		35 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/log?logid=kfk&evtid=sepl&type=hd&asrc=L1&cstactno=0&vi=1701107095291957594&cid=8CUB2ECYP&crid=273941585&prid=8PRHGG6T9&sc=HE&ugd=4&requrl=https%3A%2F%2Fnewsheater.com%2F2023%2F11%2F&bdrId=7&acid=365122730997124591701107096082&atime=NaN&af=hide&adt1=8HB98NHDU&adt2=121105578
Requested by
Host: newsheater.com
URL: https://newsheater.com/2023/11/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.100.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-100-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Nov 2023 17:44:56 GMT
Strict-Transport-Security
max-age=21600
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 27 Nov 2023 17:44:56 GMT
bars-preview.css
cdn.convertbox.com//static/css/ 		114 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.convertbox.com//static/css/bars-preview.css?id=bcd08c616f2a1e4f6182
Requested by
Host: cdn.convertbox.com
URL: https://cdn.convertbox.com//convertbox/js/embed-core.js?id=d52f4c09a24bf2889838
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
18dd7e18ad05cb33ee6730c5cfe190b0eeb8dc6926130df15bd634b2a7cb94a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:56 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-cachedat
10/31/2023 19:00:14
cdn-pullzone
53020
last-modified
Thu, 25 May 2023 08:50:41 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"646f2161-1c694"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
b141102f82f9a0aa500c2bdd99f60444
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
box
app.convertbox.com/embed/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.convertbox.com/embed/box
Requested by
Host: cdn.convertbox.com
URL: https://cdn.convertbox.com//convertbox/js/embed-core.js?id=d52f4c09a24bf2889838
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.119.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-119-97.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
806eb15e9ccd722d5e816a2007e304710e82abceaaa43ca8bec250c0836481e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsheater.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarybFSqOawBTbavYa5J

Response headers

Date
Mon, 27 Nov 2023 17:44:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.20.0
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Connection
keep-alive
Content-Length
2814
X-XSS-Protection
1; mode=block
css
fonts.bunny.net/ 		25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu
Requested by
Host: cdn.convertbox.com
URL: https://cdn.convertbox.com//static/css/bars-preview.css?id=bcd08c616f2a1e4f6182
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
e001977ff2382c9c29eae2d01312840836eb92f86c24a45e5fe76e1d23f2fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.convertbox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:56 GMT
content-encoding
br
cdn-edgestorageid
1081
x-do-app-origin
1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status
200
cdn-cachedat
11/01/2023 17:05:04
cdn-pullzone
781720
last-modified
Wed, 01 Nov 2023 17:05:04 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
22c02e9503b7067153d126ed9f0e8119
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
checksync.php
hbx.media.net/ Frame 902F 		30 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/checksync.php?cid=8CU2C156D&cs=1&cv=37&hb=1&vsSync=1&prvid=3%2C38%2C41%2C51%2C55%2C56%2C59%2C77%2C80%2C82%2C90%2C91%2C97%2C108%2C109%2C113%2C117%2C122%2C126%2C128%2C132%2C141%2C145%2C157%2C159%2C169%2C171%2C174%2C175%2C178%2C182%2C184%2C186%2C188%2C193%2C201%2C203%2C208%2C214%2C222%2C223%2C225%2C226%2C229%2C230%2C245%2C246%2C251%2C262%2C273%2C339%2C450%2C459%2C461%2C2030%2C2033%2C3007%2C3008%2C3009%2C3010%2C3012%2C3014%2C3015%2C3016%2C3017%2C3018%2C3020%2C3024%2C-1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU2C156D&version=5.1&dn=newsheater.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1da87c80692e1f76fab4ce5daf5c8215ae4fcb862ff243a7435afd8564146f5c
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer
https://newsheater.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
10290
content-type
text/html; charset=UTF-8
date
Mon, 27 Nov 2023 17:44:56 GMT
expires
Wed, 29 Nov 2023 17:44:56 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
open-sans-latin-400-normal.woff2
fonts.bunny.net/open-sans/files/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/open-sans/files/open-sans-latin-400-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Request headers

Referer
https://fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu
Origin
https://newsheater.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:56 GMT
cdn-edgestorageid
1081
cdn-storageserver
DE-662
cdn-cachedat
10/31/2023 18:07:09
cdn-pullzone
781720
content-length
16740
last-modified
Thu, 06 Jul 2023 07:56:39 GMT
server
BunnyCDN-DE1-1080
cdn-fileserver
660
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"64a673b7-4164"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
75f8613f14b5a2e7698e3a478663d41b
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
roboto-latin-400-normal.woff2
fonts.bunny.net/roboto/files/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/roboto/files/roboto-latin-400-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

Referer
https://fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu
Origin
https://newsheater.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:56 GMT
cdn-edgestorageid
1081
cdn-storageserver
DE-676
cdn-cachedat
10/31/2023 18:07:21
cdn-pullzone
781720
content-length
15744
last-modified
Thu, 06 Jul 2023 08:12:05 GMT
server
BunnyCDN-DE1-1080
cdn-fileserver
634
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"64a67755-3d80"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
1f80768432977711c97e6a554e829628
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
montserrat-latin-400-normal.woff2
fonts.bunny.net/montserrat/files/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/montserrat/files/montserrat-latin-400-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Request headers

Referer
https://fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu
Origin
https://newsheater.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:56 GMT
cdn-edgestorageid
1081
cdn-storageserver
DE-51
cdn-cachedat
11/01/2023 17:49:52
cdn-pullzone
781720
content-length
12708
last-modified
Thu, 06 Jul 2023 07:36:59 GMT
server
BunnyCDN-DE1-1080
cdn-fileserver
660
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"64a66f1b-31a4"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
937ee758261e75e60422f1e6e124b0d6
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
log
c21lg-d.media.net/ Frame 902F 		35 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=3441086965428176000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-r1&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-bs&pvgid[]=data-c&pvgid[]=data-ct
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CU2C156D&cs=1&cv=37&hb=1&vsSync=1&prvid=3%2C38%2C41%2C51%2C55%2C56%2C59%2C77%2C80%2C82%2C90%2C91%2C97%2C108%2C109%2C113%2C117%2C122%2C126%2C128%2C132%2C141%2C145%2C157%2C159%2C169%2C171%2C174%2C175%2C178%2C182%2C184%2C186%2C188%2C193%2C201%2C203%2C208%2C214%2C222%2C223%2C225%2C226%2C229%2C230%2C245%2C246%2C251%2C262%2C273%2C339%2C450%2C459%2C461%2C2030%2C2033%2C3007%2C3008%2C3009%2C3010%2C3012%2C3014%2C3015%2C3016%2C3017%2C3018%2C3020%2C3024%2C-1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 27 Nov 2023 17:44:56 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 27 Nov 2023 17:44:56 GMT
