urlscan.io logo urlscan.io
SecurityTrails logo

partner.upday-content.com Open in urlscan Pro
2606:4700:20::ac43:4abb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ssnews.page.link/PuA5vibY7JKXJgHJA
Effective URL: https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Submission: On February 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 18 domains to perform 35 HTTP transactions. The main IP is 2606:4700:20::ac43:4abb, located in United States and belongs to CLOUDFLARENET, US. The main domain is partner.upday-content.com. The Cisco Umbrella rank of the primary domain is 211825.
TLS certificate: Issued by GTS CA 1P5 on January 16th 2024. Valid for: 3 months.
This is the only time partner.upday-content.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssnews.page.link
1    54.230.206.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-125.ham50.r.cloudfront.net
api.mop.apps.samsung.com
3    2606:4700:20::ac43:4abb (United States)

ASN13335 (CLOUDFLARENET, US)
partner.upday-content.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
3    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
9    18.155.145.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-145-18.ham50.r.cloudfront.net
cdn.privacy-mgmt.com
1    2a02:26f0:480:f::213:7ed3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    52.85.32.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-32-41.ham50.r.cloudfront.net
c.amazon-adsystem.com
1    18.155.152.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-152-89.ham50.r.cloudfront.net
d1fc8wv8zag5ca.cloudfront.net
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    151.101.66.132 (United States)

ASN54113 (FASTLY, US)
partner-content.upday.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    18.155.153.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-153-80.ham50.r.cloudfront.net
config.aps.amazon-adsystem.com
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    54.154.219.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-219-215.eu-west-1.compute.amazonaws.com
com-upday-main.collector.snplow.net
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
9 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4056
44 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
76 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1230
syndication.twitter.com — Cisco Umbrella Rank: 1527
132 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 867
16 KB
3 upday-content.com
partner.upday-content.com — Cisco Umbrella Rank: 211825
99 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 snplow.net
com-upday-main.collector.snplow.net — Cisco Umbrella Rank: 39853
352 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1463
113 KB
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 463
p.typekit.net — Cisco Umbrella Rank: 566
3 KB
1 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
137 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
29 KB
1 upday.com
partner-content.upday.com — Cisco Umbrella Rank: 213856
710 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
31 KB
1 cloudfront.net
d1fc8wv8zag5ca.cloudfront.net
414 B
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 535
111 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
1 samsung.com
api.mop.apps.samsung.com — Cisco Umbrella Rank: 11928
911 B
1 page.link
ssnews.page.link
2 KB
35 18
Domain Requested by
9 cdn.privacy-mgmt.com partner.upday-content.com
cdn.privacy-mgmt.com
3 c.amazon-adsystem.com partner.upday-content.com
c.amazon-adsystem.com
3 unpkg.com 2 redirects partner.upday-content.com
3 partner.upday-content.com api.mop.apps.samsung.com
partner.upday-content.com
2 fonts.gstatic.com fonts.googleapis.com
2 com-upday-main.collector.snplow.net d1fc8wv8zag5ca.cloudfront.net
2 platform.twitter.com partner.upday-content.com
platform.twitter.com
2 cdn.confiant-integrations.net partner.upday-content.com
cdn.confiant-integrations.net
1 securepubads.g.doubleclick.net www.googletagservices.com
1 syndication.twitter.com platform.twitter.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 www.googletagservices.com partner.upday-content.com
1 partner-content.upday.com partner.upday-content.com
1 cdn.jsdelivr.net partner.upday-content.com
1 d1fc8wv8zag5ca.cloudfront.net 1 redirects
1 ads.pubmatic.com partner.upday-content.com
1 p.typekit.net use.typekit.net
1 use.typekit.net partner.upday-content.com
1 fonts.googleapis.com partner.upday-content.com
1 api.mop.apps.samsung.com
1 ssnews.page.link 1 redirects
35 21

This site contains no links.

Subject Issuer Validity Valid
mop.apps.samsung.com
Amazon RSA 2048 M02		 2023-08-02 -
2024-08-29		 a year crt.sh
upday-content.com
GTS CA 1P5		 2024-01-16 -
2024-04-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2024-01-17 -
2024-04-16		 3 months crt.sh
*.privacy-mgmt.com
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.upday.com
R3		 2023-12-22 -
2024-03-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
syndication.twitter.com
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh
com-upday-main.collector.snplow.net
Amazon RSA 2048 M03		 2024-02-02 -
2025-03-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Frame ID: 024828E11D1F628633E1F1E66CD45E34
Requests: 29 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fpartner.upday-content.com
Frame ID: B09FDE2A30219535C6C85D2E094E4946
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Samsung News

