newsdirectcorp-5691062.hs-sites.com Open in urlscan Pro
2606:4700::6811:ad5d Public Scan

Go To Rescan
Add Verdict Report

URL:
http://newsdirectcorp-5691062.hs-sites.com/
Submission: On February 26 via manual (February 26th 2024, 3:39:02 pm UTC) from US — Scanned from DE

Summary HTTP 66 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 37 IPs in 3 countries across 30 domains to perform 66 HTTP transactions. The main IP is 2606:4700::6811:ad5d, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsdirectcorp-5691062.hs-sites.com.

This is the only time newsdirectcorp-5691062.hs-sites.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700::68... 2606:4700::6811:ad5d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:e05d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6810:6fd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:480... 2a02:26f0:480:f::213:7ec4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2c40::c7... 2606:2c40::c73c:67e1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2606:4700:440... 2606:4700:4400::ac40:9284	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:b05d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:238... 2600:9000:238d:e600:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	18.239.30.197 18.239.30.197	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c1d::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6813:f912	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e4a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4fba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7c0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f9a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:4bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:a07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
66	37

1 2606:4700::6811:ad5d (United States)

ASN13335 (CLOUDFLARENET, US)

newsdirectcorp-5691062.hs-sites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:e05d (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:6fd1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:f::213:7ec4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.fuseplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7caf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2c40::c73c:67e1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.newsdirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9284 (United States)

ASN13335 (CLOUDFLARENET, US)

5691062.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:b05d (United States)

ASN13335 (CLOUDFLARENET, US)

newsdirectcorp-5691062.hs-sites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:238d:e600:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.30.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-30-197.ams58.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:f912 (United States)

ASN13335 (CLOUDFLARENET, US)

f.hubspotusercontent10.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e4a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4fba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7c0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f9a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a07d (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f107:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 8345	131 KB
5	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 4496 app.hubspot.com — Cisco Umbrella Rank: 5532 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4414 track.hubspot.com — Cisco Umbrella Rank: 2378 forms.hubspot.com — Cisco Umbrella Rank: 5269	28 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 stats.g.doubleclick.net — Cisco Umbrella Rank: 85 ad.doubleclick.net — Cisco Umbrella Rank: 157	165 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 297 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 619	76 KB
4	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5577	45 KB
4	hs-sites.com newsdirectcorp-5691062.hs-sites.com	9 KB
3	hubspotusercontent10.net f.hubspotusercontent10.net — Cisco Umbrella Rank: 55323	1019 KB
3	fuseplatform.net cdn.fuseplatform.net — Cisco Umbrella Rank: 12774	170 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	70 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 946	1 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 882 api.btloader.com — Cisco Umbrella Rank: 971	34 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6553	515 B
2	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2663	666 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
2	hubspotusercontent-na1.net 5691062.fs1.hubspotusercontent-na1.net	2 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 753	11 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	151 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	185 B
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 4828	1 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3488	1 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4802	25 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5007	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2187	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2200	17 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3178	4 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 306	2 KB
1	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 4024	449 B
1	newsdirect.com www.newsdirect.com	13 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	19 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	1 KB
66	30

	Domain	Requested by
8	cdn2.hubspot.net	newsdirectcorp-5691062.hs-sites.com
4	static.hsappstatic.net	newsdirectcorp-5691062.hs-sites.com
4	newsdirectcorp-5691062.hs-sites.com	newsdirectcorp-5691062.hs-sites.com js.usemessages.com
3	f.hubspotusercontent10.net	cdn2.hubspot.net
3	c.amazon-adsystem.com	cdn.fuseplatform.net c.amazon-adsystem.com
3	cdn.fuseplatform.net	newsdirectcorp-5691062.hs-sites.com cdn.fuseplatform.net
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	ad-delivery.net	newsdirectcorp-5691062.hs-sites.com
2	www.google.de	newsdirectcorp-5691062.hs-sites.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	securepubads.g.doubleclick.net	cdn.fuseplatform.net securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	5691062.fs1.hubspotusercontent-na1.net	newsdirectcorp-5691062.hs-sites.com
2	unpkg.com	1 redirects newsdirectcorp-5691062.hs-sites.com
2	www.googletagmanager.com	newsdirectcorp-5691062.hs-sites.com www.googletagmanager.com
1	www.facebook.com
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	perf-na1.hsforms.com	newsdirectcorp-5691062.hs-sites.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ad.doubleclick.net	newsdirectcorp-5691062.hs-sites.com
1	api.btloader.com	btloader.com
1	api.hubapi.com	js.hsadspixel.net
1	btloader.com	cdn.fuseplatform.net
1	app.hubspot.com	static.hsappstatic.net
1	js.usemessages.com	newsdirectcorp-5691062.hs-sites.com
1	js.hsleadflows.net	newsdirectcorp-5691062.hs-sites.com
1	js.hubspot.com	newsdirectcorp-5691062.hs-sites.com
1	js.hs-analytics.net	newsdirectcorp-5691062.hs-sites.com
1	js.hs-banner.com	newsdirectcorp-5691062.hs-sites.com
1	js.hsadspixel.net	newsdirectcorp-5691062.hs-sites.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	www.google.com	newsdirectcorp-5691062.hs-sites.com
1	cdn.jsdelivr.net	cdn.fuseplatform.net
1	cmp.inmobi.com	cdn.fuseplatform.net
1	www.newsdirect.com	newsdirectcorp-5691062.hs-sites.com
1	cdnjs.cloudflare.com	newsdirectcorp-5691062.hs-sites.com
1	fonts.googleapis.com	newsdirectcorp-5691062.hs-sites.com
66	39

This site contains links to these domains. Also see Links.

Domain
www.newsdirect.com
newsdirect.com

Subject Issuer	Validity	Valid
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
cdn.fuseplatform.net R3	`2023-12-20` - `2024-03-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.newsdirect.com GTS CA 1P5	`2024-02-17` - `2024-05-17`	3 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
hs-sites.com Cloudflare Inc ECC CA-3	`2024-02-14` - `2024-12-31`	a year	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
btloader.com GTS CA 1P5	`2024-02-15` - `2024-05-15`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2024-02-06` - `2024-05-06`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-05` - `2024-03-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://newsdirectcorp-5691062.hs-sites.com/
Frame ID: 5AB2BC08E1582D36A7BDF9D8EFDEDD77
Requests: 65 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

66
Requests

97 %
HTTPS

89 %
IPv6

30
Domains

39
Subdomains

37
IPs

3
Countries

2126 kB
Transfer

5616 kB
Size

14
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.newsdirect.com/privacy-policy?__hstc=233546881.fea4f4cb189bf588a31c1a11de8dda3a.1708961938599.1708961938599.1708961938599.1&__hssc=233546881.1.1708961938599&__hsfp=1638682131
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.newsdirect.com/?__hstc=233546881.fea4f4cb189bf588a31c1a11de8dda3a.1708961938599.1708961938599.1708961938599.1&__hssc=233546881.1.1708961938599&__hsfp=1638682131

Search URL Search Domain Scan URL

URL: https://www.newsdirect.com/affiliate-avenue?__hstc=233546881.fea4f4cb189bf588a31c1a11de8dda3a.1708961938599.1708961938599.1708961938599.1&__hssc=233546881.1.1708961938599&__hsfp=1638682131
Title: AffiliateAvenue

Search URL Search Domain Scan URL

URL: https://www.newsdirect.com/videovision?__hstc=233546881.fea4f4cb189bf588a31c1a11de8dda3a.1708961938599.1708961938599.1708961938599.1&__hssc=233546881.1.1708961938599&__hsfp=1638682131
Title: VideoVision

Search URL Search Domain Scan URL

URL: https://www.newsdirect.com/blogbuffet?__hstc=233546881.fea4f4cb189bf588a31c1a11de8dda3a.1708961938599.1708961938599.1708961938599.1&__hssc=233546881.1.1708961938599&__hsfp=1638682131
Title: BlogBuffet

Search URL Search Domain Scan URL

URL: https://www.newsdirect.com/pricing?__hstc=233546881.fea4f4cb189bf588a31c1a11de8dda3a.1708961938599.1708961938599.1708961938599.1&__hssc=233546881.1.1708961938599&__hsfp=1638682131
Title: Pricing

Search URL Search Domain Scan URL

URL: https://newsdirect.com/news?__hstc=233546881.fea4f4cb189bf588a31c1a11de8dda3a.1708961938599.1708961938599.1708961938599.1&__hssc=233546881.1.1708961938599&__hsfp=1638682131
Title: News Hub

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://unpkg.com/isotope-layout@3/dist/isotope.pkgd.min.js HTTP 302
https://unpkg.com/isotope-layout@3.0.6/dist/isotope.pkgd.min.js

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request / Show response
newsdirectcorp-5691062.hs-sites.com/ 18 KB
7 KB 417ms
393ms Document
text/html 2606:4700::6811:ad5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://newsdirectcorp-5691062.hs-sites.com/