content-length
35
content-type
image/gif
ads
securepubads.g.doubleclick.net/gampad/ 		723 B
397 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=599471650806210&correlator=3904836877653640&eid=31079631%2C44808667%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=21625568658%3A136417767%2CIMS%2CNewsHeater%2Cdesktop%2Cinterstitial%2Cros&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1701107096872&lmt=1701107096&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnewsheater.com%2F2023%2F11%2F&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=911717999.1701107095&ga_sid=1701107097&ga_hid=409626772&ga_fc=true&dlt=1701107094514&idt=1267&prev_scp=regex%253Adiv_id%3DDFP_ROS_Interstitial(_%255B0-9%255D%252B)*%26mnetPageID%3D10%26mnetCC%3DDE%26mnetCV%3D1%26mnetUGD%3D4%26mnetCID%3D8CU2C156D%26hb_abt%3Dhb%26mnetDNB%3D1&adks=2093469581&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
468c647829713869edbd762b93d5d3a51fac6e8cab899e9f540880043415de6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
367
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newsheater.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ec0aea80a20e20936be2d4f24bbf9fcea9e2cf16719c1e2fc160546db0618dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12311
x-xss-protection
0
container.html
4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA40 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsheater.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 17:44:56 GMT
expires
Tue, 26 Nov 2024 17:44:56 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		37 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=599471650806210&correlator=3904836877653640&eid=31079631%2C44808667%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=21625568658%3A136417767%2CIMS%2CNewsHeater%2Cdesktop%2Cin_text_leaderboard%2Cros&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C970x250%7C970x90&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701107096886&lmt=1701107096&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnewsheater.com%2F2023%2F11%2F&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=911717999.1701107095&ga_sid=1701107097&ga_hid=409626772&ga_fc=true&dlt=1701107094514&idt=1267&prev_scp=regex%253Adiv_id%3DDFP_ROS_Intext_Leaderboard_Desktop(_%255B0-9%255D%252B)*%26mnetPageID%3D1%26mnetCC%3DDE%26mnetCV%3D1%26mnetUGD%3D4%26mnetCID%3D8CU2C156D%26hb_abt%3Dhb%26mnetDNB%3D1&adks=2984589868&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
489e20b72a60c31f6dabedf2ef6aa75b613d62e8c88cc789b0eb429871403de9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:57 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14728
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newsheater.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Nov 2023 17:44:57 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5429 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsheater.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1626
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 17:17:51 GMT
expires
Tue, 26 Nov 2024 17:17:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DBF5 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
150443ad6ff11f5674e85fe2300000ab2a29453d148295b0ddbcbe5e356fdee3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rerZldjYoWHg5ufLFnOGyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsheater.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-rerZldjYoWHg5ufLFnOGyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 17:44:57 GMT
expires
Mon, 27 Nov 2023 17:44:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 5429 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:19:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
5143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Nov 2024 16:19:14 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DBF5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=599471650806210&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 5429 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UcjZUw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
container.html
4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 553F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsheater.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 17:44:56 GMT
expires
Tue, 26 Nov 2024 17:44:56 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 2379 		116 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWTVmAAPCJMKd_qNAA15jCsHQraMQjnJGFbQTQ&u=%7CqBpCApGdDSWDkv7Zu%2FiDoI2zhdkgIPzwFdtqG2W0m3k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Ggba7Ek_uEWjlAtlimXUzow8WqpljR2ztyEV7zyKcFBJjo-Hnl4JHWoEv3PF2VNXkL1fRqzr37PTvDjuNfkJ0ElsFRpQtYfWRaTZUwpeqo2TCF-uKwNVXdY79nce6SAlyo8PXZT5wycOIciJhG6Fq7yLS24HQFXBg3bE1eBm5q2N-rSaTn1N3AAKAha7rkLmBAEU8oJSXkgPop9TvpQWqGs8ovUJpiwAHiWNd3MVpcRRoiH4R8pyt8VSVw7bi1U52Bdao0WdfOP5tIjGRjEcehx-sbxVgRRMzsGl7Uj5b6Qh7IfTTl23iACXtYjSociiRD3Eh3zMG2kbzgyhGvPTqMlQdaIRAkdcGTeePvvOyg54uHfhVWicU3WF4OuHpGvGnNVLJ4s6nQL3X1-3Mu-aXxfCtH6ZeKE87UPThA-JOGzJv3kP_hXnA9Y9Lx3dHH1Grsk1LKqL8WR2m5OAhDf8tVDtqKJBn_2VQvpBbIQ329cZARCi4MUVXKklc7ILab37f-08Wt0oQmS_UivOvwvq0d5MDptRgc9l7p7rYMviRZ_9a-oOgu9fd8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_5wamNVkZZORPI313wOM87WoAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5Nzc1NTE0NzMzNzYzNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBMECT9DIIC06aA2W_rLzbvcqsmpHWeZgqbXZQmrcbsIRdEii3dx3qh9c8idTOLiJ5MT5MDirUCgAsj8-O181w-JUrI4sncOUVK2yI-163R85wnTrWh5oOvOClUfY7qAZLpALAUs00C5AMoEp-uyDL-ar3jvcxafIvpZrhclvRpy2hvLXAxAOsbQ2kB4t43y0gnM3TUM2y13mS8cwmAtn-cO-vucJMFrUSBN6LGbNUBdOkV-M6GXhsua-lWZVjv2u5769KfMOGTGf0euDj8fpp0zZDv7X-LEzpSPP2ruEekmJa9EZApwDpdV0iK9kAODTdQI2nPyFRNn3sxYUdRoA4a3jsQ5rziCqxiToWF6gAi6VXFpTed7mvYIzH7jFfnRQ7sPNtE6iwY6u0YDUGIj_Crvsqc8UAcBfsOQZubEOv2GlZWh64AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwi5hPLh3eSCAxWN-ncKHYx5DRXQFQGAFwE%26num%3D1%26sig%3DAOD64_05v9-5ZMeTDV-hE3oxQWToc4btHA%26client%3Dca-pub-9997755147337636%26adurl%3D
Requested by
Host: 4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com
URL: https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e6f642b568df80ecd407b34f22e9effe3e47acb5177278eb65f4a38d2e743668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 17:44:57 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=LIhKuWrMjf9arRBKeGRxBRPj6z_wZc6WwkVWvBMCtvZlEQDPEVB1FP9JdnGVJN_ZHAJjBBwQs6EL9lh9T08lzAAO_ipDhcE0cy38PmMwHTqLAGwRKdQvYPzIWep6UhQNzrOQuBr5R1tLHBUDPpuZiguKZO665WcspB4WhUXdb9WBXCYE7KINYpHaTaewp3-Ldvh6oeP7Gg1gFE1ZHsAsmBLz3NAAsKY9IYxP_Zf4UWF1TvN232SuZpO3EXYOAlB2uW8_Kg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
12976158
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 553F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com
URL: https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 13:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
15474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 13:27:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 553F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com