Page URL History Show full URLs

  1. https://ssnews.page.link/PuA5vibY7JKXJgHJA HTTP 302
    https://api.mop.apps.samsung.com/news?action=read&target=news_open&url=https%253A%252F%252Fpartner.upday-cont... Page URL
  2. https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

35
Requests

94 %
HTTPS

57 %
IPv6

18
Domains

21
Subdomains

19
IPs

3
Countries

825 kB
Transfer

2670 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ssnews.page.link/PuA5vibY7JKXJgHJA HTTP 302
    https://api.mop.apps.samsung.com/news?action=read&target=news_open&url=https%253A%252F%252Fpartner.upday-content.com%252Farticles%252FEXQKRfEXpLrLJ09Kiqel-A-en-US%253Fsection%253Dbreaking_news_push&rss_url&id=EXQKRfEXpLrLJ09Kiqel-A-en-US&title=Samsung+News&img=https%253A%252F%252Fimg.yana.asideas.de%252Fimage%252Ffetch%252Fw_700%252Ch_394%252Cc_fill%252Cf_webp%252Cq_auto%253Aeco%252Fhttps%25253A%25252F%25252Fstatic.foxbusiness.com%25252Ffoxbusiness.com%25252Fcontent%25252Fuploads%25252F2023%25252F11%25252Ftesla-ceo-elon-musk-forum-rishi-sunak.jpg&pub=Fox+Business&pub_id=foxbusiness.com&pub_logo=https%253A%252F%252Fimg.yana.asideas.de%252Fimage%252Fupload%252Fv1679924899%252Fpublisher-logo%252FFox%252FBanner_-_Fox_Business_-_Light_Mode.svg&theme_color=%23003366&pub_time=2024-02-02T12:40:10Z&ed=en_US&referrer=share-news Page URL
  2. https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ssnews.page.link/PuA5vibY7JKXJgHJA HTTP 302
  • https://api.mop.apps.samsung.com/news?action=read&target=news_open&url=https%253A%252F%252Fpartner.upday-content.com%252Farticles%252FEXQKRfEXpLrLJ09Kiqel-A-en-US%253Fsection%253Dbreaking_news_push&rss_url&id=EXQKRfEXpLrLJ09Kiqel-A-en-US&title=Samsung+News&img=https%253A%252F%252Fimg.yana.asideas.de%252Fimage%252Ffetch%252Fw_700%252Ch_394%252Cc_fill%252Cf_webp%252Cq_auto%253Aeco%252Fhttps%25253A%25252F%25252Fstatic.foxbusiness.com%25252Ffoxbusiness.com%25252Fcontent%25252Fuploads%25252F2023%25252F11%25252Ftesla-ceo-elon-musk-forum-rishi-sunak.jpg&pub=Fox+Business&pub_id=foxbusiness.com&pub_logo=https%253A%252F%252Fimg.yana.asideas.de%252Fimage%252Fupload%252Fv1679924899%252Fpublisher-logo%252FFox%252FBanner_-_Fox_Business_-_Light_Mode.svg&theme_color=%23003366&pub_time=2024-02-02T12:40:10Z&ed=en_US&referrer=share-news
Request Chain 4
  • https://unpkg.com/vue-i18n@8 HTTP 302
  • https://unpkg.com/vue-i18n@8.28.2 HTTP 302
  • https://unpkg.com/vue-i18n@8.28.2/dist/vue-i18n.js
Request Chain 12
  • https://d1fc8wv8zag5ca.cloudfront.net/2.10.2/sp.js HTTP 301
  • https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.10.2/sp.js