Protocol

HTTP/1.1

Server

2606:4700::6811:ad5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74a0009cdd2d448c9c696674eb5ffcdcdf35df57313d2d64e753e454f0fb1a4f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: false
CF-Cache-Status: EXPIRED
CF-Ray: 85b94725ddd5925f-FRA
Cache-Control: s-maxage=5,max-age=5
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html;charset=utf-8
Date: Mon, 26 Feb 2024 15:38:56 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: origin, Accept-Encoding
X-Content-Type-Options: nosniff
X-HS-Reason: No view mapper found to handle request
X-HubSpot-Correlation-Id: fffead76-0cac-4f85-861b-dc5bb1fe7a7b
X-HubSpot-NotFound: true
X-Trace: 2B1685E333044F0462EC3139FED679BE9918C59ECC000000000000000000
alt-svc: h3=":443"; ma=86400
x-envoy-upstream-service-time: 158
x-evy-trace-listener: listener_http
x-evy-trace-route-configuration: listener_http/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/cms-hs-sites-td/envoy-proxy-569488cdcd-5pzts
x-evy-trace-virtual-host: all
x-request-id: fffead76-0cac-4f85-861b-dc5bb1fe7a7b

GET
H2 200 jquery-1.7.1.js Show response
static.hsappstatic.net/jquery-libs/static-1.1/jquery/ 92 KB
34 KB 50ms
27ms Script
application/javascript 2606:4700::6810:e05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:56 GMT
x-amz-version-id: null
via: 1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
age: 1557968
content-encoding: br
x-cache: Hit from cloudfront
last-modified: Tue, 25 Nov 2014 17:03:30 GMT
server: cloudflare
etag: W/"ddb84c1587287b2df08966081ef063bf"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDxboDQv6TRxe72sFnoOMyN97T4IzjJ40nABlzEhJuIg%2BW5HkurJgAjjnLK7fSwWR6w%2BTxf%2BLveoe%2BCrm%2FTUCnfhGBvW%2FlBrJhU5VwRwUXs5MVwn0A%2BNEntIjtV4ZodTynR%2FVb%2BZveUvHNEHDMTjPQaxzhc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85b947286cc1916a-FRA
x-amz-cf-id: 6BZBn_khnZ5sUxZADGnWQzfpWolYXRxkfBbkX-o9PDKR72FF5qC2sQ==
expires: Tue, 25 Feb 2025 15:38:56 GMT

GET
H2 200 newsdirect.min.css
cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043729886/1622202155019/News_Direct_Theme/css/ 1 MB
105 KB 96ms
74ms Stylesheet
text/css 2606:4700::6810:6fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043729886/1622202155019/News_Direct_Theme/css/newsdirect.min.css
Requested by: Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b82ae1ebe6e9f83f73cb754e044fa16d9637f7939bdabfaeaf76cfdcbab81125

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: dcb5eb04-db05-4361-b65a-e01043b9164a
x-hs-alternate-content-type: text/plain
x-envoy-upstream-service-time: 191
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: dcb5eb04-db05-4361-b65a-e01043b9164a
last-modified: Fri, 28 May 2021 11:42:39 GMT
server: cloudflare
etag: W/"b3896d4af0f31d19ac4d8f9635f50490"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1622202158600
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9nNjxUozhQsG%2B092H%2BeAlFPfdHybbxlXK3o24d3qf7petH8oKwO8SI1RohHHz5J3Bs%2FF8LPl48jTieaUh0kJ6JfjIjrGqpkdTkJt0elxcRqiyJfChRJcK%2BlBPp%2BqIpEs%2FxtTDk62jH3vtSm02I%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z
cf-ray: 85b947287ab5911e-FRA
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 main.css
cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043518001/1708668111675/News_Direct_Theme/css/ 53 KB
12 KB 86ms
65ms Stylesheet
text/css 2606:4700::6810:6fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043518001/1708668111675/News_Direct_Theme/css/main.css
Requested by: Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0d7bdc608132b8246ddf7ced6c0f78de99f6c3676390e5dbb7aba126cf1f128

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: b129620a-69e1-4414-a1f0-5751df56399d
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 147
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b129620a-69e1-4414-a1f0-5751df56399d
last-modified: Fri, 23 Feb 2024 06:01:52 GMT
server: cloudflare
etag: W/"99d816883b76e6eba6ef5bcd512b27a7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1708668111675
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uccqO6Yq3v42rlMuGoqUQJVM9KUp1D1yaX0Lka20379ieIDJBU522LNaHDdYM3EX7akFunxAgghy0VrroUyj%2BzJbk0ULDe9ganbl5mwFu%2FbgRsTpZw3uipMpvFLJL2w1mUnHIJ%2B8i2n3j2T2%2B40%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z
cf-ray: 85b947286ab3911e-FRA
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 theme-overrides.min.css
cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043688340/1632518668908/News_Direct_Theme/css/ 13 KB
3 KB 104ms
83ms Stylesheet
text/css 2606:4700::6810:6fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043688340/1632518668908/News_Direct_Theme/css/theme-overrides.min.css
Requested by: Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7b92b7143625ae61e8690fe18bbd51b7cbb72539d715062a583ac00c461ea82

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a3eb0113-77bd-4109-87ac-7d295321aa39
x-hs-alternate-content-type: text/plain
x-envoy-upstream-service-time: 179
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a3eb0113-77bd-4109-87ac-7d295321aa39
last-modified: Fri, 24 Sep 2021 21:24:30 GMT
server: cloudflare
etag: W/"ca929c1803641839c421bfc1029aa680"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1632518669034
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgpUu7g%2B4wNucEVdpFufKBpMYe34isoKyHXAjTT28BdnpNYVgLPiWtw1dEYkI%2BxxnACSDYOu82urd048FZuxT4h0vexEnxWHxSN8jZ%2F8fsQaaK9fTLiMZGAipvsEnoQ60KEKOsRxA4qNByG0rSc%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6
cf-ray: 85b947287ab8911e-FRA
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 custom-styles.min.css
cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41066413777/1708666488638/News_Direct_Theme/css/ 24 KB
7 KB 77ms
55ms Stylesheet
text/css 2606:4700::6810:6fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41066413777/1708666488638/News_Direct_Theme/css/custom-styles.min.css
Requested by: Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 959a9634f70d3b541ff63f77a8025b1fb507a0a57438cbcfa6c5d6ea2ce2e9e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-encoding: br
age: 1542
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"b69da6499d6c1807311084a643136f98"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1708666489470
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 26 Feb 2024 15:38:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: d8866fd1-2f43-428b-a249-9b3bac538fa8
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 148
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: d8866fd1-2f43-428b-a249-9b3bac538fa8
last-modified: Fri, 23 Feb 2024 05:34:50 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40%2F4Of7HPTF873zUsQigxnkmAry6A%2FyQ60KhAgxfJ23nnIsXiD8pTlTBUSpNAj3QeRglQT92R9vykY7HaUs%2BDcF1LWXhiIM1NCRUpa%2BkkK0WFw32zaMz4oOpdEVklZIeCSo9QrF3V96PBx7Wqn8%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6
cf-ray: 85b947287ab9911e-FRA

GET
H2 200 module_41043692174_menu-section.min.css
cdn2.hubspot.net/hub/5691062/hub_generated/module_assets/41043692174/1622211301882/ 4 KB
1 KB 109ms
88ms Stylesheet
text/css 2606:4700::6810:6fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/module_assets/41043692174/1622211301882/module_41043692174_menu-section.min.css
Requested by: Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f85ad9df8d71ac4417a1691718a9dd7997a7889297f851efb65f2a246cef1fe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a6ded364-d983-4489-84d5-1206b60f222d
x-hs-alternate-content-type: text/plain
x-envoy-upstream-service-time: 201
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a6ded364-d983-4489-84d5-1206b60f222d
last-modified: Fri, 28 May 2021 14:15:02 GMT
server: cloudflare
etag: W/"f790847d30f1ea4230ec82f43b87389b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1622211301882
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=li6FIzzkii68KpNgWGmZJ%2FaTffbUIJzjLhX7KsSaZ%2BB3Z%2FIZvUhE2K7wARYio42CMFF33GgIDIfxRsW0HPLlKOm%2FpjlKQx6GJuw7ZL8We3sXdS7%2FSyZBXfucqIB9QkPdg4sXAdjE4oAhC%2BdrTes%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z
cf-ray: 85b947287ab6911e-FRA
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 module_48045610404_footer-mobile-nav.min.css
cdn2.hubspot.net/hub/5691062/hub_generated/module_assets/48045610404/1703228624924/ 178 B
586 B 111ms
89ms Stylesheet
text/css 2606:4700::6810:6fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/module_assets/48045610404/1703228624924/module_48045610404_footer-mobile-nav.min.css
Requested by: Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21edbf5f1ea58c709f2b16fa8223533a366dc03d4565ad6e9148f5f54b17bb25

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: c1cd5dac-4b8f-4abc-91a0-331fa88fdbfb
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 248
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c1cd5dac-4b8f-4abc-91a0-331fa88fdbfb
last-modified: Fri, 22 Dec 2023 07:03:45 GMT
server: cloudflare
etag: W/"b67f011544fa875d444f52520fa2e108"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1703228624924
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIwoj4wetbjH%2BZRokVLdibgBO3v2tcZ4fsMFMSHaT%2FEMMDzj0GgZ%2F3ES5SHxisrFRYI63uV2WyuHtD%2BSxPWCDa3eLI6WUtuxDZATXjw5zZtbKz1PVokEZEbbHhgjFZmFzm6NGPHSVC8GrkYKcY4%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z
cf-ray: 85b947287ab7911e-FRA
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
70 KB 45ms
23ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-160062440-1