URL: https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
5258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 16:17:19 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 553F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com
URL: https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 10:09:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
545734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Nov 2024 10:09:23 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 553F 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com
URL: https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Nov 2023 17:44:57 GMT
truncated
/ Frame 553F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
099bcf320096f9c92e3f357400c2d57ff088b9d03f0013d6f2687c9a88da3055

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 553F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUI5xmNVkZZORPI313wOM87WoAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5Nzc1NTE0NzMzNzYzNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBL4CT9DIIC06aA2W_rLzbvcqsmpHWeZgqbXZQmrcbsIRdEii3dx3qh9c8idTOLiJ5MT5MDirUCgAsj8-O181w-JUrI4sncOUVK2yI-163R85wnTrWh5oOvOClUfY7qAZLpALAUs00C5AMoEp-uyDL-ar3jvcxafIvpZrhclvRpy2hvLXAxAOsbQ2kB4t43y0gnM3TUM2y13mS8cwmAtn-cO-vucJMFrUSBN6LGbNUBdOkV-M6GXhsua-lWZVjv2u5769KfMOGTGf0euDj8fpp0zZDv7X-LEzpSPP2ruEekmJa9EZApwDpdV0iK9kAODTdQI2nPyFRNn3sxYUdRoA4a3jsQ5rziCqxiToWF6gAi6VXFpTed7mvYIzH_rHX-bQfRPwEp6FGwKOOCTaP4JJAJX0K3vcPGatD_o1oSnEK0FM4AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAeINEwi5hPLh3eSCAxWN-ncKHYx5DRXQFQGAFwGyFxwKGhIUcHViLTk5OTc3NTUxNDczMzc2MzYY7uRp&sigh=MC6eb7byPtI&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNfdgD7FWM5Bcuc8oFEywgOCoR07LnkRfF74hLElmeF3laebOm30GC8DHZY161LjclQB4iCpOId6yzkvZ00vngS1EtPt0wAHOQuhgB&cbvp=2&vis=1
Requested by
Host: 4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com
URL: https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 553F 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kIWLGcg12AVanYNiAgIAAABKLWn7eXR80hCY1WRlD9Mk7tgr4xm-LQAAEgAACgpBUVVCQVFFQkFR&wp=ZWTVmAAPCJMKd_qNAA15jCsHQraMQjnJGFbQTQ&cbvp=2
Requested by
Host: 4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com
URL: https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:56 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
223650
server
Kestrel
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2379 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWTVmAAPCJMKd_qNAA15jCsHQraMQjnJGFbQTQ&u=%7CqBpCApGdDSWDkv7Zu%2FiDoI2zhdkgIPzwFdtqG2W0m3k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Ggba7Ek_uEWjlAtlimXUzow8WqpljR2ztyEV7zyKcFBJjo-Hnl4JHWoEv3PF2VNXkL1fRqzr37PTvDjuNfkJ0ElsFRpQtYfWRaTZUwpeqo2TCF-uKwNVXdY79nce6SAlyo8PXZT5wycOIciJhG6Fq7yLS24HQFXBg3bE1eBm5q2N-rSaTn1N3AAKAha7rkLmBAEU8oJSXkgPop9TvpQWqGs8ovUJpiwAHiWNd3MVpcRRoiH4R8pyt8VSVw7bi1U52Bdao0WdfOP5tIjGRjEcehx-sbxVgRRMzsGl7Uj5b6Qh7IfTTl23iACXtYjSociiRD3Eh3zMG2kbzgyhGvPTqMlQdaIRAkdcGTeePvvOyg54uHfhVWicU3WF4OuHpGvGnNVLJ4s6nQL3X1-3Mu-aXxfCtH6ZeKE87UPThA-JOGzJv3kP_hXnA9Y9Lx3dHH1Grsk1LKqL8WR2m5OAhDf8tVDtqKJBn_2VQvpBbIQ329cZARCi4MUVXKklc7ILab37f-08Wt0oQmS_UivOvwvq0d5MDptRgc9l7p7rYMviRZ_9a-oOgu9fd8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_5wamNVkZZORPI313wOM87WoAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5Nzc1NTE0NzMzNzYzNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBMECT9DIIC06aA2W_rLzbvcqsmpHWeZgqbXZQmrcbsIRdEii3dx3qh9c8idTOLiJ5MT5MDirUCgAsj8-O181w-JUrI4sncOUVK2yI-163R85wnTrWh5oOvOClUfY7qAZLpALAUs00C5AMoEp-uyDL-ar3jvcxafIvpZrhclvRpy2hvLXAxAOsbQ2kB4t43y0gnM3TUM2y13mS8cwmAtn-cO-vucJMFrUSBN6LGbNUBdOkV-M6GXhsua-lWZVjv2u5769KfMOGTGf0euDj8fpp0zZDv7X-LEzpSPP2ruEekmJa9EZApwDpdV0iK9kAODTdQI2nPyFRNn3sxYUdRoA4a3jsQ5rziCqxiToWF6gAi6VXFpTed7mvYIzH7jFfnRQ7sPNtE6iwY6u0YDUGIj_Crvsqc8UAcBfsOQZubEOv2GlZWh64AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwi5hPLh3eSCAxWN-ncKHYx5DRXQFQGAFwE%26num%3D1%26sig%3DAOD64_05v9-5ZMeTDV-hE3oxQWToc4btHA%26client%3Dca-pub-9997755147337636%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Nov 2024 17:44:57 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2379 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWTVmAAPCJMKd_qNAA15jCsHQraMQjnJGFbQTQ&u=%7CqBpCApGdDSWDkv7Zu%2FiDoI2zhdkgIPzwFdtqG2W0m3k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Ggba7Ek_uEWjlAtlimXUzow8WqpljR2ztyEV7zyKcFBJjo-Hnl4JHWoEv3PF2VNXkL1fRqzr37PTvDjuNfkJ0ElsFRpQtYfWRaTZUwpeqo2TCF-uKwNVXdY79nce6SAlyo8PXZT5wycOIciJhG6Fq7yLS24HQFXBg3bE1eBm5q2N-rSaTn1N3AAKAha7rkLmBAEU8oJSXkgPop9TvpQWqGs8ovUJpiwAHiWNd3MVpcRRoiH4R8pyt8VSVw7bi1U52Bdao0WdfOP5tIjGRjEcehx-sbxVgRRMzsGl7Uj5b6Qh7IfTTl23iACXtYjSociiRD3Eh3zMG2kbzgyhGvPTqMlQdaIRAkdcGTeePvvOyg54uHfhVWicU3WF4OuHpGvGnNVLJ4s6nQL3X1-3Mu-aXxfCtH6ZeKE87UPThA-JOGzJv3kP_hXnA9Y9Lx3dHH1Grsk1LKqL8WR2m5OAhDf8tVDtqKJBn_2VQvpBbIQ329cZARCi4MUVXKklc7ILab37f-08Wt0oQmS_UivOvwvq0d5MDptRgc9l7p7rYMviRZ_9a-oOgu9fd8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_5wamNVkZZORPI313wOM87WoAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5Nzc1NTE0NzMzNzYzNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBMECT9DIIC06aA2W_rLzbvcqsmpHWeZgqbXZQmrcbsIRdEii3dx3qh9c8idTOLiJ5MT5MDirUCgAsj8-O181w-JUrI4sncOUVK2yI-163R85wnTrWh5oOvOClUfY7qAZLpALAUs00C5AMoEp-uyDL-ar3jvcxafIvpZrhclvRpy2hvLXAxAOsbQ2kB4t43y0gnM3TUM2y13mS8cwmAtn-cO-vucJMFrUSBN6LGbNUBdOkV-M6GXhsua-lWZVjv2u5769KfMOGTGf0euDj8fpp0zZDv7X-LEzpSPP2ruEekmJa9EZApwDpdV0iK9kAODTdQI2nPyFRNn3sxYUdRoA4a3jsQ5rziCqxiToWF6gAi6VXFpTed7mvYIzH7jFfnRQ7sPNtE6iwY6u0YDUGIj_Crvsqc8UAcBfsOQZubEOv2GlZWh64AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwi5hPLh3eSCAxWN-ncKHYx5DRXQFQGAFwE%26num%3D1%26sig%3DAOD64_05v9-5ZMeTDV-hE3oxQWToc4btHA%26client%3Dca-pub-9997755147337636%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Nov 2024 17:44:57 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2379 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWTVmAAPCJMKd_qNAA15jCsHQraMQjnJGFbQTQ&u=%7CqBpCApGdDSWDkv7Zu%2FiDoI2zhdkgIPzwFdtqG2W0m3k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Ggba7Ek_uEWjlAtlimXUzow8WqpljR2ztyEV7zyKcFBJjo-Hnl4JHWoEv3PF2VNXkL1fRqzr37PTvDjuNfkJ0ElsFRpQtYfWRaTZUwpeqo2TCF-uKwNVXdY79nce6SAlyo8PXZT5wycOIciJhG6Fq7yLS24HQFXBg3bE1eBm5q2N-rSaTn1N3AAKAha7rkLmBAEU8oJSXkgPop9TvpQWqGs8ovUJpiwAHiWNd3MVpcRRoiH4R8pyt8VSVw7bi1U52Bdao0WdfOP5tIjGRjEcehx-sbxVgRRMzsGl7Uj5b6Qh7IfTTl23iACXtYjSociiRD3Eh3zMG2kbzgyhGvPTqMlQdaIRAkdcGTeePvvOyg54uHfhVWicU3WF4OuHpGvGnNVLJ4s6nQL3X1-3Mu-aXxfCtH6ZeKE87UPThA-JOGzJv3kP_hXnA9Y9Lx3dHH1Grsk1LKqL8WR2m5OAhDf8tVDtqKJBn_2VQvpBbIQ329cZARCi4MUVXKklc7ILab37f-08Wt0oQmS_UivOvwvq0d5MDptRgc9l7p7rYMviRZ_9a-oOgu9fd8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_5wamNVkZZORPI313wOM87WoAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5Nzc1NTE0NzMzNzYzNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBMECT9DIIC06aA2W_rLzbvcqsmpHWeZgqbXZQmrcbsIRdEii3dx3qh9c8idTOLiJ5MT5MDirUCgAsj8-O181w-JUrI4sncOUVK2yI-163R85wnTrWh5oOvOClUfY7qAZLpALAUs00C5AMoEp-uyDL-ar3jvcxafIvpZrhclvRpy2hvLXAxAOsbQ2kB4t43y0gnM3TUM2y13mS8cwmAtn-cO-vucJMFrUSBN6LGbNUBdOkV-M6GXhsua-lWZVjv2u5769KfMOGTGf0euDj8fpp0zZDv7X-LEzpSPP2ruEekmJa9EZApwDpdV0iK9kAODTdQI2nPyFRNn3sxYUdRoA4a3jsQ5rziCqxiToWF6gAi6VXFpTed7mvYIzH7jFfnRQ7sPNtE6iwY6u0YDUGIj_Crvsqc8UAcBfsOQZubEOv2GlZWh64AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwi5hPLh3eSCAxWN-ncKHYx5DRXQFQGAFwE%26num%3D1%26sig%3DAOD64_05v9-5ZMeTDV-hE3oxQWToc4btHA%26client%3Dca-pub-9997755147337636%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 