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
news
api.mop.apps.samsung.com/
Redirect Chain
  • https://ssnews.page.link/PuA5vibY7JKXJgHJA
  • https://api.mop.apps.samsung.com/news?action=read&target=news_open&url=https%253A%252F%252Fpartner.upday-content.com%252Farticles%252FEXQKRfEXpLrLJ09Kiqel-A-en-US%253Fsection%253Dbreaking_news_push...
1 KB
911 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.mop.apps.samsung.com/news?action=read&target=news_open&url=https%253A%252F%252Fpartner.upday-content.com%252Farticles%252FEXQKRfEXpLrLJ09Kiqel-A-en-US%253Fsection%253Dbreaking_news_push&rss_url&id=EXQKRfEXpLrLJ09Kiqel-A-en-US&title=Samsung+News&img=https%253A%252F%252Fimg.yana.asideas.de%252Fimage%252Ffetch%252Fw_700%252Ch_394%252Cc_fill%252Cf_webp%252Cq_auto%253Aeco%252Fhttps%25253A%25252F%25252Fstatic.foxbusiness.com%25252Ffoxbusiness.com%25252Fcontent%25252Fuploads%25252F2023%25252F11%25252Ftesla-ceo-elon-musk-forum-rishi-sunak.jpg&pub=Fox+Business&pub_id=foxbusiness.com&pub_logo=https%253A%252F%252Fimg.yana.asideas.de%252Fimage%252Fupload%252Fv1679924899%252Fpublisher-logo%252FFox%252FBanner_-_Fox_Business_-_Light_Mode.svg&theme_color=%23003366&pub_time=2024-02-02T12:40:10Z&ed=en_US&referrer=share-news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.206.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-206-125.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
34
content-encoding
gzip
content-type
text/html
date
Fri, 02 Feb 2024 17:14:59 GMT
etag
W/"f1179b610e30a509bb94f262185aefea"
last-modified
Fri, 13 Oct 2023 05:05:22 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 67c53a3f025013bfb9704050f9d1933a.cloudfront.net (CloudFront)
x-amz-cf-id
ZYHqJh3yieVocF7LXdqXmVA8XFgyf_JWEBk_2liMaDK61Kn9me8FDg==
x-amz-cf-pop
HAM50-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport script-src 'report-sample' 'nonce-YEqRaezHtNgxUP7aWmPfrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist
content-type
application/binary
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Fri, 02 Feb 2024 17:14:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://api.mop.apps.samsung.com/news?action=read&target=news_open&url=https%253A%252F%252Fpartner.upday-content.com%252Farticles%252FEXQKRfEXpLrLJ09Kiqel-A-en-US%253Fsection%253Dbreaking_news_push&rss_url&id=EXQKRfEXpLrLJ09Kiqel-A-en-US&title=Samsung+News&img=https%253A%252F%252Fimg.yana.asideas.de%252Fimage%252Ffetch%252Fw_700%252Ch_394%252Cc_fill%252Cf_webp%252Cq_auto%253Aeco%252Fhttps%25253A%25252F%25252Fstatic.foxbusiness.com%25252Ffoxbusiness.com%25252Fcontent%25252Fuploads%25252F2023%25252F11%25252Ftesla-ceo-elon-musk-forum-rishi-sunak.jpg&pub=Fox+Business&pub_id=foxbusiness.com&pub_logo=https%253A%252F%252Fimg.yana.asideas.de%252Fimage%252Fupload%252Fv1679924899%252Fpublisher-logo%252FFox%252FBanner_-_Fox_Business_-_Light_Mode.svg&theme_color=%23003366&pub_time=2024-02-02T12:40:10Z&ed=en_US&referrer=share-news
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Primary Request EXQKRfEXpLrLJ09Kiqel-A-en-US
partner.upday-content.com/articles/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Requested by
Host: api.mop.apps.samsung.com