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

450b43074139d304f17bc14c7bb63bced29cf4161a3fd794ad7f351d40ce99b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70876
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Feb 2024 15:38:56 GMT

GET
H2 200 fuse.js Show response
cdn.fuseplatform.net/publift/tags/2/3472/ 271 KB
68 KB 89ms
17ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/publift/tags/2/3472/fuse.js
Requested by: Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1da555f8f09fa4aa59c303785c0e81690e822dcfefbdf05ff0090babf146a125

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:56 GMT
content-encoding: gzip
last-modified: Thu, 01 Feb 2024 11:55:58 GMT
server: AkamaiNetStorage
etag: "95096631bd6880e02141878f95343923:1706788557.762997"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 69105
expires: Mon, 26 Feb 2024 16:08:56 GMT

GET
H2

200

isotope.pkgd.min.js Show response
unpkg.com/isotope-layout@3.0.6/dist/
Redirect Chain

https://unpkg.com/isotope-layout@3/dist/isotope.pkgd.min.js
https://unpkg.com/isotope-layout@3.0.6/dist/isotope.pkgd.min.js

35 KB
10 KB

17ms
17ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/isotope-layout@3.0.6/dist/isotope.pkgd.min.js

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7561124
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGHP87QSN6838D6WTPM68TX8-fra
server: cloudflare
etag: W/"8a75-xOWZTyTujI0s8tZgLwtWuQlqLpg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 85b9472e0cad91f3-FRA

Redirect headers

date: Mon, 26 Feb 2024 15:38:57 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: EXPIRED
fly-request-id: 01HQK13DB5SCGJB864JWSW9EMW-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /isotope-layout@3.0.6/dist/isotope.pkgd.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 85b9472888fb91f3-FRA

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 42ms
18ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82cf6c06a8d7a89854fc20155b5613bc5886627c0da0305204824864854bec8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 15:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 14:25:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 15:38:56 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 100 KB
19 KB 36ms
15ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: http://newsdirectcorp-5691062.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 418025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18861
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-49ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkEQljqQ9xrAfaCZMF3RRIHhM%2BdJGUImx51dpph9iwE6QjhdlhZQssrgKowvNwMH9Ye4PTzDjWVRuTJiuoAt03RKNiwAl%2BCKYBnJxmtP7xINCD43ug2Ucu9l%2Fn7rjIXu8QojfBmYc2woA7VSfvkR%2FBYP"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85b947286f373808-FRA
expires: Sat, 15 Feb 2025 15:38:56 GMT

GET
H2 200 NewsDirect_LockupONNAVY_RGB-1.png
www.newsdirect.com/hs-fs/hubfs/ 12 KB
13 KB 88ms
30ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newsdirect.com/hs-fs/hubfs/NewsDirect_LockupONNAVY_RGB-1.png?width=1584&height=720&name=NewsDirect_LockupONNAVY_RGB-1.png

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0269d8521363d5a6970e3bedce754e73e0bd03d8f158cdc0be5737187361dfc4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 1de7ecec44e546a1e71d662ee3f2ba42.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-155457998258,P-5691062,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 12030
cf-resized: internal=ok/m q=0 n=755+121 c=0+0 v=2024.1.3 l=12030
last-modified: Fri, 02 Feb 2024 20:07:58 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfF-P0z4G95mMpmUH1_1ehOCfj5F1Lr7pfCaf3B4mjDQ:2975061fc5e8b9c12d2762bbad6e9669"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Q8ba649qfVFO74T3wtXdcbPb38LH3BwhiKHIIW8Dn81RY5X7hJYjZn1P3mATzpZ4O%2F1c7bNHDaPVVktIh2%2FemHp7RO7tSKRQrhs2g825Zr4g8Khh4QfLx%2BldP3KofY7HipE8SUngiUeYlj38nO67Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 85b94728ab21bb7a-FRA

GET
H2 200 Menu.svg
5691062.fs1.hubspotusercontent-na1.net/hubfs/5691062/raw_assets/public/News%20Direct%20Theme/images/ 617 B
1 KB 84ms
57ms Image
image/svg+xml 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5691062.fs1.hubspotusercontent-na1.net/hubfs/5691062/raw_assets/public/News%20Direct%20Theme/images/Menu.svg
Requested by: Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6f59c93d2a3daaf97137639b5a3144859d90a8a809c6f01478e75e5b643200

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
via: 1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-meta-cache-tag: F-48003542793,FD-41043654532,P-5691062,FLS-ALL
x-amz-version-id: WOdJQi4EsOa67MyD5xytm.48.EzEajIx
age: 20101
x-amz-cf-pop: FRA60-P7
x-amz-server-side-encryption: AES256
x-amz-request-id: TZG5F67ESW9H84RC
x-hs-alternate-content-type: text/plain
edge-cache-tag: F-48003542793,FD-41043654532,P-5691062,FLS-ALL
cache-tag: F-48003542793,FD-41043654532,P-5691062,FLS-ALL
x-amz-meta-index-tag: none
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-id-2: HGcR82E+YmxuphiGAkGipjXvQG4QnzeQCRt3NNFcy2luwpmW1ozzB77B4OWBrb/AhpAAL4TRBkxIJABSW79O4GjvAXu17Io9
last-modified: Thu, 27 May 2021 19:04:53 GMT
server: cloudflare
etag: W/"34b6c0921403f045124873a9df7f8e23"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1622142292673
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 85b9472a48141c9f-FRA
x-robots-tag: none
x-amz-cf-id: P78No_pf_jqQi_z2Zyh6Oy8I_ycSJawTzXLCS8Ff-GZUyEGXQUcuJQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 Close.svg
5691062.fs1.hubspotusercontent-na1.net/hubfs/5691062/raw_assets/public/News%20Direct%20Theme/images/ 630 B
721 B 30ms
30ms Image
image/svg+xml 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5691062.fs1.hubspotusercontent-na1.net/hubfs/5691062/raw_assets/public/News%20Direct%20Theme/images/Close.svg
Requested by: Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c46dd569fd343033bf8b4d282c7394c7628756dabd3f5ae5a1ca5db4365ce27

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
via: 1.1 7115bbde016dc7107bc64db76ba40c56.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-meta-cache-tag: F-48005355957,FD-41043654532,P-5691062,FLS-ALL
x-amz-version-id: 1Q6MpWDdfzqBSv._T.UKi_KTullsZV.Q
age: 20101
x-amz-cf-pop: FRA60-P7
x-amz-server-side-encryption: AES256
x-amz-request-id: TZG71XE4TK6D9KSE
x-hs-alternate-content-type: text/plain
edge-cache-tag: F-48005355957,FD-41043654532,P-5691062,FLS-ALL
cache-tag: F-48005355957,FD-41043654532,P-5691062,FLS-ALL
x-amz-meta-index-tag: none
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-id-2: zaBGnU3pD24RepfXTJS+Wd1zkbDpQX1jgeE45JXpfF5rlldlzIyAt0mh5XZg3AxHIz/DdUZgY2c=
last-modified: Thu, 27 May 2021 19:04:53 GMT
server: cloudflare
etag: W/"08a8c2f878d4556a9fabaaecfdd43ed6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1622142292662
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 85b9472aa86b1c9f-FRA
x-robots-tag: none
x-amz-cf-id: o8GHhXBGYSv9UXxn2f004lUyljMOv98AqSdIyYYFgJQf251OMuY16g==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.388/ 14 KB
6 KB 16ms
16ms Script
application/javascript 2606:4700::6810:e05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
x-amz-version-id: GNgANes_HpxlXMl5IDFfVeYnBgfaeeYN
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 2037661
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Aug 2023 19:48:57 GMT
server: cloudflare
etag: W/"8741985292d64b839be39c64b14f3783"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0Q45j%2FmypltU%2BdbbueQtynadq45lOVieYlgAXmqip08YutTmDBaER%2BH%2BbxQfe83Av6SXayN8kuAB24PxbuJIzDCulw6qLRDH%2BiTLba65xMGWjdXwqUN16SQ2AE9pClYaamsGzyS%2FLmsKhTQO8lHvrdxNAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85b9472adef9916a-FRA
x-amz-cf-id: TTCa0jb3HBZtzYsrMuhwBwdNP6iIIF3tbLvWS06j1pDOOAV4QK2IGA==
expires: Tue, 25 Feb 2025 15:38:57 GMT

GET
H2 200 main.min.js Show response
cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41044183505/1622202153243/News_Direct_Theme/js/ 1 KB
1008 B 57ms
57ms Script
application/javascript 2606:4700::6810:6fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41044183505/1622202153243/News_Direct_Theme/js/main.min.js
Requested by: Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2db8deb6e51f3c2a04cf60a0420bc305122df58418be8fa3f8230f482b06828