21 Nov 2024 17:44:57 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2379 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWTVmAAPCJMKd_qNAA15jCsHQraMQjnJGFbQTQ&u=%7CqBpCApGdDSWDkv7Zu%2FiDoI2zhdkgIPzwFdtqG2W0m3k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Ggba7Ek_uEWjlAtlimXUzow8WqpljR2ztyEV7zyKcFBJjo-Hnl4JHWoEv3PF2VNXkL1fRqzr37PTvDjuNfkJ0ElsFRpQtYfWRaTZUwpeqo2TCF-uKwNVXdY79nce6SAlyo8PXZT5wycOIciJhG6Fq7yLS24HQFXBg3bE1eBm5q2N-rSaTn1N3AAKAha7rkLmBAEU8oJSXkgPop9TvpQWqGs8ovUJpiwAHiWNd3MVpcRRoiH4R8pyt8VSVw7bi1U52Bdao0WdfOP5tIjGRjEcehx-sbxVgRRMzsGl7Uj5b6Qh7IfTTl23iACXtYjSociiRD3Eh3zMG2kbzgyhGvPTqMlQdaIRAkdcGTeePvvOyg54uHfhVWicU3WF4OuHpGvGnNVLJ4s6nQL3X1-3Mu-aXxfCtH6ZeKE87UPThA-JOGzJv3kP_hXnA9Y9Lx3dHH1Grsk1LKqL8WR2m5OAhDf8tVDtqKJBn_2VQvpBbIQ329cZARCi4MUVXKklc7ILab37f-08Wt0oQmS_UivOvwvq0d5MDptRgc9l7p7rYMviRZ_9a-oOgu9fd8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_5wamNVkZZORPI313wOM87WoAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5Nzc1NTE0NzMzNzYzNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBMECT9DIIC06aA2W_rLzbvcqsmpHWeZgqbXZQmrcbsIRdEii3dx3qh9c8idTOLiJ5MT5MDirUCgAsj8-O181w-JUrI4sncOUVK2yI-163R85wnTrWh5oOvOClUfY7qAZLpALAUs00C5AMoEp-uyDL-ar3jvcxafIvpZrhclvRpy2hvLXAxAOsbQ2kB4t43y0gnM3TUM2y13mS8cwmAtn-cO-vucJMFrUSBN6LGbNUBdOkV-M6GXhsua-lWZVjv2u5769KfMOGTGf0euDj8fpp0zZDv7X-LEzpSPP2ruEekmJa9EZApwDpdV0iK9kAODTdQI2nPyFRNn3sxYUdRoA4a3jsQ5rziCqxiToWF6gAi6VXFpTed7mvYIzH7jFfnRQ7sPNtE6iwY6u0YDUGIj_Crvsqc8UAcBfsOQZubEOv2GlZWh64AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwi5hPLh3eSCAxWN-ncKHYx5DRXQFQGAFwE%26num%3D1%26sig%3DAOD64_05v9-5ZMeTDV-hE3oxQWToc4btHA%26client%3Dca-pub-9997755147337636%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 21 Nov 2024 17:44:57 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 2379 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=E3FwKJ8FFR8DiPuu4MDSkgMf_cGVOxH5KqDbYXm4xFTWgk8Mu2bPUswn-1-9HzYkPGiFvEmyRlyAgKmSX2HQHlnwK5dlM4mMvYrtHA5A4irHEWm9pphL-WzWmZt874etdu-Nrbqq-S1W2P3sqF--iQMywrsdCRomT64SDFfpLNzM85JNT-QSVgiiYlD18u5mQWyzkAqQHwOa6ulhHQnnWIuGBBG37HIWYNImvLUce4kpq3N0Vg-TXEUh_oPb5xvjcdHveS8VKudl4Wv6YXt7ZCUQ9NyxpaNcFpk0o9vWGK_ntPBHzNmz6H0Tzzl1QkWnOAG8O7DFL99becBjAKeTpgz2pHQ1DDOR3j9Ku4gp94CREf85-68Pq6OvbCqa7A3b5sfppLQRwDo3dRK4v7uAJro_4f2IUJUaCiyD7VE6HFz1aWQK
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWTVmAAPCJMKd_qNAA15jCsHQraMQjnJGFbQTQ&u=%7CqBpCApGdDSWDkv7Zu%2FiDoI2zhdkgIPzwFdtqG2W0m3k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Ggba7Ek_uEWjlAtlimXUzow8WqpljR2ztyEV7zyKcFBJjo-Hnl4JHWoEv3PF2VNXkL1fRqzr37PTvDjuNfkJ0ElsFRpQtYfWRaTZUwpeqo2TCF-uKwNVXdY79nce6SAlyo8PXZT5wycOIciJhG6Fq7yLS24HQFXBg3bE1eBm5q2N-rSaTn1N3AAKAha7rkLmBAEU8oJSXkgPop9TvpQWqGs8ovUJpiwAHiWNd3MVpcRRoiH4R8pyt8VSVw7bi1U52Bdao0WdfOP5tIjGRjEcehx-sbxVgRRMzsGl7Uj5b6Qh7IfTTl23iACXtYjSociiRD3Eh3zMG2kbzgyhGvPTqMlQdaIRAkdcGTeePvvOyg54uHfhVWicU3WF4OuHpGvGnNVLJ4s6nQL3X1-3Mu-aXxfCtH6ZeKE87UPThA-JOGzJv3kP_hXnA9Y9Lx3dHH1Grsk1LKqL8WR2m5OAhDf8tVDtqKJBn_2VQvpBbIQ329cZARCi4MUVXKklc7ILab37f-08Wt0oQmS_UivOvwvq0d5MDptRgc9l7p7rYMviRZ_9a-oOgu9fd8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_5wamNVkZZORPI313wOM87WoAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5Nzc1NTE0NzMzNzYzNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBMECT9DIIC06aA2W_rLzbvcqsmpHWeZgqbXZQmrcbsIRdEii3dx3qh9c8idTOLiJ5MT5MDirUCgAsj8-O181w-JUrI4sncOUVK2yI-163R85wnTrWh5oOvOClUfY7qAZLpALAUs00C5AMoEp-uyDL-ar3jvcxafIvpZrhclvRpy2hvLXAxAOsbQ2kB4t43y0gnM3TUM2y13mS8cwmAtn-cO-vucJMFrUSBN6LGbNUBdOkV-M6GXhsua-lWZVjv2u5769KfMOGTGf0euDj8fpp0zZDv7X-LEzpSPP2ruEekmJa9EZApwDpdV0iK9kAODTdQI2nPyFRNn3sxYUdRoA4a3jsQ5rziCqxiToWF6gAi6VXFpTed7mvYIzH7jFfnRQ7sPNtE6iwY6u0YDUGIj_Crvsqc8UAcBfsOQZubEOv2GlZWh64AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwi5hPLh3eSCAxWN-ncKHYx5DRXQFQGAFwE%26num%3D1%26sig%3DAOD64_05v9-5ZMeTDV-hE3oxQWToc4btHA%26client%3Dca-pub-9997755147337636%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 17:44:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1772275
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 2379 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWTVmAAPCJMKd_qNAA15jCsHQraMQjnJGFbQTQ&u=%7CqBpCApGdDSWDkv7Zu%2FiDoI2zhdkgIPzwFdtqG2W0m3k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Ggba7Ek_uEWjlAtlimXUzow8WqpljR2ztyEV7zyKcFBJjo-Hnl4JHWoEv3PF2VNXkL1fRqzr37PTvDjuNfkJ0ElsFRpQtYfWRaTZUwpeqo2TCF-uKwNVXdY79nce6SAlyo8PXZT5wycOIciJhG6Fq7yLS24HQFXBg3bE1eBm5q2N-rSaTn1N3AAKAha7rkLmBAEU8oJSXkgPop9TvpQWqGs8ovUJpiwAHiWNd3MVpcRRoiH4R8pyt8VSVw7bi1U52Bdao0WdfOP5tIjGRjEcehx-sbxVgRRMzsGl7Uj5b6Qh7IfTTl23iACXtYjSociiRD3Eh3zMG2kbzgyhGvPTqMlQdaIRAkdcGTeePvvOyg54uHfhVWicU3WF4OuHpGvGnNVLJ4s6nQL3X1-3Mu-aXxfCtH6ZeKE87UPThA-JOGzJv3kP_hXnA9Y9Lx3dHH1Grsk1LKqL8WR2m5OAhDf8tVDtqKJBn_2VQvpBbIQ329cZARCi4MUVXKklc7ILab37f-08Wt0oQmS_UivOvwvq0d5MDptRgc9l7p7rYMviRZ_9a-oOgu9fd8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_5wamNVkZZORPI313wOM87WoAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5Nzc1NTE0NzMzNzYzNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBMECT9DIIC06aA2W_rLzbvcqsmpHWeZgqbXZQmrcbsIRdEii3dx3qh9c8idTOLiJ5MT5MDirUCgAsj8-O181w-JUrI4sncOUVK2yI-163R85wnTrWh5oOvOClUfY7qAZLpALAUs00C5AMoEp-uyDL-ar3jvcxafIvpZrhclvRpy2hvLXAxAOsbQ2kB4t43y0gnM3TUM2y13mS8cwmAtn-cO-vucJMFrUSBN6LGbNUBdOkV-M6GXhsua-lWZVjv2u5769KfMOGTGf0euDj8fpp0zZDv7X-LEzpSPP2ruEekmJa9EZApwDpdV0iK9kAODTdQI2nPyFRNn3sxYUdRoA4a3jsQ5rziCqxiToWF6gAi6VXFpTed7mvYIzH7jFfnRQ7sPNtE6iwY6u0YDUGIj_Crvsqc8UAcBfsOQZubEOv2GlZWh64AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwi5hPLh3eSCAxWN-ncKHYx5DRXQFQGAFwE%26num%3D1%26sig%3DAOD64_05v9-5ZMeTDV-hE3oxQWToc4btHA%26client%3Dca-pub-9997755147337636%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Nov 2024 17:44:57 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2379 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=148&m=0&partner=109283&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109283%2F5121723%2F4a7f80dda98047fca39f40cce2564e03_whatsapp_image_2023-11-20_at_08.22.14.jpeg&v=3&w=296&rid=4&s=mvkMAZwpDA5AX7mpNTVglkAC
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWTVmAAPCJMKd_qNAA15jCsHQraMQjnJGFbQTQ&u=%7CqBpCApGdDSWDkv7Zu%2FiDoI2zhdkgIPzwFdtqG2W0m3k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Ggba7Ek_uEWjlAtlimXUzow8WqpljR2ztyEV7zyKcFBJjo-Hnl4JHWoEv3PF2VNXkL1fRqzr37PTvDjuNfkJ0ElsFRpQtYfWRaTZUwpeqo2TCF-uKwNVXdY79nce6SAlyo8PXZT5wycOIciJhG6Fq7yLS24HQFXBg3bE1eBm5q2N-rSaTn1N3AAKAha7rkLmBAEU8oJSXkgPop9TvpQWqGs8ovUJpiwAHiWNd3MVpcRRoiH4R8pyt8VSVw7bi1U52Bdao0WdfOP5tIjGRjEcehx-sbxVgRRMzsGl7Uj5b6Qh7IfTTl23iACXtYjSociiRD3Eh3zMG2kbzgyhGvPTqMlQdaIRAkdcGTeePvvOyg54uHfhVWicU3WF4OuHpGvGnNVLJ4s6nQL3X1-3Mu-aXxfCtH6ZeKE87UPThA-JOGzJv3kP_hXnA9Y9Lx3dHH1Grsk1LKqL8WR2m5OAhDf8tVDtqKJBn_2VQvpBbIQ329cZARCi4MUVXKklc7ILab37f-08Wt0oQmS_UivOvwvq0d5MDptRgc9l7p7rYMviRZ_9a-oOgu9fd8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_5wamNVkZZORPI313wOM87WoAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5Nzc1NTE0NzMzNzYzNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBMECT9DIIC06aA2W_rLzbvcqsmpHWeZgqbXZQmrcbsIRdEii3dx3qh9c8idTOLiJ5MT5MDirUCgAsj8-O181w-JUrI4sncOUVK2yI-163R85wnTrWh5oOvOClUfY7qAZLpALAUs00C5AMoEp-uyDL-ar3jvcxafIvpZrhclvRpy2hvLXAxAOsbQ2kB4t43y0gnM3TUM2y13mS8cwmAtn-cO-vucJMFrUSBN6LGbNUBdOkV-M6GXhsua-lWZVjv2u5769KfMOGTGf0euDj8fpp0zZDv7X-LEzpSPP2ruEekmJa9EZApwDpdV0iK9kAODTdQI2nPyFRNn3sxYUdRoA4a3jsQ5rziCqxiToWF6gAi6VXFpTed7mvYIzH7jFfnRQ7sPNtE6iwY6u0YDUGIj_Crvsqc8UAcBfsOQZubEOv2GlZWh64AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwi5hPLh3eSCAxWN-ncKHYx5DRXQFQGAFwE%26num%3D1%26sig%3DAOD64_05v9-5ZMeTDV-hE3oxQWToc4btHA%26client%3Dca-pub-9997755147337636%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