URL: https://api.mop.apps.samsung.com/news?action=read&target=news_open&url=https%253A%252F%252Fpartner.upday-content.com%252Farticles%252FEXQKRfEXpLrLJ09Kiqel-A-en-US%253Fsection%253Dbreaking_news_push&rss_url&id=EXQKRfEXpLrLJ09Kiqel-A-en-US&title=Samsung+News&img=https%253A%252F%252Fimg.yana.asideas.de%252Fimage%252Ffetch%252Fw_700%252Ch_394%252Cc_fill%252Cf_webp%252Cq_auto%253Aeco%252Fhttps%25253A%25252F%25252Fstatic.foxbusiness.com%25252Ffoxbusiness.com%25252Fcontent%25252Fuploads%25252F2023%25252F11%25252Ftesla-ceo-elon-musk-forum-rishi-sunak.jpg&pub=Fox+Business&pub_id=foxbusiness.com&pub_logo=https%253A%252F%252Fimg.yana.asideas.de%252Fimage%252Fupload%252Fv1679924899%252Fpublisher-logo%252FFox%252FBanner_-_Fox_Business_-_Light_Mode.svg&theme_color=%23003366&pub_time=2024-02-02T12:40:10Z&ed=en_US&referrer=share-news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4abb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac225e99eb1a248266786c7c0d6caee9013399df8323273cc7f98e573f6f75b9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://api.mop.apps.samsung.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16006
cf-cache-status
DYNAMIC
cf-ray
84f412da8dbd085c-FRA
content-encoding
br
content-type
text/html
date
Fri, 02 Feb 2024 17:14:59 GMT
last-modified
Wed, 17 Jan 2024 09:25:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6N4gq8YPD4VuAJbBuGUKlWx1%2B4TzeTpBP8aZx3HO8tjaEYwt20RXwRBJgA9pGNg7XRFxyBMZwwqT9xD2kq5aYicU2nkTO%2BwrDwR%2BNLH5j6hgE%2Beywfr%2FPLr1wEaoKxbaL2lRBLQsSSK1AqCZbaGcRv7QHybF894%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-cache-hits
13, 1
x-served-by
cache-dub4333-DUB, cache-fra-eddf8230046-FRA
x-timer
S1706894100.639765,VS0,VE2
css2
fonts.googleapis.com/ 		41 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: partner.upday-content.com
URL: https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35da207f645f29c7b591431e053ed8d7f5880d52e853e613941f050648f62f22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Feb 2024 17:14:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 17:04:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Feb 2024 17:14:59 GMT
zrj8lxn.css
use.typekit.net/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/zrj8lxn.css
Requested by
Host: partner.upday-content.com
URL: https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6cf85d441c411b58ce8cc5eb6223fbba4db939043dbbeb5914060a2e2d570c16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 02 Feb 2024 17:15:00 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2166
config.js
cdn.confiant-integrations.net/achqt4_l_70SAlZ3gOR1qahn_-c/gpt_and_prebid/ 		92 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/achqt4_l_70SAlZ3gOR1qahn_-c/gpt_and_prebid/config.js
Requested by
Host: partner.upday-content.com
URL: https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b43938ec8ddbc36d2012baf76853d925c96c0b702c1647e72a5f8bfb31e977c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:14:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 31 Jan 2024 12:48:35 GMT
server
cloudflare
x-amz-request-id
CNFHMD207MRA8B48
etag
W/"6cdff45e6e765869e39c0464c92b158b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
84f412dbafc24d32-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
w13QRZwXgaqXH0EiUg0RxJU+pl7rit3i7XEpLPMdtBL83AzRUWAbJMHH0w2GQrN7rYQQwba3kic=
vue-i18n.js
unpkg.com/vue-i18n@8.28.2/dist/
Redirect Chain
  • https://unpkg.com/vue-i18n@8
  • https://unpkg.com/vue-i18n@8.28.2
  • https://unpkg.com/vue-i18n@8.28.2/dist/vue-i18n.js
67 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/vue-i18n@8.28.2/dist/vue-i18n.js
Requested by
Host: partner.upday-content.com
URL: https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe56c4f0fa31021a956f1103c66edab8457e3ae9b6f3392ef738c7ea9b53fd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:14:59 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7484807
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HEPAZV7B1SWFJWVG808THS2M-fra
server
cloudflare
etag
W/"10acb-pDZKhUHARpUQj+gf21pOwifw09M"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84f412db4849906c-FRA