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 94a43dc0-7b9a-41a5-bc82-5ef0c33331b9
x-hs-alternate-content-type: text/plain
x-envoy-upstream-service-time: 169
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 94a43dc0-7b9a-41a5-bc82-5ef0c33331b9
last-modified: Fri, 28 May 2021 11:42:34 GMT
server: cloudflare
etag: W/"59b039040e03c800cd7a424855d9d5a1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1622202153572
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgIyJ5sQRtJEUd6UpGXBH88O4KQ1Q%2F%2BWL2BvabUPW84hG8K7e8icRtycfPwrdwHvtbvVz6ymndSAIehDhkrduX8m7igfnJJhJorBW3vMf%2FPfDFP0AyvTjz8WV9BqVuSrR%2FiIcHDKAqq%2BF72mmtE%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6
cf-ray: 85b947288acc911e-FRA
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 project.js Show response
static.hsappstatic.net/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 16ms
16ms Script
application/javascript 2606:4700::6810:e05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/cos-i18n/static-1.53/bundles/project.js

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:56 GMT
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 464405
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLElt%2BVh9A4Rf3Ke52JtBWiQcpIRsArwFwGCcZOzbbgrcCXZ%2B6ipSsiRc6WmWyBvfQRhQpSBb5yTnIt0hoQUBdlpjgfenSuRzl646KrOFPo8WorHDChD4DH5p%2F3rA2qdFg74k4ZA%2F%2BvDBDGmam6lf6UD72o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85b94728dd34916a-FRA
x-amz-cf-id: 0XXgDRCSXt7-fAQgIbMgMJFben3uCGWfWq_LLLGQOEZSjXtRaJd0Xw==
expires: Tue, 25 Feb 2025 15:38:56 GMT

GET
H2 200 module_41043692174_menu-section.min.js Show response
cdn2.hubspot.net/hub/5691062/hub_generated/module_assets/41043692174/1622211301701/ 2 KB
2 KB 36ms
36ms Script
application/javascript 2606:4700::6810:6fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/module_assets/41043692174/1622211301701/module_41043692174_menu-section.min.js
Requested by: Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93f62f58c1b2bfbe94bb13e1e5cca57f6c27baddf7787c47f37b5914be180433

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 5bfeeb40-f035-4913-9e90-3ddec3e228b0
x-hs-alternate-content-type: text/plain
x-envoy-upstream-service-time: 159
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5bfeeb40-f035-4913-9e90-3ddec3e228b0
last-modified: Fri, 28 May 2021 14:15:02 GMT
server: cloudflare
etag: W/"7f6c96105e49025e4c4f70a9d87f635c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1622211301701
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJY4W7ABKbDP8MPKfl3%2FzXwOCIbaOz7pc3WPxVyB3MaUE1GOY8l3p3nBb8RYTlZLsZhuG0oYtk0Ym0fjFAG0cBp0C2%2F0Ywu%2F3DvcxqP9RyhAbvBYnYpYSfo39lQBQ4bXX4sz32TYUYLgm2ZqWuc%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6
cf-ray: 85b94728eb01911e-FRA
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 5691062.js Show response
newsdirectcorp-5691062.hs-sites.com/hs/scriptloader/ 3 KB
1 KB 64ms
46ms Script
application/javascript 2606:4700::6811:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsdirectcorp-5691062.hs-sites.com/hs/scriptloader/5691062.js

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84daf4af90cf867d20cf994aff71c65c9392ae1cc00ce1a898355da78cfab361

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 43
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=2926
x-hubspot-correlation-id: 34843d3a-a5f4-42c7-b983-6f5e84bc22fa
x-envoy-upstream-service-time: 356
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 34843d3a-a5f4-42c7-b983-6f5e84bc22fa
last-modified: Mon, 26 Feb 2024 15:38:14 GMT
cf-bgj: minify
server: cloudflare
x-trace: 2BD2D5D4A4DEDE00AD39C982F80FE9409B77EBCD0C000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://newsdirect.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-59d6fb747d-tk24p
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 85b9472b1abd3836-FRA
expires: Mon, 26 Feb 2024 15:40:27 GMT

GET
H2 200 index.js Show response
static.hsappstatic.net/HubspotToolsMenu/static-1.306/js/ 12 KB
5 KB 18ms
18ms Script
application/javascript 2606:4700::6810:e05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/HubspotToolsMenu/static-1.306/js/index.js

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ece800b64104306a9cbd7d25e04cd00d059860f9911ffc7979f2c2453c98fa4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
x-amz-version-id: nkYWEsJeBBBSkgKe.x3v3cHrmwsGmdMQ
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 255368
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 22 Feb 2024 19:54:51 GMT
server: cloudflare
etag: W/"67f399904da15fb5553302476b8bd9db"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHYbHqvCpnFWjwmsy1r8mRQxtgyKR0eEHYhdW9oY4IqabBSt6ggqys5etibZioVKVfuItv8DBhDbkrJTJRWlpo7qsi26AdIc0BlXwn31tL1xmVY3z9CYHRCheSAeIlh76JykzV9O8ZvG%2B2SIaR3kLMk%2Fjhk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 85b9472b6f64916a-FRA
x-amz-cf-id: czch7eyRXRC1VFUdtHA0ChtYmvUfza-gOXcAwRxiect-6tMiKkhhAg==
expires: Tue, 25 Feb 2025 15:38:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
82 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-17876VYMX9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-160062440-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a180ae38bc7cc55936f488f9d820d8fc44f14a30d65198b4864bbcbbadc2c068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83556
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Feb 2024 15:38:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-160062440-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Feb 2024 15:32:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 414
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 26 Feb 2024 17:32:03 GMT

GET
H2 204 choice.js Show response
cmp.inmobi.com/choice/PRrmquD1Ggcb1/newsdirectcorp-5691062.hs-sites.com/ 0
449 B 95ms
43ms XHR
text/plain 2600:9000:238d:e600:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/newsdirectcorp-5691062.hs-sites.com/choice.js?tag_version=V2
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/3472/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:e600:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:56 GMT
via: 1.1 6750d77433312fa1bf305e9ae7af80ae.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: AMS1-P1
access-control-max-age: 3000
access-control-allow-methods: GET
x-cache: Miss from cloudfront
access-control-allow-origin: http://newsdirectcorp-5691062.hs-sites.com
cache-control: max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-amz-cf-id: l1i0yxoM_cPTf7H0yo6miN92IJUc15yaX5UVDBVIWQlUSmfp_P7ldw==

GET
H2 200 prebid-9d7424b625ebceecbda06acbe2dc3478.js Show response
cdn.fuseplatform.net/prebid/ 318 KB
102 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/prebid/prebid-9d7424b625ebceecbda06acbe2dc3478.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/3472/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8fae0d734a5139904ecbccc1257e5d3236179daa602dc0ed06d0616b051b88e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
content-encoding: gzip
last-modified: Thu, 01 Feb 2024 11:55:57 GMT
server: AkamaiNetStorage
etag: "2c8b74c3f5215eef628904fdbd3b34aa:1706788557.855309"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400000
accept-ranges: bytes
content-length: 104195
expires: Sun, 22 Nov 2026 15:38:57 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 287 KB
72 KB 86ms
27ms Script
application/javascript 18.239.30.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/3472/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.30.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-30-197.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ef56a843eaeea072e78aa174bcb41ea0b4eacc38bb472f37cf8cb5d22108578

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:37 GMT
content-encoding: gzip
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 0b7cb67940347be0c4ee6f93e9091938.cloudfront.net (CloudFront)
last-modified: Tue, 13 Feb 2024 20:28:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, AMS58-P2
age: 21
x-amz-server-side-encryption: AES256
etag: W/"39a6e4e395af0da8e1832e836548faa1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: KXgPYk3bqak8msdzu3MR6QQuJcjjsFJyl-iy6y4EaQqGyu738m2aJw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 70ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/3472/fuse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a59ac456eda105461ef75a7402a4f8d49ca21b50ce151a4a072cdaa4965d909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28779
x-xss-protection: 0
server: cafe
etag: 87 / 19779 / m202402200101 / config-hash: 8786292873359934690
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 15:38:57 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
281 B 40ms
8ms Fetch
text/plain 2a02:26f0:480:f::213:7ec4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?v=1&ttm=1708961936991&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=17af7f5a-f975-57ed-9ef5-89b4975005dc&fid=3472&pubid=9&url=http%3A%2F%2Fnewsdirectcorp-5691062.hs-sites.com%2F&sid=938d6ff63d4457182aeb&srate=100&adserver=gpt&etm=725&e=fuse-load&tenant=publift&account=newsdirect
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/3472/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: http://newsdirectcorp-5691062.hs-sites.com
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Mon, 26 Feb 2024 16:08:57 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
220 B 15ms
15ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=547872084&t=pageview&_s=1&dl=http%3A%2F%2Fnewsdirectcorp-5691062.hs-sites.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1114339927&gjid=985067696&cid=1199153593.1708961937&tid=UA-160062440-1&_gid=1304783922.1708961937&_r=1&gtm=457e42l0za220&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=269741592

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://newsdirectcorp-5691062.hs-sites.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 15:38:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://newsdirectcorp-5691062.hs-sites.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 31ms
15ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240226