10bc0c2a4ae15beb8409efdeb2b71629bef3d37326d0dbaa647395c913f3a142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
2336
expires
Thu, 14 Nov 2024 12:56:38 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2379 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=109283&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109283%2F5121723%2F1598aaf8288a47aab630ccc7ba14c5cc_231108_mf_image_blackweek_general_v3_16_9.jpg&v=3&rid=4&s=PQPbdDfHtmDPL6QoNzGjHl6F
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWTVmAAPCJMKd_qNAA15jCsHQraMQjnJGFbQTQ&u=%7CqBpCApGdDSWDkv7Zu%2FiDoI2zhdkgIPzwFdtqG2W0m3k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Ggba7Ek_uEWjlAtlimXUzow8WqpljR2ztyEV7zyKcFBJjo-Hnl4JHWoEv3PF2VNXkL1fRqzr37PTvDjuNfkJ0ElsFRpQtYfWRaTZUwpeqo2TCF-uKwNVXdY79nce6SAlyo8PXZT5wycOIciJhG6Fq7yLS24HQFXBg3bE1eBm5q2N-rSaTn1N3AAKAha7rkLmBAEU8oJSXkgPop9TvpQWqGs8ovUJpiwAHiWNd3MVpcRRoiH4R8pyt8VSVw7bi1U52Bdao0WdfOP5tIjGRjEcehx-sbxVgRRMzsGl7Uj5b6Qh7IfTTl23iACXtYjSociiRD3Eh3zMG2kbzgyhGvPTqMlQdaIRAkdcGTeePvvOyg54uHfhVWicU3WF4OuHpGvGnNVLJ4s6nQL3X1-3Mu-aXxfCtH6ZeKE87UPThA-JOGzJv3kP_hXnA9Y9Lx3dHH1Grsk1LKqL8WR2m5OAhDf8tVDtqKJBn_2VQvpBbIQ329cZARCi4MUVXKklc7ILab37f-08Wt0oQmS_UivOvwvq0d5MDptRgc9l7p7rYMviRZ_9a-oOgu9fd8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_5wamNVkZZORPI313wOM87WoAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5Nzc1NTE0NzMzNzYzNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBMECT9DIIC06aA2W_rLzbvcqsmpHWeZgqbXZQmrcbsIRdEii3dx3qh9c8idTOLiJ5MT5MDirUCgAsj8-O181w-JUrI4sncOUVK2yI-163R85wnTrWh5oOvOClUfY7qAZLpALAUs00C5AMoEp-uyDL-ar3jvcxafIvpZrhclvRpy2hvLXAxAOsbQ2kB4t43y0gnM3TUM2y13mS8cwmAtn-cO-vucJMFrUSBN6LGbNUBdOkV-M6GXhsua-lWZVjv2u5769KfMOGTGf0euDj8fpp0zZDv7X-LEzpSPP2ruEekmJa9EZApwDpdV0iK9kAODTdQI2nPyFRNn3sxYUdRoA4a3jsQ5rziCqxiToWF6gAi6VXFpTed7mvYIzH7jFfnRQ7sPNtE6iwY6u0YDUGIj_Crvsqc8UAcBfsOQZubEOv2GlZWh64AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwi5hPLh3eSCAxWN-ncKHYx5DRXQFQGAFwE%26num%3D1%26sig%3DAOD64_05v9-5ZMeTDV-hE3oxQWToc4btHA%26client%3Dca-pub-9997755147337636%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aca84b0983515a3954813cc4a99657f826057ea5692148ec2fd437f97584de5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
100128
expires
Thu, 14 Nov 2024 13:03:18 GMT
all
csm.eu.criteo.net/ Frame 2379 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=LIhKuWrMjf9arRBKeGRxBRPj6z_wZc6WwkVWvBMCtvZlEQDPEVB1FP9JdnGVJN_ZHAJjBBwQs6EL9lh9T08lzAAO_ipDhcE0cy38PmMwHTqLAGwRKdQvYPzIWep6UhQNzrOQuBr5R1tLHBUDPpuZiguKZO665WcspB4WhUXdb9WBXCYE7KINYpHaTaewp3-Ldvh6oeP7Gg1gFE1ZHsAsmBLz3NAAsKY9IYxP_Zf4UWF1TvN232SuZpO3EXYOAlB2uW8_Kg&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWTVmAAPCJMKd_qNAA15jCsHQraMQjnJGFbQTQ&u=%7CqBpCApGdDSWDkv7Zu%2FiDoI2zhdkgIPzwFdtqG2W0m3k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Ggba7Ek_uEWjlAtlimXUzow8WqpljR2ztyEV7zyKcFBJjo-Hnl4JHWoEv3PF2VNXkL1fRqzr37PTvDjuNfkJ0ElsFRpQtYfWRaTZUwpeqo2TCF-uKwNVXdY79nce6SAlyo8PXZT5wycOIciJhG6Fq7yLS24HQFXBg3bE1eBm5q2N-rSaTn1N3AAKAha7rkLmBAEU8oJSXkgPop9TvpQWqGs8ovUJpiwAHiWNd3MVpcRRoiH4R8pyt8VSVw7bi1U52Bdao0WdfOP5tIjGRjEcehx-sbxVgRRMzsGl7Uj5b6Qh7IfTTl23iACXtYjSociiRD3Eh3zMG2kbzgyhGvPTqMlQdaIRAkdcGTeePvvOyg54uHfhVWicU3WF4OuHpGvGnNVLJ4s6nQL3X1-3Mu-aXxfCtH6ZeKE87UPThA-JOGzJv3kP_hXnA9Y9Lx3dHH1Grsk1LKqL8WR2m5OAhDf8tVDtqKJBn_2VQvpBbIQ329cZARCi4MUVXKklc7ILab37f-08Wt0oQmS_UivOvwvq0d5MDptRgc9l7p7rYMviRZ_9a-oOgu9fd8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_5wamNVkZZORPI313wOM87WoAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5Nzc1NTE0NzMzNzYzNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBMECT9DIIC06aA2W_rLzbvcqsmpHWeZgqbXZQmrcbsIRdEii3dx3qh9c8idTOLiJ5MT5MDirUCgAsj8-O181w-JUrI4sncOUVK2yI-163R85wnTrWh5oOvOClUfY7qAZLpALAUs00C5AMoEp-uyDL-ar3jvcxafIvpZrhclvRpy2hvLXAxAOsbQ2kB4t43y0gnM3TUM2y13mS8cwmAtn-cO-vucJMFrUSBN6LGbNUBdOkV-M6GXhsua-lWZVjv2u5769KfMOGTGf0euDj8fpp0zZDv7X-LEzpSPP2ruEekmJa9EZApwDpdV0iK9kAODTdQI2nPyFRNn3sxYUdRoA4a3jsQ5rziCqxiToWF6gAi6VXFpTed7mvYIzH7jFfnRQ7sPNtE6iwY6u0YDUGIj_Crvsqc8UAcBfsOQZubEOv2GlZWh64AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwi5hPLh3eSCAxWN-ncKHYx5DRXQFQGAFwE%26num%3D1%26sig%3DAOD64_05v9-5ZMeTDV-hE3oxQWToc4btHA%26client%3Dca-pub-9997755147337636%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 27 Nov 2023 17:44:57 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2379 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWTVmAAPCJMKd_qNAA15jCsHQraMQjnJGFbQTQ&u=%7CqBpCApGdDSWDkv7Zu%2FiDoI2zhdkgIPzwFdtqG2W0m3k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Ggba7Ek_uEWjlAtlimXUzow8WqpljR2ztyEV7zyKcFBJjo-Hnl4JHWoEv3PF2VNXkL1fRqzr37PTvDjuNfkJ0ElsFRpQtYfWRaTZUwpeqo2TCF-uKwNVXdY79nce6SAlyo8PXZT5wycOIciJhG6Fq7yLS24HQFXBg3bE1eBm5q2N-rSaTn1N3AAKAha7rkLmBAEU8oJSXkgPop9TvpQWqGs8ovUJpiwAHiWNd3MVpcRRoiH4R8pyt8VSVw7bi1U52Bdao0WdfOP5tIjGRjEcehx-sbxVgRRMzsGl7Uj5b6Qh7IfTTl23iACXtYjSociiRD3Eh3zMG2kbzgyhGvPTqMlQdaIRAkdcGTeePvvOyg54uHfhVWicU3WF4OuHpGvGnNVLJ4s6nQL3X1-3Mu-aXxfCtH6ZeKE87UPThA-JOGzJv3kP_hXnA9Y9Lx3dHH1Grsk1LKqL8WR2m5OAhDf8tVDtqKJBn_2VQvpBbIQ329cZARCi4MUVXKklc7ILab37f-08Wt0oQmS_UivOvwvq0d5MDptRgc9l7p7rYMviRZ_9a-oOgu9fd8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_5wamNVkZZORPI313wOM87WoAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5Nzc1NTE0NzMzNzYzNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBMECT9DIIC06aA2W_rLzbvcqsmpHWeZgqbXZQmrcbsIRdEii3dx3qh9c8idTOLiJ5MT5MDirUCgAsj8-O181w-JUrI4sncOUVK2yI-163R85wnTrWh5oOvOClUfY7qAZLpALAUs00C5AMoEp-uyDL-ar3jvcxafIvpZrhclvRpy2hvLXAxAOsbQ2kB4t43y0gnM3TUM2y13mS8cwmAtn-cO-vucJMFrUSBN6LGbNUBdOkV-M6GXhsua-lWZVjv2u5769KfMOGTGf0euDj8fpp0zZDv7X-LEzpSPP2ruEekmJa9EZApwDpdV0iK9kAODTdQI2nPyFRNn3sxYUdRoA4a3jsQ5rziCqxiToWF6gAi6VXFpTed7mvYIzH7jFfnRQ7sPNtE6iwY6u0YDUGIj_Crvsqc8UAcBfsOQZubEOv2GlZWh64AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwi5hPLh3eSCAxWN-ncKHYx5DRXQFQGAFwE%26num%3D1%26sig%3DAOD64_05v9-5ZMeTDV-hE3oxQWToc4btHA%26client%3Dca-pub-9997755147337636%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Nov 2024 17:44:57 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2379 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWTVmAAPCJMKd_qNAA15jCsHQraMQjnJGFbQTQ&u=%7CqBpCApGdDSWDkv7Zu%2FiDoI2zhdkgIPzwFdtqG2W0m3k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Ggba7Ek_uEWjlAtlimXUzow8WqpljR2ztyEV7zyKcFBJjo-Hnl4JHWoEv3PF2VNXkL1fRqzr37PTvDjuNfkJ0ElsFRpQtYfWRaTZUwpeqo2TCF-uKwNVXdY79nce6SAlyo8PXZT5wycOIciJhG6Fq7yLS24HQFXBg3bE1eBm5q2N-rSaTn1N3AAKAha7rkLmBAEU8oJSXkgPop9TvpQWqGs8ovUJpiwAHiWNd3MVpcRRoiH4R8pyt8VSVw7bi1U52Bdao0WdfOP5tIjGRjEcehx-sbxVgRRMzsGl7Uj5b6Qh7IfTTl23iACXtYjSociiRD3Eh3zMG2kbzgyhGvPTqMlQdaIRAkdcGTeePvvOyg54uHfhVWicU3WF4OuHpGvGnNVLJ4s6nQL3X1-3Mu-aXxfCtH6ZeKE87UPThA-JOGzJv3kP_hXnA9Y9Lx3dHH1Grsk1LKqL8WR2m5OAhDf8tVDtqKJBn_2VQvpBbIQ329cZARCi4MUVXKklc7ILab37f-08Wt0oQmS_UivOvwvq0d5MDptRgc9l7p7rYMviRZ_9a-oOgu9fd8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_5wamNVkZZORPI313wOM87WoAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5Nzc1NTE0NzMzNzYzNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBMECT9DIIC06aA2W_rLzbvcqsmpHWeZgqbXZQmrcbsIRdEii3dx3qh9c8idTOLiJ5MT5MDirUCgAsj8-O181w-JUrI4sncOUVK2yI-163R85wnTrWh5oOvOClUfY7qAZLpALAUs00C5AMoEp-uyDL-ar3jvcxafIvpZrhclvRpy2hvLXAxAOsbQ2kB4t43y0gnM3TUM2y13mS8cwmAtn-cO-vucJMFrUSBN6LGbNUBdOkV-M6GXhsua-lWZVjv2u5769KfMOGTGf0euDj8fpp0zZDv7X-LEzpSPP2ruEekmJa9EZApwDpdV0iK9kAODTdQI2nPyFRNn3sxYUdRoA4a3jsQ5rziCqxiToWF6gAi6VXFpTed7mvYIzH7jFfnRQ7sPNtE6iwY6u0YDUGIj_Crvsqc8UAcBfsOQZubEOv2GlZWh64AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwi5hPLh3eSCAxWN-ncKHYx5DRXQFQGAFwE%26num%3D1%26sig%3DAOD64_05v9-5ZMeTDV-hE3oxQWToc4btHA%26client%3Dca-pub-9997755147337636%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:44:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Nov 2024 17:44:57 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=599471650806210&bg=!