Redirect headers

date
Fri, 02 Feb 2024 17:14:59 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HGHHPP8B45Z2YNYZG4HPKASJ-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5498055
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/vue-i18n@8.28.2/dist/vue-i18n.js
cache-control
public, max-age=31536000
cf-ray
84f412db2830906c-FRA
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/unified/ 		124 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: partner.upday-content.com
URL: https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-18.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff0f14a44549f5c91beb9bcc56cc28071ddc6686e1bc98a324792a70da622682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:23:08 GMT
content-encoding
br
via
1.1 e3435d60cd338994e4187428e5fd4e42.cloudfront.net (CloudFront)
last-modified
Wed, 24 Jan 2024 15:46:48 GMT
server
AmazonS3
x-amz-cf-pop
HAM50-P1
age
3136
x-amz-server-side-encryption
AES256
etag
W/"beaecb5c607df60e5309ba0530469381"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
9kY3vnNxrtcSQaTJ-YMGreLEL8EFlivfPU4EyRjDew3_irnRIXVopQ==
index.36cdb650.js
partner.upday-content.com/assets/ 		264 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.upday-content.com/assets/index.36cdb650.js
Requested by
Host: partner.upday-content.com
URL: https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4abb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ab32b2d929c58b03d063f4e4f57eee8c2c4d3316b16fa1271baad5ed354cea9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Origin
https://partner.upday-content.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:14:59 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=300
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
age
86336
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-dub4324-DUB, cache-fra-eddf8230122-FRA
last-modified
Wed, 17 Jan 2024 09:25:23 GMT
server
cloudflare
x-timer
S1706894100.679103,VS0,VE5
etag
W/"07057fa4a887243177b2081df406357b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxMS8tGwufez%2BdhapbhhF93kgLaBuzpeqnM4cmwAskgIAZegikThn85sqoYIxYL8wudsvqEaEN7er2tx2trG7TZeUjCIbbCV7AgxfqpLqY64l4w6Q07P0DKGlWn4%2FhYZvMcWsU9b3FmPO9wrsgO2IuolZBhWtUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
84f412dade1e085c-FRA
x-cache-hits
619, 1
index.f464dbbe.css
partner.upday-content.com/assets/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://partner.upday-content.com/assets/index.f464dbbe.css
Requested by
Host: partner.upday-content.com
URL: https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4abb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c1d4300d44335bc8274ae0b6115d6bd90055edaf8dcd61cd8aba4992fd1de22
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:14:59 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=300
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
age
3878
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-dub4320-DUB, cache-fra-eddf8230046-FRA
last-modified
Wed, 17 Jan 2024 09:25:23 GMT
server
cloudflare
x-timer
S1706894100.670472,VS0,VE4
etag
W/"7f2a56fb00148b10f7f19111e9113e1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blrXk2tVqqAYUwpRhNjekttHL4lHBLUiErD0tBCZcYWH8LRg%2BhZzxgJXRsmQgdLBtitSaIFPfp5c84Me9wkZWWDHLXWLGBea8sEEKrup54FOBrsART0soLsxLyd3RaQDym%2FgIboggxVdDP9ZpMvkdbzBddjdwXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
84f412dade19085c-FRA
x-cache-hits
1044, 1
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202401231116/ 		301 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202401231116/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/achqt4_l_70SAlZ3gOR1qahn_-c/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d8c79ebdea546edefa4fb60d5a18dd6214fd12652cfc82f82b2c437b4f0eaa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:15:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Jan 2024 16:17:53 GMT
server
cloudflare
x-amz-request-id
MRBWJ8EH96XY0GXA
age
774768
etag
W/"4e46991deac7ea453158c3b56a903369"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
84f412dd09ae4d32-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4Nd6wE5uJQNcrhMI8ldYOylPoVkOjZMHcpEyIdi8Rh8uP4ty0E4Vwu3TVAh5kbUf3Dq8RCiGCEDTETHsuKoBbA==
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=zrj8lxn&ht=tk&f=49.50.51.52.1291.1292.1997.1998.1999.2000.25310.25311.25312.25313.25316.25317.41037.41038.41039.41040.41041.41042.48161.48162.48163.48164.48165.48166.48167.48168.48169.48170.48171.48172.48173.48174.48175.48176&a=50169974&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/zrj8lxn.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:15:00 GMT
last-modified
Fri, 14 Jul 2023 12:44:32 GMT
server
nginx
etag
"64b14330-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
pwt.js
ads.pubmatic.com/AdServer/js/pwt/163424/10556/ 		356 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/163424/10556/pwt.js
Requested by
Host: partner.upday-content.com
URL: https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
27ea6c02db71e7a4fc0e827da657474290750153a2973b7bdf7d7d8399146fd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:15:00 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 18:37:08 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=34602
accept-ranges
bytes
content-length
112997
expires
Sat, 03 Feb 2024 02:51:42 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		286 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: partner.upday-content.com
URL: https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-41.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85c59056678912641d9929fea79a132b58398fe84cfbbb5fd63e892db355bde7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:57:30 GMT
content-encoding
gzip
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 d050e2738eeca6f287a6d79edd9743de.cloudfront.net (CloudFront)
last-modified
Thu, 01 Feb 2024 21:58:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, HAM50-C1
age
1051
x-amz-server-side-encryption
AES256
etag
W/"e27d9780852534fd18cbcc0472fcbb38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Y6rml3diVp1xKKp9vJ7UGVvlY8a75OwKHu2Emwc2qpCURODIONDMmQ==
sp.js
cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.10.2/
Redirect Chain
  • https://d1fc8wv8zag5ca.cloudfront.net/2.10.2/sp.js
  • https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.10.2/sp.js
96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.10.2/sp.js
Requested by
Host: partner.upday-content.com
URL: https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Protocol
H2
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:15:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5660987
x-jsd-version
2.10.2
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230127-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"17e3c-oOhyyJ22mR0DkydW1DSA5A6zhig"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JX4d74jIR0vFbbs4vggoWfQUjb0ItvcayDyJfs9YUikwexGe0O0BuprejwoKy%2BKTLXr2ScjfAjhvJmenwaVEeT1TmbzHeoy8tvZVZeiojIVQdAEmgCMte7AinJVtXpkXJ4aSLDVfveJn3jzSxFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
84f412e098e12c25-FRA

Redirect headers

Date
Thu, 01 Feb 2024 21:18:04 GMT
Via
1.1 7ef2f2ef10b33b89c251a780db8113ec.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
HAM50-P2
Age
71817
X-Cache
Hit from cloudfront
Location
https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.10.2/sp.js
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
dcimNaFw-v_E0yGrX_RoH3nze_eNT6or5O1WUwR_ieD0U0jX1Df8yQ==
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: partner.upday-content.com
URL: https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8A) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 17:15:00 GMT
Content-Encoding
gzip
Age
1290
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (amb/6B8A)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
ccpa.ac4217cf19751641255f.bundle.js
cdn.privacy-mgmt.com/unified/4.15.1/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/unified/4.15.1/ccpa.ac4217cf19751641255f.bundle.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-18.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
407c822fb700f4775c0b6ae9841d23f3cf53e3c98bedbfc82606c84a731cf947