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-9d7424b625ebceecbda06acbe2dc3478.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30133a8833424dc428b549a96cea8a0032193231c7567c970c1199a9d70bd4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://newsdirectcorp-5691062.hs-sites.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41880
x-jsd-version: 1.0.1977
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21928-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"642-NEhEqwdEafUY3Ef3ScEu7h++eNA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hl8bagJkPgHUWuBEonnc79jNmepymuKtziTw2tMxWyAeBHTxFOjAWeSLqG7jQmWXfvKIp1uOxEderB7z2m219f9uy%2BLgAPO15yVj42mBxj6srOFz8bKZEaCGhP1ZN8A1SAO%2BSUyuSMBUOPZxwoY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 85b9472c4f3d3654-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
362 B 51ms
17ms XHR
text/plain 2a00:1450:400c:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-160062440-1&cid=1199153593.1708961937&jid=1114339927&gjid=985067696&_gid=1304783922.1708961937&_u=YEBAAUAAAAAAACAAI~&z=273829585

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://newsdirectcorp-5691062.hs-sites.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 26 Feb 2024 15:38:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://newsdirectcorp-5691062.hs-sites.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 66ms
43ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-160062440-1&cid=1199153593.1708961937&jid=1114339927&_u=YEBAAUAAAAAAACAAI~&z=1889769908

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 15:38:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 65ms
42ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-160062440-1&cid=1199153593.1708961937&jid=1114339927&_u=YEBAAUAAAAAAACAAI~&z=1889769908

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 15:38:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 48ms
21ms XHR
application/javascript 18.239.30.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.30.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-30-197.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:13:15 GMT
x-amz-version-id: zAzTUTyWdb3XqcnMawAeZe8qgTonWA7_
content-encoding: gzip
via: 1.1 f7534ef0cb2fd28f5c17e7cc694ad68a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 1543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 20 Feb 2024 13:16:39 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: TNZ7Zx9Ni0XbitYbkKY3X1fZt9VLsQMIzVTI7XP7VWAEsUjCTu63-Q==

GET
H2 200 8b48e249-e9e6-4a52-8b48-396ea93403e8 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
829 B 41ms
7ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/8b48e249-e9e6-4a52-8b48-396ea93403e8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: a79086333dd884effafca5b9935e773da7257e25a5b6041fd4fc69e0799325bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:29:06 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 591
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: Cv_wCdM6f_DEhOjPX3fXq6amIWjKDfVVlNEdVGLnngJtJAjZ6soDFw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
323 B 22ms
22ms XHR
text/plain 18.239.30.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fnewsdirectcorp-5691062.hs-sites.com&pubid=8b48e249-e9e6-4a52-8b48-396ea93403e8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.30.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-30-197.ams58.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:13:13 GMT
via: 1.1 0b7cb67940347be0c4ee6f93e9091938.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P2
age: 1543
x-cache: Hit from cloudfront
access-control-allow-origin: http://newsdirectcorp-5691062.hs-sites.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: fnIwtcA3bPELZGN9XjiUlyUrwKntCDZkij0YMtMQ7YJfIsaE6ou5Ew==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/ 428 KB
135 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ae3dcf8002e428f15567c5a304172fe086cf525cc41c02a83c091989152e4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 05:12:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37609
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137981
x-xss-protection: 0
server: cafe
etag: 12437356588311396475
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 25 Feb 2025 05:12:08 GMT

GET
H2 200 Hurme-HurmeGeometricSans2-Bold.otf
f.hubspotusercontent10.net/hubfs/5691062/fonts/ 357 KB
358 KB 109ms
79ms Font
application/x-font-otf 2606:4700::6813:f912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://f.hubspotusercontent10.net/hubfs/5691062/fonts/Hurme-HurmeGeometricSans2-Bold.otf

Requested by

Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043729886/1622202155019/News_Direct_Theme/css/newsdirect.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:f912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1199deed4086cac3beaab066c39d29685ceb66e6fd19b8effd79fcbcc71c17cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdn2.hubspot.net/
Origin: http://newsdirectcorp-5691062.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-41067117986,FD-28402948615,P-5691062,FLS-ALL
x-amz-request-id: 6PMRAXEXWRBR62FP
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41067117986,FD-28402948615,P-5691062,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "67e178c65bdfa1e29ae91ca24862544d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-font-otf
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1611853166299
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 26 Feb 2024 15:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: yVK_QWYRjtkx8.R3s4KbnlT24HpB17Cm
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-41067117986,FD-28402948615,P-5691062,FLS-ALL
x-amz-meta-index-tag: all
content-length: 365144
x-amz-id-2: Tz8g0S+qV3xgt8B5Wl8/IIoYYBOq5Uo9tbzMTxokvuhBsJJExnRPj17xKVZq7fAaWLfN+EAF2Q8=
last-modified: Thu, 28 Jan 2021 16:59:27 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 85b9472e5fdb2bdf-FRA
x-amz-cf-id: CRqIqABtYRHCjZCPoZZ9T3RzApnP8Nxrqaq-rNG1C_NFKRI--N1SIQ==

GET
H2 200 Hurme-HurmeGeometricSans2-Light.otf
f.hubspotusercontent10.net/hubfs/5691062/fonts/ 334 KB
334 KB 117ms
86ms Font
application/x-font-otf 2606:4700::6813:f912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://f.hubspotusercontent10.net/hubfs/5691062/fonts/Hurme-HurmeGeometricSans2-Light.otf

Requested by

Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043729886/1622202155019/News_Direct_Theme/css/newsdirect.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:f912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4f9ff10be3eeaff61855fb05c3cec1825ad0ff84708e9795e024835b344f54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdn2.hubspot.net/
Origin: http://newsdirectcorp-5691062.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-41067288680,FD-28402948615,P-5691062,FLS-ALL
x-amz-request-id: NBBEQHMEH50Z9M48
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41067288680,FD-28402948615,P-5691062,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "3289e6bebbfc5c098a82c79b1f61c2e1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-font-otf
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1611853166494
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 26 Feb 2024 15:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: JNkt_30L6fxead1ACdfb8r2vKNeGn8cy
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-41067288680,FD-28402948615,P-5691062,FLS-ALL
x-amz-meta-index-tag: all
content-length: 341580
x-amz-id-2: yZ5b86rBQvPJ3z8juouXi15WdT9irKSVGjU96eVe85yNC0U/dDTixIFjNZlti5fjcT1eZJtIX7I=
last-modified: Thu, 28 Jan 2021 16:59:27 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 85b9472e5fde2bdf-FRA
x-amz-cf-id: qX6KfoqYSRUzCbxSx0ncvPfgh8j27ZEyLwyQgPrYEHSGf0drFqmH4A==

GET
H2 200 Hurme-HurmeGeometricSans2-Regular.otf
f.hubspotusercontent10.net/hubfs/5691062/fonts/ 326 KB
327 KB 966ms
936ms Font
application/x-font-otf 2606:4700::6813:f912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://f.hubspotusercontent10.net/hubfs/5691062/fonts/Hurme-HurmeGeometricSans2-Regular.otf

Requested by

Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043729886/1622202155019/News_Direct_Theme/css/newsdirect.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:f912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b9c9a65c75a19e22ae5ebd87d6b04f1e1088d0ef0ff4802367301619c610638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdn2.hubspot.net/
Origin: http://newsdirectcorp-5691062.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-41067121036,FD-28402948615,P-5691062,FLS-ALL
x-amz-request-id: VHJP6ZJDCYJ49YYN
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41067121036,FD-28402948615,P-5691062,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "ac936ad13b87ff77d904e57d48258422"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-font-otf
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1611853166496
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 26 Feb 2024 15:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: 5xkTYB3abdyX6HjiHZJBYQjfifqsFUlE
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-41067121036,FD-28402948615,P-5691062,FLS-ALL
x-amz-meta-index-tag: all
content-length: 333528
x-amz-id-2: +VnozMbBKp6Hvx/N9mdqg0kPRfudigoQOZtcfTU3/SmdsxNkqsdEZIXWMaz1R08MW/3ZzDqtcawmv51UWFSBMCA8MdUcBrJD
last-modified: Thu, 28 Jan 2021 16:59:27 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 85b9472e5fdf2bdf-FRA
x-amz-cf-id: tgEI2ifeKdSk9fXbjxMRsOxZzKMdPlrq-lpSGcuoMfcIqnqnTG_84Q==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 37ms
14ms Script
application/javascript 2606:4700::6811:e4a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: https://newsdirectcorp-5691062.hs-sites.com/hs/scriptloader/5691062.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e4a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d17f975406cf67aa25713480b74e54d0a0d46eb74c513d868f64f558528b02d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
x-amz-version-id: gn63xUg6zzg1k8pMpqxMjVgxO__FVf8Q
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 491
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.531/bundles/pixels-release.js&cfRay=85b93b2e2c8b2bd5-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 5393d5f0-8709-4923-9478-2084b02ae576
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5393d5f0-8709-4923-9478-2084b02ae576
last-modified: Mon, 26 Feb 2024 15:10:38 UTC
server: cloudflare
etag: W/"f13484b5342c1944e3cfb9a5ef539706"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-58mtb
cf-ray: 85b9472e59102bcd-FRA
x-amz-cf-id: JuidHCFvZCgpsiR9Am-CqQMbXzlzP7IW_vyx3rnEs6x4WWWT1jxW8w==
x-hs-target-asset: adsscriptloaderstatic/static-1.531/bundles/pixels-release.js