-_il-LfNAAZxrfrxUa07ADQBe5WfOKx7Iugp1xUKqvICOhbjFaqc3ZLWLVKPrqeqAaHrKBVdOAN7cGAlUREbB_wgDa04AgAAAFVSAAAAAmgBB5kCtyMMxoyp1n6SHOhCxGRNsiB90w_7EQA_iPGDeRsXHSOF6Pw_8MxOwu7EfiNkHe3RvO-72p1Th2tgIWQjqL3sWiNEtY662og7a-qWYpxZuZaXCKGoAhNRMluKzokHcg5mRVo6zYkB-eXu7f4CGgGRSUaJoV8aXUwoBp3MC6cTT1hFRM3dZSbVq1XFHM8ONS9uX3xPSHcjSZTVLfuPDEof2hkZI5pdTVORY0Q5MruzOhdKsH3W_hXVjvdOd6gt-fqdmxlRj2KqN1faLYlac0ZTR0Ehfs2KX_5pHKf0mymp8NKR-0kZyHlLK2ONSpWGJT0W-6Ot9Gl57vo8tjqm5Ekv9d2TuWSmBaVnnxlHi02Jo9eYUs_o95Brvk745a7xwZByfL25p-wE7huhXxMBjz8W7lBlY9KeOH4aJGZ0x50nzNKx_mpur4CRe087F37jbCTFbk1hmHaGXS8x6dzpKPYkOuTRVhpfaaF73j-NqVAJTKaXNZ1cGa9lmlymNXyZawHHzJCnST6tomWbJxgichfPud4VnFzwH4bWra2WgE50f5UL6AaPCZmDoSuvgqpwPYOUh_e-uB-FpNGiFwKkx4LFga5uWLVueM87twpbewvxJRTvCgzy-d4KXWwy7rsEWm5PsyLphVUO-InMQzoX6d_36dWMAZfGJ_RDwV1IX-vZpitRuLMcZBva2e6BkEYGqmANYkqcVIZJaYUN0aBSbt2nHC2Oceppuz16UQEY1IvPw9SL23mYTOAF4YhicXZVtWBkwQPeDG_s7s-wNIsvOpH_kwQfn00mVZeLar7pUSIzlA0SvdT2iFKsV52WKOgxknTBckvBkxbtjnZEmu7ZuongyXHmQpslvdcScCdA_TYgnvRhPGtRTunZKqKMD9DCZTEsT9hM1djdLz2FOWeV9HSyaoCM-dMJF8rr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
log
hblg.media.net/ 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=hbaw&itype=HB&tElp=2450&adt=desktop&cid=8CU2C156D&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PR8I7NL2&dn=newsheater.com&servname=ssp-serving-yin-7b5ffc7794-cnjjr&svr=2023112110_250_112507_67_112507_79_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001701107095591007642542087519&sspAbBucket=CONTROL&lw=0&dapp=green&nob=&bx_dc=mnet_sc&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&tcf_gdpr=&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=-----------&uspco_status=-----------&uspct_status=-----------&uspnat_status=-----------&usput_status=-----------&uspva_status=-----------&abte=SSP_CLIENT&rtype=DIRECT_ADS&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=800&gtd=1&inid=&ngfundl=800&rdl=800&r_tim%3C%3E=&pubdpa=&pvid=-1&exid=38&req_mtype%3C%3E=&res_mtype=&pv_adtype=&adtypes=&pbasrc=0&mang=&dpa=&crid=447188147&g=0&nms=1&ptype=20&supcrid=DFP_ROS_Interstitial&r_fp%3C%3E=&acid=338982109596831751701107096059&astat=&auMxTm=800&actltime=801&acwtime=801&gFunDl=800&ngFunDl=800&aucToK=ngfd&aucTic=800&aer=1&agid%3C%3E=&asagid=&asbkt=&adj1=0&dpsh_src=1&adj0=0&pst=0&adj2=0&incentive_expense=0&incentive_type=0&discount=0&bdp=0.00&cpm=0&ogbdp=0&cbdp=0.00&dfpBd=0.00&aogbdp=&abtest_status=&bucket_id=&exp_id=&flrver=&flrrule=&bfa_al=&bfa_pr=&bfa_stat=&flr_price=0&flr_strat=&advId=&advNm=&pvAgNm=&pvAgId=&advUrl=&ba=2&prspt=headerBid&act=headerBid&mowxReqId=&ckfl=&cs=&iurl=&di=&dt=O&dp=0&dsrc=&dbf=0&epc=&epc2=&epc3=&pbidflr=0&bfs=&nbr=0&prvAccId=%2F21625568658%2FIMS%2FNewsHeater%2Fdesktop%2Finterstitial%2Fros&pcrid=null&size=&req_size=&s=1&snm=success&toconsider=1&mnet_ckfl=&rbr=&ruct=0&ae=0&ftr%3C%3E=&og_bid=0&pcon=%7B%22cpm%22%3A%220%22%2C%22logAW%22%3A%22false%22%2C%22pvid%22%3A%2291%22%7D&adType=&gtime=-1&htime=-1&stime=-1&ltime=-1&brc=0&brt=1701107098&but=0&bidId=245454149743166791701107098001&mpvid=&abs=&apid=&ybnca_bbid=&binfobid=&bdata=&bId=&cmpid=&cat=&attr=&dtc=&prvReqId=&ybnca_erpm=&exp=&ybnca_gbid=&htps=&patint=&patkey=&fpuReq=&prvApiId=&mp_seg%3C%3E=&pcId=&pvNbr=&pvNbrDtls=&pseat=&rtime=&seat=&ortbseat=&sbdrid=&ybnca_vbid=&wsip=&pvdTmax=0&td=%7B%7D&sec=&chnl=&csent=0&zn=d&dfpadvId=&dfpcmpId=&isEmp=1&dfpAdPath=%2F21625568658%2C136417767%2FIMS%2FNewsHeater%2Fdesktop%2Finterstitial%2Fros&dfpDiv=DFP_ROS_Interstitial&sz=&srcAgCrid=&srcAgLid=&lbid=&isbckfl=0&srvcnm=publisher_ads&sspReq=&csip=&sspReg=&mnrf=0&mnrfc=0&invw=-1&strg=&dStat=&dcbdp=0&adfpBd=&dcs=&tref=0&rfc=0&iwr=0&fo=0&aqp=0&acrid=&aqm=&aqb=&aqws=&def_size=1x1&top=0&btm=0&lft=0&rght=0&lper=1&rme=&ra_sz=&udc=0&oyaf=0&cpr=0.6170677083562819&omul=1&currsrc=NA&ocurr=&mview=0&ebuid=&rti=-1&requrl=https%3A%2F%2Fnewsheater.com%2F2023%2F11%2F&kwrf=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.100.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-100-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 17:44:58 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 27 Nov 2023 17:44:58 GMT
nunito-v8-latin-700.woff2
newsheater.com/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2
Requested by
Host: newsheater.com
URL: https://newsheater.com/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.12.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
cdc28355b0b7217392395460dd7dfbc65a4cf0822c986a7533f4ca7434799e53

Request headers

Referer
https://newsheater.com/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.12.8
Origin
https://newsheater.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Oct 2023 11:47:46 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
18935
nunito-v8-latin-regular.woff2
newsheater.com/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsheater.com/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2
Requested by
Host: newsheater.com
URL: https://newsheater.com/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.12.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.105.106 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
623b62596e07df1fbf3a9fc0219c238e373bec6e55349826b0315b50ed2a7a7d

Request headers

Referer
https://newsheater.com/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.12.8
Origin
https://newsheater.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 17:44:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Oct 2023 11:47:46 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
18819
log