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 15:47:27 GMT
content-encoding
br
via
1.1 e3435d60cd338994e4187428e5fd4e42.cloudfront.net (CloudFront)
last-modified
Wed, 24 Jan 2024 14:52:06 GMT
server
AmazonS3
x-amz-cf-pop
HAM50-P1
age
782854
etag
W/"51888b6087d74be5874f51d91d05df85"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
qXgMU1R6xX7nQb_mzOQHWfxIzp9Emrkari9E-1n4pZcOlHLNFTKaVw==
get_site_data
cdn.privacy-mgmt.com/mms/v2/ 		198 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fpartner.upday-content.com%2Farticles%2FEXQKRfEXpLrLJ09Kiqel-A-en-US&account_id=1253
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-18.ham50.r.cloudfront.net
Software
/
Resource Hash
7aa7de753036eeecb77415fa9286cdde7dc42dc61b2578b2b3550084a201bd05
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:15:00 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-32-229
via
1.1 99c082d51ab1d5dd3b28271abf556164.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P1
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
yxhUedI7aYtM2yB47cyEYhSiy2P_NmHXMTxN7p93LQMvegTlsfIxew==
EXQKRfEXpLrLJ09Kiqel-A-en-US
partner-content.upday.com/api/v1/cp/articles/ 		297 B
710 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://partner-content.upday.com/api/v1/cp/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US
Requested by
Host: partner.upday-content.com
URL: https://partner.upday-content.com/assets/index.36cdb650.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62ec3be0a046dfaaae8c7add83ce4d9e1610666f49477cf834ba4d5a253b4a85
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by
cache-dub4348-DUB, cache-fra-eddf8230089-FRA
date
Fri, 02 Feb 2024 17:15:00 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
visitor-country-code
DE
x-timer
S1706894101.582297,VS0,VE45
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
MISS, MISS
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-cache-hits
0, 0
meta-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=1253&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%7D&propertyId=30755&ch=null&scriptVersion=4.15.1&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-18.ham50.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://partner.upday-content.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 02 Feb 2024 17:15:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 99c082d51ab1d5dd3b28271abf556164.cloudfront.net (CloudFront)
x-amz-cf-id
lWE221UjXEWgkgi49WlA-axIBAMexmYkJoArCBDD8sOP2q0be0Jqng==
x-amz-cf-pop
HAM50-P1
x-cache
Miss from cloudfront
x-powered-by
Express
meta-data
cdn.privacy-mgmt.com/wrapper/v2/ 		74 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=1253&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%7D&propertyId=30755&ch=null&scriptVersion=4.15.1&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-18.ham50.r.cloudfront.net
Software
/ Express
Resource Hash
9244e0d2421407354196cfb654dd481eb45be32a1c412bf67bb6e50dcd7469d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://partner.upday-content.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Feb 2024 17:15:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 99c082d51ab1d5dd3b28271abf556164.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
74
x-amz-cf-id
I7dVbS2Sx5B1edJoKhPBOy2iTlCpuHAcPZIvwRd8EKngK5eb2JWuLg==
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame B09F 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fpartner.upday-content.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB9) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://partner.upday-content.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
4578809
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Fri, 02 Feb 2024 17:15:00 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BB9)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
gpt.js
www.googletagservices.com/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: partner.upday-content.com
URL: https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46058eb6c42b2ce4caaf8b7d0f924d892fe9cba22e7c819e253c99e54cd06fa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:15:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29539
x-xss-protection
0
server
cafe
etag
488 / 19755 / 31080792 / config-hash: 16504606021960176266
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 17:15:00 GMT
5164
config.aps.amazon-adsystem.com/configs/ 		532 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/5164
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.153.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-153-80.ham50.r.cloudfront.net
Software
CloudFront /
Resource Hash
04c86ab461530d1c84eb2025777d6268cd798fd90aa8e24cadbb854a756ba71f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:15:01 GMT
via
1.1 45e3199947a7cf13526e49c4cabda3b8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
HAM50-P2
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
WvvKUTRJ6NbHrgliVNluGs704lPDsNPsOYCkhLfYnNZk0Q6_Fap_Sw==
config
c.amazon-adsystem.com/cdn/prod/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5164&u=https%3A%2F%2Fpartner.upday-content.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-41.ham50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 13:06:15 GMT
via
1.1 d050e2738eeca6f287a6d79edd9743de.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
HAM50-C1
age
14925
x-cache
Hit from cloudfront
access-control-allow-origin
https://partner.upday-content.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
_bR03IwVFTq8lODM8mRX7H3tZeu3b9HpaNPO7XiGH7bIlTQ2LhXy0Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-41.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 e626e3045304034f7160fd4e5f8b6fce.cloudfront.net (CloudFront)
date
Fri, 02 Feb 2024 05:50:57 GMT
x-amz-cf-pop
HAM50-C1
age
41044
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