GET
H2 200 5691062.js Show response
js.hs-banner.com/ 61 KB
17 KB 39ms
17ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5691062.js
Requested by: Host: newsdirectcorp-5691062.hs-sites.com
URL: https://newsdirectcorp-5691062.hs-sites.com/hs/scriptloader/5691062.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34f4f4673c2e39486f257155db2cc389c3ed031d5a12154b59a876bfe21336ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
x-amz-version-id: at5q1ET2OOTRlmTePOf.RfX1i26hzYXE
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 4KGCMP27G9VNB5KZ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a400b9e5-e742-4bca-8e48-15f6312311cc
age: 162
x-envoy-upstream-service-time: 26
x-amz-id-2: 3rlTDMQP/QlXETXzwRf2LCgJ+ml7HaxPtbO7wx3JVvmFlia/XebTXl/tKRXlKdJ+GN0d/3ty+cg=
x-evy-trace-listener: listener_https
x-request-id: a400b9e5-e742-4bca-8e48-15f6312311cc
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 08 Feb 2024 17:58:37 GMT
server: cloudflare
etag: W/"cb84f8d5bc76f600a93e1acfc428dece"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.newsdirect.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-rk9w9
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 85b9472e5857bb7a-FRA
expires: Mon, 26 Feb 2024 15:41:15 GMT

GET
H2 200 5691062.js Show response
js.hs-analytics.net/analytics/1708961700000/ 66 KB
21 KB 206ms
183ms Script
text/javascript 2606:4700::6810:4fba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1708961700000/5691062.js
Requested by: Host: newsdirectcorp-5691062.hs-sites.com
URL: https://newsdirectcorp-5691062.hs-sites.com/hs/scriptloader/5691062.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f770a6aa42fe7aa5538999cb3677b2753405e958ba720ed0e47deab4c88f0ad1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: F0VJ2C9WE6QEPYQ3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 96f1e443-c260-47bf-9b70-7f7cba0807b6
x-envoy-upstream-service-time: 58
x-amz-id-2: SBgUhL+x47xbxutVypTHl8+jtwSc4o2Smsi6UM1w9H0TePkFEA3mjt2qxEmYPSOiGI/xLCx+HsQKw79jqkSxFA==
x-evy-trace-listener: listener_https
x-request-id: 96f1e443-c260-47bf-9b70-7f7cba0807b6
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 08 Feb 2024 17:58:35 GMT
server: cloudflare
etag: W/"015215d9c1ab8fbd4e600291dfc0f0cd"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-pbxg4
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 85b9472e59203654-FRA
expires: Mon, 26 Feb 2024 15:43:57 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 83 KB
25 KB 144ms
121ms Script
application/javascript 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: https://newsdirectcorp-5691062.hs-sites.com/hs/scriptloader/5691062.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee9f2f620122112ded1f6498ba96d1c797429ab7c07806f689ed5d7142c15973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://newsdirectcorp-5691062.hs-sites.com/
Origin: http://newsdirectcorp-5691062.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.911/bundles/project.js&cfRay=85b9472e59d71c73-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"0e31e7204888ce69b5f5486b7f3c8806"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.911/bundles/project.js
date: Mon, 26 Feb 2024 15:38:57 GMT
x-amz-version-id: 6TFkQJ5lE2FVj1l7Z_pBZDXw00jHreli
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 100b5f83-05e0-48bc-85b1-06edb7f49bf3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-request-id: 100b5f83-05e0-48bc-85b1-06edb7f49bf3
last-modified: Thu, 22 Feb 2024 11:41:13 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aCI3oee2UoIufBH5CAAbl%2FMwHRtngvgbiJDDqnlpP1ZDsctNmfle61kA%2BjG4vo4szkpcemjoTzrl7%2Fsx8NKzoWi4uCQleLPpSCkIuk1He16%2F0uSKOCK5IZ%2B%2F%2BvyFRB7APCFFnkX4HHyZQON"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-g6knn
cf-ray: 85b9472e59d71c73-FRA
x-amz-cf-id: TxiLp-duLScfmOQh5xETaaZnLHRg9uJsl3VXyz9I6k08OKDadFuIkg==

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 143ms
120ms Script
application/javascript 2606:4700::6812:7c0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: https://newsdirectcorp-5691062.hs-sites.com/hs/scriptloader/5691062.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0eb564e8b104002217b23d191c384d64d77b30fa37b0f124db645e16096cfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://newsdirectcorp-5691062.hs-sites.com/
Origin: http://newsdirectcorp-5691062.hs-sites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1313/bundle/main/lead-flows-release.js&cfRay=85b9472e5eed9b45-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"2a6dc24f5ac6c8a7eefaadde95ff2129"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1313/bundle/main/lead-flows-release.js
date: Mon, 26 Feb 2024 15:38:57 GMT
x-amz-version-id: ukHk26vS_rf4a6X6Ik2.9R2qKIwOxT4G
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 87cae147-2b56-49ff-98a3-b2d6d8f00212
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-request-id: 87cae147-2b56-49ff-98a3-b2d6d8f00212
last-modified: Tue, 06 Feb 2024 10:46:39 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-zx9hx
cf-ray: 85b9472e5eed9b45-FRA
x-amz-cf-id: UX6dc858g_3vzeFYvjajQsd0fEKNSxyctBmVics8d91qFZ_SlxGevg==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
25 KB 38ms
16ms Script
application/javascript 2606:4700::6811:f9a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: https://newsdirectcorp-5691062.hs-sites.com/hs/scriptloader/5691062.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f9a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67a2ef843448fd18bbff44f59c6347d9ac79b757722a14988efbc9210a02e0a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
x-amz-version-id: pcABCp7aTfnslFOuXS9T9WQPLRPjzj27
via: 1.1 7375f2360b80ec8c602f04aa2cc7a57c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 452
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.15480/bundles/project.js&cfRay=85b93c21cb555d7c-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 650a6bbc-ec0a-4eb9-9cb6-0ae2ca56aa88
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 8
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 650a6bbc-ec0a-4eb9-9cb6-0ae2ca56aa88
last-modified: Thu, 15 Feb 2024 15:13:02 UTC
server: cloudflare
etag: W/"daadcf17e8fb7d655d233f6a0f1e4d72"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: EXPIRED
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-xvt9q
cf-ray: 85b9472e5cb74d84-FRA
x-amz-cf-id: pJqV0qtEYiaZtHFX32tawqbkSnchcG0TnbMzzVooG9poVgqv9pjeVA==
x-hs-target-asset: conversations-embed/static-1.15480/bundles/project.js

GET
H2 204 has-permission-json Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
1 KB 158ms
138ms XHR
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=5691062

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/HubspotToolsMenu/static-1.306/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 276c068c-29c6-4dac-b847-c413146a90e5
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=85b9472e5934bbcb&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: 276c068c-29c6-4dac-b847-c413146a90e5
server: cloudflare
x-trace: 2B367148C56EE313DC829BC5F8CBD1C67F39FBFC14000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
access-control-allow-origin: http://newsdirectcorp-5691062.hs-sites.com
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-r7fvm
cache-control: max-age=0
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 85b9472e5934bbcb-FRA

GET
H2 200 tag Show response
btloader.com/ 125 KB
34 KB 45ms
16ms Script
application/javascript 2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/3472/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c167adcbb853753c2576a0baae115be87af8ea363bb3d83b98a6ddef58b880d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 26 Feb 2024 15:26:53 GMT
server: cloudflare
age: 610
etag: "d5e56a1438e2b0248bccbe4f8c4f28b5"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 85b9472eacb09bd7-FRA
content-length: 34331

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 122 B
1 KB 148ms
132ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=5691062

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2504d825349e7f5c3600432a1d60d201651a1dfd24485eaf33d84d5efabd1985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 799176cf-250f-4c44-9bc9-5582cd811f9d
content-encoding: br
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 799176cf-250f-4c44-9bc9-5582cd811f9d
server: cloudflare
x-trace: 2B44A28F0E24CD0621864C87AA414085A158B27542000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: http://newsdirectcorp-5691062.hs-sites.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-59d6fb747d-62gmh
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmYqsG0avUzeqvuSdOakiXLJkycfDY3gPiyEdkh79QSokar94QUG9ripg43Od4b%2Bl8rtDREsAhEoF7%2FBQUu6Fc%2Fvyz80cOUo3KLmxGissovIPw2DEABqEvR6XJL5yH3zfxc8L6qlGT7hz9o8"}],"group":"cf-nel","max_age":604800}
cf-ray: 85b9472e98ac9b4b-FRA
access-control-allow-headers: *

OPTIONS
H3 200 widget
newsdirectcorp-5691062.hs-sites.com/_hcms/livechat/ 0
0 356ms
345ms Preflight
text/plain 2606:4700::6811:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsdirectcorp-5691062.hs-sites.com/_hcms/livechat/widget?portalId=5691062&conversations-embed=static-1.15480&mobile=false&messagesUtk=46a42475c6684730aae3cfcc5a2fb42d&traceId=46a42475c6684730aae3cfcc5a2fb42d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: http://newsdirectcorp-5691062.hs-sites.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: http://newsdirectcorp-5691062.hs-sites.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85b9472eaef42c35-FRA
content-length: 18
content-security-policy: upgrade-insecure-requests
content-type: text/plain; charset=utf-8
date: Mon, 26 Feb 2024 15:38:58 GMT
server: cloudflare
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-59d6fb747d-mt2zt
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: a985cee0-87d6-4f00-aa68-8cb9fc0a85ed
x-request-id: a985cee0-87d6-4f00-aa68-8cb9fc0a85ed
x-trace: 2B5999BBBC70C7B4A6A81D0E1B2A747CC51D8E971B000000000000000000