hblg.media.net/ 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=hbaw&itype=HB&tElp=2607&adt=desktop&cid=8CU2C156D&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PR8I7NL2&dn=newsheater.com&servname=ssp-serving-yin-7b5ffc7794-cnjjr&svr=2023112110_250_112507_67_112507_79_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001701107095591007642542087519&sspAbBucket=CONTROL&lw=0&dapp=green&nob=&bx_dc=mnet_sc&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&tcf_gdpr=&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=-----------&uspco_status=-----------&uspct_status=-----------&uspnat_status=-----------&usput_status=-----------&uspva_status=-----------&abte=SSP_CLIENT&rtype=DIRECT_ADS&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=800&gtd=1&inid=&ngfundl=800&rdl=800&r_tim%3C%3E=&pubdpa=&pvid=-1&exid=38&req_mtype%3C%3E=&res_mtype=&pv_adtype=&adtypes=&pbasrc=0&mang=&dpa=&crid=502163673&g=1&nms=3&ptype=20&supcrid=DFP_ROS_Intext_Leaderboard_Desktop&r_fp%3C%3E=&acid=358459438471416631701107095594&astat=&auMxTm=800&actltime=1289&acwtime=1289&gFunDl=800&ngFunDl=800&aucToK=ngfd&aucTic=800&aer=1&agid%3C%3E=&asagid=&asbkt=&adj1=0&dpsh_src=1&adj0=0&pst=0&adj2=0&incentive_expense=0&incentive_type=0&discount=0&bdp=0.00&cpm=0&ogbdp=0&cbdp=0.00&dfpBd=0.00&aogbdp=&abtest_status=&bucket_id=&exp_id=&flrver=&flrrule=&bfa_al=&bfa_pr=&bfa_stat=&flr_price=0&flr_strat=&advId=&advNm=&pvAgNm=&pvAgId=&advUrl=&ba=1&prspt=headerBid&act=headerBid&mowxReqId=&ckfl=&cs=&iurl=&di=&dt=O&dp=0&dsrc=&dbf=0&epc=&epc2=&epc3=&pbidflr=0&bfs=&nbr=0&prvAccId=%2F21625568658%2FIMS%2FNewsHeater%2Fdesktop%2Fin_text_leaderboard%2Fros&pcrid=138333922949&size=728x90&req_size=728x90&s=1&snm=success&toconsider=1&mnet_ckfl=&rbr=&ruct=0&ae=0&ftr%3C%3E=&og_bid=0&pcon=%7B%22cpm%22%3A%220%22%2C%22logAW%22%3A%22true%22%2C%22pvid%22%3A%22230%22%7D&adType=&gtime=-1&htime=-1&stime=-1&ltime=-1&brc=0&brt=1701107098&but=0&bidId=311351835981609731701107098160&mpvid=&abs=&apid=&ybnca_bbid=&binfobid=&bdata=&bId=&cmpid=&cat=&attr=&dtc=&prvReqId=&ybnca_erpm=&exp=&ybnca_gbid=&htps=&patint=&patkey=&fpuReq=&prvApiId=&mp_seg%3C%3E=&pcId=&pvNbr=&pvNbrDtls=&pseat=&rtime=&seat=&ortbseat=&sbdrid=&ybnca_vbid=&wsip=&pvdTmax=0&td=%7B%7D&sec=&chnl=&csent=0&zn=d&dfpadvId=4615332407&dfpcmpId=2380174762&isEmp=0&dfpAdPath=%2F21625568658%2C136417767%2FIMS%2FNewsHeater%2Fdesktop%2Fin_text_leaderboard%2Fros&dfpDiv=DFP_ROS_Intext_Leaderboard_Desktop&sz=728x90&srcAgCrid=138333922949&srcAgLid=5563206449&lbid=&isbckfl=1&srvcnm=publisher_ads&sspReq=&csip=&sspReg=&mnrf=0&mnrfc=0&invw=-1&strg=&dStat=&dcbdp=0&adfpBd=&dcs=&tref=0&rfc=0&iwr=0&fo=0&aqp=0&acrid=&aqm=&aqb=&aqws=&def_size=&top=0&btm=90&lft=0&rght=1600&lper=1&rme=&ra_sz=728x90&udc=0&oyaf=0&cpr=0.4633601411238515&omul=1&currsrc=NA&ocurr=&mview=0&ebuid=&rti=-1&requrl=https%3A%2F%2Fnewsheater.com%2F2023%2F11%2F&kwrf=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.100.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-100-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsheater.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 17:44:58 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 27 Nov 2023 17:44:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 553F 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoo9N9DGRWMyZe3eRSnuEyrIngs4SpkiU4qV93A3GdFz1KoloWrXzz_DzI87nhiE__4tbBOcUekCQJnAWkVbB_bOD8v226O62U8OulPo--rp159FT2&sig=Cg0ArKJSzLCaAG4mykwWEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2984589868&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701107097155&rpt=106&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 17:44:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 2379 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=LIhKuWrMjf9arRBKeGRxBRPj6z_wZc6WwkVWvBMCtvZlEQDPEVB1FP9JdnGVJN_ZHAJjBBwQs6EL9lh9T08lzAAO_ipDhcE0cy38PmMwHTqLAGwRKdQvYPzIWep6UhQNzrOQuBr5R1tLHBUDPpuZiguKZO665WcspB4WhUXdb9WBXCYE7KINYpHaTaewp3-Ldvh6oeP7Gg1gFE1ZHsAsmBLz3NAAsKY9IYxP_Zf4UWF1TvN232SuZpO3EXYOAlB2uW8_Kg&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWTVmAAPCJMKd_qNAA15jCsHQraMQjnJGFbQTQ&u=%7CqBpCApGdDSWDkv7Zu%2FiDoI2zhdkgIPzwFdtqG2W0m3k%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5Ggba7Ek_uEWjlAtlimXUzow8WqpljR2ztyEV7zyKcFBJjo-Hnl4JHWoEv3PF2VNXkL1fRqzr37PTvDjuNfkJ0ElsFRpQtYfWRaTZUwpeqo2TCF-uKwNVXdY79nce6SAlyo8PXZT5wycOIciJhG6Fq7yLS24HQFXBg3bE1eBm5q2N-rSaTn1N3AAKAha7rkLmBAEU8oJSXkgPop9TvpQWqGs8ovUJpiwAHiWNd3MVpcRRoiH4R8pyt8VSVw7bi1U52Bdao0WdfOP5tIjGRjEcehx-sbxVgRRMzsGl7Uj5b6Qh7IfTTl23iACXtYjSociiRD3Eh3zMG2kbzgyhGvPTqMlQdaIRAkdcGTeePvvOyg54uHfhVWicU3WF4OuHpGvGnNVLJ4s6nQL3X1-3Mu-aXxfCtH6ZeKE87UPThA-JOGzJv3kP_hXnA9Y9Lx3dHH1Grsk1LKqL8WR2m5OAhDf8tVDtqKJBn_2VQvpBbIQ329cZARCi4MUVXKklc7ILab37f-08Wt0oQmS_UivOvwvq0d5MDptRgc9l7p7rYMviRZ_9a-oOgu9fd8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_5wamNVkZZORPI313wOM87WoAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5Nzc1NTE0NzMzNzYzNsgBCakCEw_QOdxbsj7gAgCoAwHIAwKqBMECT9DIIC06aA2W_rLzbvcqsmpHWeZgqbXZQmrcbsIRdEii3dx3qh9c8idTOLiJ5MT5MDirUCgAsj8-O181w-JUrI4sncOUVK2yI-163R85wnTrWh5oOvOClUfY7qAZLpALAUs00C5AMoEp-uyDL-ar3jvcxafIvpZrhclvRpy2hvLXAxAOsbQ2kB4t43y0gnM3TUM2y13mS8cwmAtn-cO-vucJMFrUSBN6LGbNUBdOkV-M6GXhsua-lWZVjv2u5769KfMOGTGf0euDj8fpp0zZDv7X-LEzpSPP2ruEekmJa9EZApwDpdV0iK9kAODTdQI2nPyFRNn3sxYUdRoA4a3jsQ5rziCqxiToWF6gAi6VXFpTed7mvYIzH7jFfnRQ7sPNtE6iwY6u0YDUGIj_Crvsqc8UAcBfsOQZubEOv2GlZWh64AQBgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAeINEwi5hPLh3eSCAxWN-ncKHYx5DRXQFQGAFwE%26num%3D1%26sig%3DAOD64_05v9-5ZMeTDV-hE3oxQWToc4btHA%26client%3Dca-pub-9997755147337636%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 27 Nov 2023 17:44:58 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery function| _ object| Backbone object| wpApiSettings object| wp object| wpdaApiSettings object| cb_wp object| advBidxc function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| wts7 function| wts_count_init object| moove_frontend_gdpr_scripts function| postscribe function| gdpr_lightbox string| gdpr_consent__strict string| gdpr_consent__thirdparty string| gdpr_consent__advanced string| gdpr_consent__cookies function| isSet function| IsInIframe function| rtype object| regeneratorRuntime object| googletag object| _mNHandle string| medianet_versionId function| EvEmitter function| imagesLoaded function| wtslog7 function| wtslog7Exe function| redirect7 function| finalProcessing7 function| pingPage7 function| getPanelData7 function| updatePanelDisplay7 function| writeData7 function| getData7 function| messageWorker function| wtsDebug7 string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| hbCMBidxc object| _mNDetails undefined| _mNE object| runtime function| sprintf function| vsprintf object| ElementorProFrontendConfig object| elementorFrontendConfig object| twemoji object| cbox function| setImmediate function| clearImmediate function| HowlerGlobal object| Howler function| Howl function| Sound number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

21 Cookies

Domain/Path Name / Value
.newsheater.com/ Name: _ga_W1J31YHC98
Value: GS1.1.1701107095.1.0.1701107095.0.0.0
newsheater.com/ Name: mnet_session_depth
Value: 1%7C1701107095592
.newsheater.com/ Name: _gid
Value: GA1.2.1240701949.1701107096
.newsheater.com/ Name: _gat_gtag_UA_136162586_1
Value: 1
.newsheater.com/ Name: _ga_ECEZM82RYR
Value: GS1.1.1701107095.1.0.1701107095.0.0.0
.newsheater.com/ Name: _ga
Value: GA1.1.911717999.1701107095
newsheater.com/ Name: session_depth
Value: newsheater.com%3D1%7C273941585%3D1
newsheater.com/ Name: mnjs_session_depth
Value: 1%7C1701107096078
app.ardalio.com/ Name: ack_2145191
Value: 1
app.ardalio.com/ Name: tll_2145191
Value: 1701107096
app.ardalio.com/ Name: tllc_2145191
Value: 1701107096
app.ardalio.com/ Name: prev2_2145191
Value: https://newsheater.com/2023/11
app.ardalio.com/ Name: sta_2145191
Value: regular
app.ardalio.com/ Name: sid_2145191
Value: ZWTVmJlF4rWgk9mnU1A1pwAAAAM
app.ardalio.com/ Name: vid_2145191
Value: ZWTVmJlF4rWgk9mnU1A1pwAAAAM
app.ardalio.com/ Name: nv_2145191
Value: 1
app.ardalio.com/ Name: or_2145191
Value:
.media.net/ Name: visitor-id
Value: 3441086965428176000V10