meESXMUzRJ1dSkzI9KNMnm9B-ae-GFMf2Vsmhf-PFtQpf22okip-cw==
settings
syndication.twitter.com/ Frame B09F 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=993a8dc22a590bd3a64aac72230eeb05dfdcf84e
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fpartner.upday-content.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-response-time
100
date
Fri, 02 Feb 2024 17:14:59 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Fri, 02 Feb 2024 17:15:00 GMT
server
tsa_f
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
4bf888ee728ee4d6
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7469935968
x-connection-hash
bcc9e08f1a02d26c775bb329d2e25e62675d71da19b1369fab67072bde77b34e
content-length
337
tp2
com-upday-main.collector.snplow.net/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://com-upday-main.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.219.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-219-215.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://partner.upday-content.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://partner.upday-content.com
access-control-max-age
600
content-length
0
date
Fri, 02 Feb 2024 17:15:00 GMT
server
nginx
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://partner.upday-content.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 23:50:55 GMT
x-content-type-options
nosniff
age
149045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jan 2025 23:50:55 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://partner.upday-content.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:39:21 GMT
x-content-type-options
nosniff
age
2139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Feb 2025 16:39:21 GMT
tp2
com-upday-main.collector.snplow.net/com.snowplowanalytics.snowplow/ 		2 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://com-upday-main.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d1fc8wv8zag5ca.cloudfront.net
URL: https://d1fc8wv8zag5ca.cloudfront.net/2.10.2/sp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.219.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-219-215.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://partner.upday-content.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://partner.upday-content.com
date
Fri, 02 Feb 2024 17:15:00 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/ 		435 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b7da2057c3a37a4c49b313a989f78fbc91ba50ba03725afcde21477b56d3378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.upday-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 15:37:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
5850
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139509
x-xss-protection
0
server
cafe
etag
15006055029041311047
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 01 Feb 2025 15:37:30 GMT
messages
cdn.privacy-mgmt.com/wrapper/v2/ 		839 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1253%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fpartner.upday-content.com%2Farticles%2FEXQKRfEXpLrLJ09Kiqel-A-en-US%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=null&scriptVersion=4.15.1&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-18.ham50.r.cloudfront.net
Software
/ Express
Resource Hash
fcfad9e895ab9a81c1c3db6269bbcdf9da987bb449e6c4454d75a3a74e772a96
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://partner.upday-content.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Feb 2024 17:15:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 99c082d51ab1d5dd3b28271abf556164.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
839
x-amz-cf-id
Vu0579_W1oF9HYN5hqnXkiMA_Hsgd_eWM4v5NEzl_JmjuXw80AqlWA==
messages
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1253%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fpartner.upday-content.com%2Farticles%2FEXQKRfEXpLrLJ09Kiqel-A-en-US%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=null&scriptVersion=4.15.1&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-18.ham50.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://partner.upday-content.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 02 Feb 2024 17:15:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 99c082d51ab1d5dd3b28271abf556164.cloudfront.net (CloudFront)
x-amz-cf-id
XHnngAmQcMHqsSrG9dwzujr1Rg_EnxdzDUr9ppMEDIKomaMuHj_Mfg==
x-amz-cf-pop
HAM50-P1
x-cache
Miss from cloudfront
x-powered-by
Express
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=null&scriptVersion=4.15.1&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-18.ham50.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://partner.upday-content.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://partner.upday-content.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Fri, 02 Feb 2024 17:15:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 99c082d51ab1d5dd3b28271abf556164.cloudfront.net (CloudFront)
x-amz-cf-id
R_I0GVsTAoFptdJq6MiRV53HvHYd5qtNBtGc2xKshAV0oQw50UYNSw==
x-amz-cf-pop
HAM50-P1
x-cache
Miss from cloudfront
x-powered-by
Express
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ 		190 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=null&scriptVersion=4.15.1&scriptType=unified
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-18.ham50.r.cloudfront.net
Software
/ Express
Resource Hash
2063d7107629891f3f7f274241562a1bbed06d338c82fe871fb5e3ff10cff982
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://partner.upday-content.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Feb 2024 17:15:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 99c082d51ab1d5dd3b28271abf556164.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://partner.upday-content.com
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
190
x-amz-cf-id
x8O5FlWaVwLSV7QDLOIVvlUqGWvKm-uszmPzudM6j5BmjMdKKQb0YA==