GET
H3 200 widget Show response
newsdirectcorp-5691062.hs-sites.com/_hcms/livechat/ 277 B
1 KB 170ms
169ms XHR
application/json 2606:4700::6811:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ffbdbac4b4027a9c09142b33fa5ff687c00f9e14e5f86e902a354e505aa105c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: http://newsdirectcorp-5691062.hs-sites.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:58 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: dcc43c9b-873a-4c66-a9ff-43cc3fb780df
x-envoy-upstream-service-time: 26
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: dcc43c9b-873a-4c66-a9ff-43cc3fb780df
server: cloudflare
x-trace: 2B47D78AE4FAF71638CAF04BA4F7DBE9CD1A5E31DB000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: http://newsdirectcorp-5691062.hs-sites.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-59d6fb747d-hlxx7
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
cf-ray: 85b94730c8f72c35-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 179ms
125ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Feb 2024 15:38:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
926 B 50ms
25ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1857769
x-guploader-uploadid: ABPtcPrkhG4u3vimkxqrGBRR6E7-3rnw0FzfTGCq0WxfaHn2xiTwxAmm1u_Na4KWtyxBcFNUqpbIRdywkA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLdgNF7Vf8%2FMntO3WeV7FVh66e4m%2BM2AGoHtymwg6Ov5jGF%2FXoRajVZkOUdPeDaNbh%2BumoLuVJ%2BwEINuFw5dlln0EmxMcM8FhzPegRJ%2B7hG9oxuUKWMHFex%2BBlOKMsb49PHoUalQ8YTNVXSZqA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 85b9472eea3692ba-FRA
expires: Mon, 05 Feb 2024 03:49:51 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
570 B 70ms
15ms Image
image/x-icon 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 12:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9651
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Feb 2024 12:58:06 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 51ms
26ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.35311253398156417
Requested by: Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1857769
x-guploader-uploadid: ABPtcPrkhG4u3vimkxqrGBRR6E7-3rnw0FzfTGCq0WxfaHn2xiTwxAmm1u_Na4KWtyxBcFNUqpbIRdywkA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwYG1pHv07t6wComDeeKbKOD4HO9YLV0FSGdIIzpP0JGm7kzz%2Bh3nOpOvV96BjutUN%2FqvN3lMuXpBPXyMJGz1aGVDMFmyJMe0YR4AU76yZTbAa9UM1uHOYE9Vz5zBSM%2F%2BaMvjHQmZQJe914sEA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 85b9472eea3792ba-FRA
expires: Mon, 05 Feb 2024 03:49:51 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 82ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-17876VYMX9&gtm=45je42l0v9129973512za200&_p=1708961936814&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&tcfd=1000h&cid=1199153593.1708961937&ul=en-us&sr=1600x1200&pscdl=noapi&_eu=AAAI&_s=1&sid=1708961937&sct=1&seg=0&dl=http%3A%2F%2Fnewsdirectcorp-5691062.hs-sites.com%2F&dt=&en=page_view&_fv=1&_ss=1&tfd=1482
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17876VYMX9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 15:38:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://newsdirectcorp-5691062.hs-sites.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 27ms
26ms Ping
text/plain 2a00:1450:400c:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-17876VYMX9&cid=1199153593.1708961937&gtm=45je42l0v9129973512za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17876VYMX9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 15:38:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://newsdirectcorp-5691062.hs-sites.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 42ms
42ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-17876VYMX9&cid=1199153593.1708961937&gtm=45je42l0v9129973512za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1690427286

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 15:38:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 404 B
1 KB 321ms
320ms Fetch
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=5691062&currentUrl=http%3A%2F%2Fnewsdirectcorp-5691062.hs-sites.com%2F&contentId=null

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

629de5c42a56b67812a858341eb4162b85218eed884271ca47b0388498dc8916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9964d201-a031-45a5-b5be-f1ea1fa47023
content-encoding: br
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9964d201-a031-45a5-b5be-f1ea1fa47023
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: http://newsdirectcorp-5691062.hs-sites.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QnXrNwQkjtngGCDOzlttN1IeFDM8fwBUZHL20dE41FUPL0%2F51arIQ%2FABcc2EcF%2BafxytV3SSN4SvOWSEhNPYT5DRP3zy%2BKEVRaY56nMwh04Bw5k51nbLweJpMfFQA5eE1Ni%2FjohhCp49GlCLVIN9R6kWnEYyqgihOI%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 85b9472f3a9f1c73-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-5xsfj

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 138ms
121ms Image
image/gif 2606:4700::6812:a07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: newsdirectcorp-5691062.hs-sites.com
URL: http://newsdirectcorp-5691062.hs-sites.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Mon, 26 Feb 2024 15:38:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 4ca4f537-6d12-4cca-b267-31d3994cad05
x-envoy-upstream-service-time: 4
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4ca4f537-6d12-4cca-b267-31d3994cad05
Last-Modified: Mon, 26 Feb 2024 15:38:58 GMT
Server: cloudflare
X-Trace: 2B732B3CA538887C4A6DED74DE857F7AC5986390BF000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-h9f8j
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 85b947315e4c35f6-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 57ms
21ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 26 Feb 2024 15:38:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: tGo7UacIEvPoBR64i8J4MCs6hk/pakzks+5qFDLozG9oChc2mxvPfZvhgd0u94gUB9LWjC0h9j+a/NskvcOxqg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 1
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
613 B 145ms
145ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1638682131&v=1.1&a=5691062&ct=standard-page&ccu=http%3A%2F%2Fnewsdirectcorp-5691062.hs-sites.com%2F404&pu=http%3A%2F%2Fnewsdirectcorp-5691062.hs-sites.com%2F&cts=1708961938601&vi=fea4f4cb189bf588a31c1a11de8dda3a&nc=true&u=233546881.fea4f4cb189bf588a31c1a11de8dda3a.1708961938599.1708961938599.1708961938599.1&b=233546881.1.1708961938599&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e847298c-1575-4944-82b0-945508b81555
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 19
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e847298c-1575-4944-82b0-945508b81555
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2eokbdh5ApCOt6qqKPkaCEBp0cCN77906CZppTUX78DbFiMny9%2Bsv6ucEQQeXZwkNp5WgRBKrg23VCwGTFeV463%2FCfA544pePiMxUEIiOxuWdG1IV0iElqZVb4zYxDPWb%2FF9NTVM1%2Bxr4NYvfqoL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-68f68ffdf9-qkz5l
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 85b947344ed0bbcb-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1014 B 148ms
148ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5691062&utk=fea4f4cb189bf588a31c1a11de8dda3a&__hstc=233546881.fea4f4cb189bf588a31c1a11de8dda3a.1708961938599.1708961938599.1708961938599.1&__hssc=233546881.1.1708961938599&contentId=null&currentUrl=http%3A%2F%2Fnewsdirectcorp-5691062.hs-sites.com%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f35a444ca7baa4164a3412d2390b393f7d862241466a03f1a4d1c640e8c8f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 68e63bb7-47da-449b-bd0a-d03297f1d05d
content-encoding: br
x-envoy-upstream-service-time: 26
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 68e63bb7-47da-449b-bd0a-d03297f1d05d
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: http://newsdirectcorp-5691062.hs-sites.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWEvWgmW%2FrkGLayWFrxDq%2BJ%2FSDN6nm3BbAikBTSsL8MF4CedWHsMuxTxnbT3jfeLpyyM9NffXmgxOvfvTyBLPedBY1tZ%2Bf5AzobmU5FbVassVapfpMdSZPph14VMRpUj664qhGJ4Gv0JW6W6Vqrv"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 85b947344ee31c73-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-5xsfj