.newsheater.com/ Name: __gads
Value: ID=671c38b4cf437cd6:T=1701107096:RT=1701107096:S=ALNI_MZRQXbhwXN4Dj5S8c-saW9HsovnNg
.newsheater.com/ Name: __gpi
Value: UID=00000ce807bc01a6:T=1701107096:RT=1701107096:S=ALNI_Mb96T_PQtTaNK3o_1uiPLw6jkxZxA
.doubleclick.net/ Name: IDE
Value: AHWqTUnwJq7DZC55Bu8I1AgaykngFFyKf43mSI4tdpkzwzKYJX7ldD9HM7nRxhA-mDI

1 Console Messages

Source Level URL
Text
other warning URL: https://4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4ac0f88b0ed1229d36cbd08294010347.safeframe.googlesyndication.com
ads.eu.criteo.com
app.ardalio.com
app.convertbox.com
c21lg-d.media.net
cat.nl3.eu.criteo.com
cdn.convertbox.com
contextual.media.net
csm.eu.criteo.net
fonts.bunny.net
fonts.googleapis.com
fonts.gstatic.com
forms.aweber.com
hblg.media.net
hbx.media.net
imageproxy.eu.criteo.net
lg3.media.net
newsheater.com
pagead2.googlesyndication.com
polyfill.io
prebid.media.net
region1.google-analytics.com
rtb.nl3.eu.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
151.101.193.91
178.250.1.6
2.19.100.239
2001:4860:4802:34::36
23.35.228.23
2400:52e0:1e00::1080:1
2400:52e0:1e00::1081:1
2606:4700:20::681a:11e
2a00:1450:4001:803::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::9
2a02:2638:d::2
2a04:4e42:c00::282
34.120.63.153
54.209.119.97
68.183.105.106
0070bb19e063d11fcb6c67ed646297928888394ec14de90f4c94a75be89c407a
00812b0d9c485c5f5769d77e5cc34e246c5d1c6c9c5fae3888b0ebf4ce0b7e2c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08b70622cb674b9618a08e88631f59b27dbe931a68004344a4c1a27b61f0e546
093fae69f8afca84866a78031a34fdda3f77bb4abc1fb8f9cda9ef97d608d043
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
099bcf320096f9c92e3f357400c2d57ff088b9d03f0013d6f2687c9a88da3055
0b80b5e1f503e8e7c0d3badbc0ed4cab9c1b573c1422d05232c42400f8e2c484
10bc0c2a4ae15beb8409efdeb2b71629bef3d37326d0dbaa647395c913f3a142
1166085fa6a2be346719c0be8353fcdbe5edf138bff9a15371389bda76a4077b
144dafaa7d28ca8b3de61dade976701c1b73097d22a2cad300b1c303462d986e
150443ad6ff11f5674e85fe2300000ab2a29453d148295b0ddbcbe5e356fdee3
17a150703b586d6b7b045dd1dbbf1fa5071f454e8bc85940da6596f2b0a1e384
18dd7e18ad05cb33ee6730c5cfe190b0eeb8dc6926130df15bd634b2a7cb94a6
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a234275545ba883616ac6b4151a0f06d9bb097146e806e40317a263bbf1c51e
1a829e1d6e41d31c49d5da4fc80f0d3a7ec3a42346706e092e19515ac518a057
1ac45add80ea63b7d6b0ce78678a28ae818218e25c7d7eb0631de430c81a6bbe
1c10ec3d9d29980a757cead0f0185e6da7fef102cf549c2579975016093d80fd
1d12188dd79efc303757b6e5db8c5209b86dc96267310d401e3941bcd85fedde
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1da87c80692e1f76fab4ce5daf5c8215ae4fcb862ff243a7435afd8564146f5c
1de03408004e1f8ce0f19bddfd6cfe1e65637f24487c8e0d427356fe78853436
1eceed1288db493e03f13e6095f196792ff339be20b5f2d969def668587f1332
2885ecf0260f961f6f52cea907d8b2d6cc117ae4e7caae017d5da0934f0cec2f
2d91c5b43406f8e7f61aca23cec58ee76a8e9a9d4b9a7c96cc9700a3376ca42b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3c3c0ebe37e4fd4187131a0a8d039064a9014215c4b83199d909e7e0b2d7f450
4044b2a3b08bd6d4813c8056b92eddc837d2288f31ca9da984f3ce7aa5e24494
41eac43c1137e23dc691d5605126f42c477b739d40867c3022a1c9a857dd3194
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
468c647829713869edbd762b93d5d3a51fac6e8cab899e9f540880043415de6d
46ab0227a3fbb2bd75d81e2a1fa0e44ca7f6cd5d314c50e3da924bd3883ee6f5
46e7e77bcb4a5230afb6b802ae869aed536726faba990e82a8d28c40cf3cc27e
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
489e20b72a60c31f6dabedf2ef6aa75b613d62e8c88cc789b0eb429871403de9
4b276941b3ad41900406cfc43d937394baa0471ba2304c9b915ec6391132357d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5484b3e4d8d0a6fbea5b7902a05890c0199033c49783cfd4eaa20e8608ce712c
553bc0ffe126354a05cfbacb788eb50c1083ad0fe4044adac5d36d9d7c9a93a8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
586ad022c62858f3f6e6e5259fb817178f72ff60aa1ffe6436da5414536b1135
592ec571c6d7f993075f2ab81124c4d1ad74da70567495f7880713087574b02e
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5f9d3a91d5bbc09131900b7dc64ba4328bab03dc7221c5c2773397cb656bca18
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623b62596e07df1fbf3a9fc0219c238e373bec6e55349826b0315b50ed2a7a7d
688b9eeaf39cbec743ebc86439bc4f1d5c23a9429cb714ba5c568b3127f08ecc
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ec0aea80a20e20936be2d4f24bbf9fcea9e2cf16719c1e2fc160546db0618dd
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
733db8956fa0731fcff3bfba5d5bd27336db5f4af024544401fb5389d6481dd9
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
806eb15e9ccd722d5e816a2007e304710e82abceaaa43ca8bec250c0836481e3
89b53086e45a2b4624c8bd2967646e87522e484969f94c4e42b9ec0e99f18552
89e11befadb453147740e47b21db4b639b8dff43259487ccd25c7e61c39906c6
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90554181b9d143453475bb69bbce45d406f2d2119409db9b71da8552536681a7
9306fb20421302a5cc7601757596d43a3452338da05641f111ef1c3d31759d74
947960adcbb708c908d60c1fb55b6c617e11c93876ecf9f525f13accf7ddb591
97bc01d437b723fc9d5bd34f36c58d0b413c63905bc4a7d0f58ad9cc219b44c3
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9fb9b8f933abf3d4fef5803208d59f7cff8b83ecd94a8cb4cca08d14b2996865
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8663b09bb0498246633a4de554b8ba9ec2ff267138d48947fd7832de70bee51
a962d5a46476dfe466b3807c6cd96d3cb7b9fbc48f1c4110e1f0598f7ed5db45
aca84b0983515a3954813cc4a99657f826057ea5692148ec2fd437f97584de5b
aea7e17f4010e12e77894178e1b5e1f35c65b7313868e1da18c198ed4e78f0dd
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b321c3963b3208dc5918c586b3463ee4f51c24dccb39cf8e1b0b7b79802d6a65
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b588d9e258399729c26c0e2dd4ac6b291da9e6fea15ac74f609c5076277529db
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
bc770011243e9d2b1a735dbe4a8bf6cdd6b60a0968bce0bcb6eef84190efb1b6
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cdc28355b0b7217392395460dd7dfbc65a4cf0822c986a7533f4ca7434799e53
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d2dc151792dd1ca49f54e24274a40ead4439e02ba91224e47b82855fc8392b09
d61f9fa9e5f8e0c5912113986625a5b2fbd6fc75895c45968cf58d50350a4fa9
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e001977ff2382c9c29eae2d01312840836eb92f86c24a45e5fe76e1d23f2fcdf
e0aa068ac5dfad098da734d929000446f50930d7411a075c031ea96a9352970b
e27cef80cd97ee72facda07cbec137ca947db7f5431754e5a277890aa75a3fb5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f642b568df80ecd407b34f22e9effe3e47acb5177278eb65f4a38d2e743668
e8548e68a845ea4998a36c690829772b8c8176e4b4bbf00ac77615bc4b282f84
ec32eda321717c0da617841751a60dd4dfe70950fecebe013883dbe581e9d64c
ecad23944a77486d8434a8b360c2b6c1d5cbf21cf29d1506b048b2bd44d97b9a
ee03ca80fc937d6ca1b81c8be5e977dc79607f89522363679028724f990b3991
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2505437c541fbb54d3381687c49fded570dbc01ef97032d3db827f11825e971
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8bbcaaf86834ea210fe83a4089c20a247e5feccd2afff1ccd187d9adc9a2507
f9d8fc350d1c2dcfc6d4bd4c21c46ee22c9e181221ebb1696ecc52443748e72d
fc251ac3b509987441c5e0716919cda4d4f05266733a2f1fd6fcd53501c506fc
fc9c3669a7b2d5268b1d9d412e55358df011907d751c9fc8114fe3828f8a191a
ffdc34db789f2889829350e5d09d4e124d51a5d8e957d0b8d9bb87563814e813