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| confiant object| googletag object| pbjs function| VueI18n object| PWT undefined| notifyId object| apstag function| __uspapi object| _sp_queue object| _sp_ object| GlobalSnowplowNamespace function| snowplow object| twttr object| _sp_wp_jsonp object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __INTLIFY_JIT_COMPILATION__ boolean| __INTLIFY_DROP_MESSAGE_COMPILER__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __VUE_PROD_HYDRATION_MISMATCH_DETAILS__ boolean| __VUE__ object| __twttrll object| __twttr object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| mnet object| ucTag object| OWT object| _aps boolean| apstagLOADED object| apscustom function| _typeof object| Snowplow object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| msgData

8 Cookies

Domain/Path Name / Value
partner.upday-content.com/ Name: samsung-news-user-id
Value: 7fd56bdb-923c-4818-9a8f-149a973a8219
.partner.upday-content.com/ Name: _sp_ses.f557
Value: *
.partner.upday-content.com/ Name: _sp_id.f557
Value: 2a8a159f-6b5d-4aa7-9b19-3a77040d44e4.1706894101.1.1706894101.1706894101.c5b64902-4056-442c-9355-e758db2b3822
.com-upday-main.collector.snplow.net/ Name: sp
Value: 1f617178-4534-4a5d-a6ec-9844c2b3ab6f
.upday-content.com/ Name: dnsDisplayed
Value: undefined
.upday-content.com/ Name: ccpaApplies
Value: false
.upday-content.com/ Name: signedLspa
Value: undefined
.upday-content.com/ Name: ccpaUUID
Value: a5424fad-8020-4f8b-a5b7-481d0466b272

2 Console Messages

Source Level URL
Text
network error URL: https://partner-content.upday.com/api/v1/cp/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://partner.upday-content.com/articles/EXQKRfEXpLrLJ09Kiqel-A-en-US?section=breaking_news_push
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
api.mop.apps.samsung.com
c.amazon-adsystem.com
cdn.confiant-integrations.net
cdn.jsdelivr.net
cdn.privacy-mgmt.com
com-upday-main.collector.snplow.net
config.aps.amazon-adsystem.com
d1fc8wv8zag5ca.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
p.typekit.net
partner-content.upday.com
partner.upday-content.com
platform.twitter.com
securepubads.g.doubleclick.net
ssnews.page.link
syndication.twitter.com
unpkg.com
use.typekit.net
www.googletagservices.com
104.244.42.200
151.101.66.132
18.155.145.18
18.155.152.89
18.155.153.80
23.218.208.200
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::ac43:4abb
2606:4700:4400::ac40:90a6
2606:4700::6810:5914
2606:4700::6810:7aaf
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a02:26f0:3500:16::215:1490
2a02:26f0:480:f::213:7ed3
52.85.32.41
54.154.219.215
54.230.206.125
04c86ab461530d1c84eb2025777d6268cd798fd90aa8e24cadbb854a756ba71f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1b43938ec8ddbc36d2012baf76853d925c96c0b702c1647e72a5f8bfb31e977c
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2063d7107629891f3f7f274241562a1bbed06d338c82fe871fb5e3ff10cff982
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27ea6c02db71e7a4fc0e827da657474290750153a2973b7bdf7d7d8399146fd7
2ab32b2d929c58b03d063f4e4f57eee8c2c4d3316b16fa1271baad5ed354cea9
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
35da207f645f29c7b591431e053ed8d7f5880d52e853e613941f050648f62f22
3d8c79ebdea546edefa4fb60d5a18dd6214fd12652cfc82f82b2c437b4f0eaa7
407c822fb700f4775c0b6ae9841d23f3cf53e3c98bedbfc82606c84a731cf947
46058eb6c42b2ce4caaf8b7d0f924d892fe9cba22e7c819e253c99e54cd06fa3
4b7da2057c3a37a4c49b313a989f78fbc91ba50ba03725afcde21477b56d3378
62ec3be0a046dfaaae8c7add83ce4d9e1610666f49477cf834ba4d5a253b4a85
6cf85d441c411b58ce8cc5eb6223fbba4db939043dbbeb5914060a2e2d570c16
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
7aa7de753036eeecb77415fa9286cdde7dc42dc61b2578b2b3550084a201bd05
7c1d4300d44335bc8274ae0b6115d6bd90055edaf8dcd61cd8aba4992fd1de22
85c59056678912641d9929fea79a132b58398fe84cfbbb5fd63e892db355bde7
9244e0d2421407354196cfb654dd481eb45be32a1c412bf67bb6e50dcd7469d5
ac225e99eb1a248266786c7c0d6caee9013399df8323273cc7f98e573f6f75b9
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fcfad9e895ab9a81c1c3db6269bbcdf9da987bb449e6c4454d75a3a74e772a96
fe56c4f0fa31021a956f1103c66edab8457e3ae9b6f3392ef738c7ea9b53fd6c
ff0f14a44549f5c91beb9bcc56cc28071ddc6686e1bc98a324792a70da622682