GET
H2 200 682327702617354 Show response
connect.facebook.net/signals/config/ 61 KB
13 KB 108ms
107ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/682327702617354?v=2.9.147&r=stable&domain=newsdirectcorp-5691062.hs-sites.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6297ebfa2b35c525f629ffa082a7017df65e4d58af2bcc3fa531ec37538d6da9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 26 Feb 2024 15:38:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: bXfYT/ysVQ+2rCIzogZyBwPl+S2qblzGi21piS/OgEoCeb12IH3oJFMm5lqEgsKxlEZe2xtviv77oEoxpCWhQA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 57ms
19ms Image
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=682327702617354&ev=PageView&dl=http%3A%2F%2Fnewsdirectcorp-5691062.hs-sites.com%2F&rl=&if=false&ts=1708961938829&sw=1600&sh=1200&ud[external_id]=fea4f4cb189bf588a31c1a11de8dda3a&v=2.9.147&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1708961938828.483112224&cs_est=true&ler=empty&cdl=API_unavailable&it=1708961938712&coo=false&exp=e1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newsdirectcorp-5691062.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Feb 2024 15:38:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.newsdirect.com/	1970-01-20 18:42:43	Name: __cf_bm Value: muLgxup0yJ_fMCa2SmFXyt7x1wttqh9c.tLWluTX7OY-1708961936-1.0-AXqf3H63s75qo7Q9ELs4r6x2RJCoRV44FL377FHmqMhLMO3VI82X/g3wPruQrOJOl6wmCAz2XxI78e0oycva9mY=
.www.newsdirect.com/	1969-12-31 23:59:59	Name: __cfruid Value: c46b6127c1f39e993bcb895c02bfa1591ce35293-1708961936
.hs-sites.com/	1969-12-31 23:59:59	Name: __cfruid Value: 4b565ae1822114eba8dbc00b143cb86e03b7fd7d-1708961937
.hs-sites.com/	1970-01-20 18:44:08	Name: _gid Value: GA1.2.1304783922.1708961937
.hs-sites.com/	1970-01-20 18:42:41	Name: _gat_gtag_UA_160062440_1 Value: 1
.hs-sites.com/	1970-01-21 04:18:41	Name: _ga_17876VYMX9 Value: GS1.1.1708961937.1.0.1708961937.60.0.0
.hs-sites.com/	1970-01-21 04:18:41	Name: _ga Value: GA1.1.1199153593.1708961937
.hubspot.com/	1970-01-20 18:42:43	Name: __cf_bm Value: W_Gl0vAa9G3t9jGdl6SdCst3i7d0BXBLymQJbvlmi0g-1708961937-1.0-AQAOmrHM5lJIquRXNTv/QJiPZM52T47ZikMc78gB/war0ALjFj3tWA913Bp0DXZLylXropqiDCPAJhY4Vyb47eo=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: ccag6LMPVrjRjs68aKPRFGens64qaWB3GCY3zmtE0w0-1708961937786-0.0-604800000
.hs-sites.com/	1970-01-20 23:01:53	Name: __hstc Value: 233546881.fea4f4cb189bf588a31c1a11de8dda3a.1708961938599.1708961938599.1708961938599.1
.hs-sites.com/	1970-01-20 23:01:53	Name: hubspotutk Value: fea4f4cb189bf588a31c1a11de8dda3a
.hs-sites.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.hs-sites.com/	1970-01-20 18:42:43	Name: __hssc Value: 233546881.1.1708961938599
.hs-sites.com/	1970-01-20 20:52:17	Name: _fbp Value: fb.1.1708961938828.483112224

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://newsdirectcorp-5691062.hs-sites.com/ Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: http://newsdirectcorp-5691062.hs-sites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://newsdirectcorp-5691062.hs-sites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://newsdirectcorp-5691062.hs-sites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://newsdirectcorp-5691062.hs-sites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://newsdirectcorp-5691062.hs-sites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://newsdirectcorp-5691062.hs-sites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://newsdirectcorp-5691062.hs-sites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/682327702617354?v=2.9.147&r=stable&domain=newsdirectcorp-5691062.hs-sites.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5691062.fs1.hubspotusercontent-na1.net
ad-delivery.net
ad.doubleclick.net
api.btloader.com
api.hubapi.com
app.hubspot.com
btloader.com
c.amazon-adsystem.com
cdn.fuseplatform.net
cdn.jsdelivr.net
cdn2.hubspot.net
cdnjs.cloudflare.com
cmp.inmobi.com
config.aps.amazon-adsystem.com
connect.facebook.net
cta-service-cms2.hubspot.com
f.hubspotusercontent10.net
fonts.googleapis.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
newsdirectcorp-5691062.hs-sites.com
perf-na1.hsforms.com
region1.analytics.google.com
securepubads.g.doubleclick.net
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.newsdirect.com
130.211.23.194
142.250.186.134
18.239.30.197
2001:4860:4802:34::36
2600:9000:238d:e600:1b:cadc:ef40:93a1
2606:2c40::c73c:67e1
2606:4700:10::6816:4bd8
2606:4700:20::681a:346
2606:4700:4400::6812:22e5
2606:4700:4400::ac40:9284
2606:4700::6810:4fba
2606:4700::6810:5814
2606:4700::6810:6fd1
2606:4700::6810:7caf
2606:4700::6810:e05d
2606:4700::6811:190e
2606:4700::6811:ad5d
2606:4700::6811:b05d
2606:4700::6811:cccc
2606:4700::6811:e4a3
2606:4700::6811:f9a8
2606:4700::6812:7c0c
2606:4700::6812:a07d
2606:4700::6813:9a53
2606:4700::6813:9b53
2606:4700::6813:f912
2a00:1450:4001:802::2008
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c1d::9a
2a02:26f0:480:f::213:7ec4
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
99.86.4.39
0269d8521363d5a6970e3bedce754e73e0bd03d8f158cdc0be5737187361dfc4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
0c167adcbb853753c2576a0baae115be87af8ea363bb3d83b98a6ddef58b880d
0c46dd569fd343033bf8b4d282c7394c7628756dabd3f5ae5a1ca5db4365ce27
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
0ef56a843eaeea072e78aa174bcb41ea0b4eacc38bb472f37cf8cb5d22108578
1199deed4086cac3beaab066c39d29685ceb66e6fd19b8effd79fcbcc71c17cf
1da555f8f09fa4aa59c303785c0e81690e822dcfefbdf05ff0090babf146a125
1f35a444ca7baa4164a3412d2390b393f7d862241466a03f1a4d1c640e8c8f94
21edbf5f1ea58c709f2b16fa8223533a366dc03d4565ad6e9148f5f54b17bb25
2504d825349e7f5c3600432a1d60d201651a1dfd24485eaf33d84d5efabd1985
2a59ac456eda105461ef75a7402a4f8d49ca21b50ce151a4a072cdaa4965d909
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881
30133a8833424dc428b549a96cea8a0032193231c7567c970c1199a9d70bd4ae
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
34f4f4673c2e39486f257155db2cc389c3ed031d5a12154b59a876bfe21336ca
450b43074139d304f17bc14c7bb63bced29cf4161a3fd794ad7f351d40ce99b9
5b9c9a65c75a19e22ae5ebd87d6b04f1e1088d0ef0ff4802367301619c610638
6297ebfa2b35c525f629ffa082a7017df65e4d58af2bcc3fa531ec37538d6da9
629de5c42a56b67812a858341eb4162b85218eed884271ca47b0388498dc8916
67a2ef843448fd18bbff44f59c6347d9ac79b757722a14988efbc9210a02e0a4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
74a0009cdd2d448c9c696674eb5ffcdcdf35df57313d2d64e753e454f0fb1a4f
7a6f59c93d2a3daaf97137639b5a3144859d90a8a809c6f01478e75e5b643200
7ae3dcf8002e428f15567c5a304172fe086cf525cc41c02a83c091989152e4cf
82cf6c06a8d7a89854fc20155b5613bc5886627c0da0305204824864854bec8b
84daf4af90cf867d20cf994aff71c65c9392ae1cc00ce1a898355da78cfab361
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8fae0d734a5139904ecbccc1257e5d3236179daa602dc0ed06d0616b051b88e7
93f62f58c1b2bfbe94bb13e1e5cca57f6c27baddf7787c47f37b5914be180433
959a9634f70d3b541ff63f77a8025b1fb507a0a57438cbcfa6c5d6ea2ce2e9e2
9ffbdbac4b4027a9c09142b33fa5ff687c00f9e14e5f86e902a354e505aa105c
a0eb564e8b104002217b23d191c384d64d77b30fa37b0f124db645e16096cfd3
a180ae38bc7cc55936f488f9d820d8fc44f14a30d65198b4864bbcbbadc2c068
a79086333dd884effafca5b9935e773da7257e25a5b6041fd4fc69e0799325bd
b82ae1ebe6e9f83f73cb754e044fa16d9637f7939bdabfaeaf76cfdcbab81125
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c4f9ff10be3eeaff61855fb05c3cec1825ad0ff84708e9795e024835b344f54f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d7bdc608132b8246ddf7ced6c0f78de99f6c3676390e5dbb7aba126cf1f128
d17f975406cf67aa25713480b74e54d0a0d46eb74c513d868f64f558528b02d7
d7b92b7143625ae61e8690fe18bbd51b7cbb72539d715062a583ac00c461ea82
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece800b64104306a9cbd7d25e04cd00d059860f9911ffc7979f2c2453c98fa4d
ee9f2f620122112ded1f6498ba96d1c797429ab7c07806f689ed5d7142c15973
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2db8deb6e51f3c2a04cf60a0420bc305122df58418be8fa3f8230f482b06828
f770a6aa42fe7aa5538999cb3677b2753405e958ba720ed0e47deab4c88f0ad1
f85ad9df8d71ac4417a1691718a9dd7997a7889297f851efb65f2a246cef1fe1

newsdirectcorp-5691062.hs-sites.com Open in urlscan Pro 2606:4700::6811:ad5d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

66 Requests

97 %HTTPS

89 %IPv6

30 Domains

39 Subdomains

37 IPs

3 Countries

2126 kBTransfer

5616 kBSize

14 Cookies

7 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newsdirectcorp-5691062.hs-sites.com Open in urlscan Pro
2606:4700::6811:ad5d Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

97 %
HTTPS

89 %
IPv6

30
Domains

39
Subdomains

37
IPs

3
Countries

2126 kB
Transfer

5616 kB
Size

14
Cookies

66 HTTP transactions
0 data transactions