web.newton.co Open in urlscan Pro
13.32.99.125 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://web.tradenewton.com/r/KDKZDD
Effective URL:
https://web.newton.co/r/KDKZDD
Submission: On May 10 via api (May 10th 2023, 7:15:41 am UTC) from FI — Scanned from FI

Summary HTTP 55 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 16 domains to perform 55 HTTP transactions. The main IP is 13.32.99.125, located in United States and belongs to AMAZON-02, US. The main domain is web.newton.co.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 29th 2023. Valid for: a year.

This is the only time web.newton.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.66.121.12 18.66.121.12	16509 (AMAZON-02) (AMAZON-02)
9	13.32.99.125 13.32.99.125	16509 (AMAZON-02) (AMAZON-02)
2	52.95.146.250 52.95.146.250	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:23c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a01:4f8:13b:... 2a01:4f8:13b:188b::2	24940 (HETZNER-AS) (HETZNER-AS)
4	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	13.225.83.103 13.225.83.103	16509 (AMAZON-02) (AMAZON-02)
4	15.222.108.172 15.222.108.172	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	3.33.235.18 3.33.235.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:24e... 2600:1f18:24e6:b900:9d24:e015:bfa6:1472	14618 (AMAZON-AES) (AMAZON-AES)
4	52.7.139.47 52.7.139.47	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.189.49 13.224.189.49	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.5 18.66.147.5	16509 (AMAZON-02) (AMAZON-02)
1	52.201.183.245 52.201.183.245	14618 (AMAZON-AES) (AMAZON-AES)
55	21

1 18.66.121.12 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-12.fra60.r.cloudfront.net

web.tradenewton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.32.99.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-125.fra60.r.cloudfront.net

web.newton.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.146.250 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ca-central-1.amazonaws.com

newton-webapp-static-assets.s3.ca-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:23c (United States)

ASN13335 (CLOUDFLARENET, US)

www.ipqualityscore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:13b:188b::2 (Germany)

ASN24940 (HETZNER-AS, DE)

fn.eu.ipqualityscore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.83.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-103.fra2.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.222.108.172 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-222-108-172.ca-central-1.compute.amazonaws.com

api.newton.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

newtoncrypto.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.235.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa1ba9bef7b18c265.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b900:9d24:e015:bfa6:1472 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.7.139.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-139-47.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-49.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-5.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.201.183.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-183-245.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	newton.co web.newton.co api.newton.co	590 KB
9	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1359 clientstream.launchdarkly.com — Cisco Umbrella Rank: 1219 events.launchdarkly.com — Cisco Umbrella Rank: 1072	1 KB
5	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2108 ekr.zdassets.com — Cisco Umbrella Rank: 2363	365 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4217 www.google.com — Cisco Umbrella Rank: 2	812 B
3	google.fi www.google.fi — Cisco Umbrella Rank: 28629	578 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 91	473 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	21 KB
3	ipqualityscore.com www.ipqualityscore.com — Cisco Umbrella Rank: 56033 fn.eu.ipqualityscore.com — Cisco Umbrella Rank: 590486	66 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2699	207 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2266 api-iam.intercom.io — Cisco Umbrella Rank: 2201	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	127 KB
2	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1714	60 KB
2	amazonaws.com newton-webapp-static-assets.s3.ca-central-1.amazonaws.com	107 KB
1	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2646	305 B
1	zendesk.com newtoncrypto.zendesk.com	1 KB
1	tradenewton.com 1 redirects web.tradenewton.com	237 B
55	16

	Domain	Requested by
9	web.newton.co	web.newton.co
4	events.launchdarkly.com	www.datadoghq-browser-agent.com
4	api.newton.co	web.newton.co
4	app.launchdarkly.com	web.newton.co
4	static.zdassets.com	web.newton.co static.zdassets.com
3	www.google.fi	web.newton.co
3	stats.g.doubleclick.net	www.datadoghq-browser-agent.com www.googletagmanager.com
3	www.google-analytics.com	web.newton.co www.datadoghq-browser-agent.com
2	js.intercomcdn.com	widget.intercom.io
2	www.google.com	web.newton.co
2	region1.analytics.google.com	www.googletagmanager.com
2	www.googletagmanager.com	web.newton.co www.googletagmanager.com
2	www.datadoghq-browser-agent.com	web.newton.co
2	fn.eu.ipqualityscore.com	web.newton.co
2	newton-webapp-static-assets.s3.ca-central-1.amazonaws.com	web.newton.co
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	web.newton.co
1	rum.browser-intake-datadoghq.com	www.datadoghq-browser-agent.com
1	clientstream.launchdarkly.com	web.newton.co
1	newtoncrypto.zendesk.com	static.zdassets.com
1	ekr.zdassets.com	static.zdassets.com
1	www.ipqualityscore.com	web.newton.co
1	web.tradenewton.com	1 redirects
55	23

This site contains links to these domains. Also see Links.

Domain
newton.co
www.newton.co

Subject Issuer	Validity	Valid
web.newton.co Amazon RSA 2048 M02	`2023-01-29` - `2024-02-27`	a year	crt.sh
*.s3.ca-central-1.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-01-15`	9 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-23` - `2024-02-23`	a year	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
fn.eu.ipqualityscore.com R3	`2023-03-25` - `2023-06-23`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
api.newton.co Amazon RSA 2048 M01	`2023-02-22` - `2024-03-22`	a year	crt.sh
newtoncrypto.zendesk.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M02	`2023-02-10` - `2023-10-07`	8 months	crt.sh
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-07-22`	a year	crt.sh
events.launchdarkly.com Amazon RSA 2048 M01	`2023-02-28` - `2023-09-16`	7 months	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://web.newton.co/r/KDKZDD
Frame ID: E5F40D20609FC510ED67EDCC7A451A44
Requests: 42 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js
Frame ID: 2259EE80358B44A3FCDB3BC4DD5D913A
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.7d7bce00.js
Frame ID: 2C0A0DBE24F656177E47A41907B4DE90
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Create account | Newton

Page URL History Show full URLs

https://web.tradenewton.com/r/KDKZDD HTTP 301
https://web.newton.co/r/KDKZDD Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

55
Requests

100 %
HTTPS

41 %
IPv6

16
Domains

23
Subdomains

21
IPs

5
Countries

1553 kB
Transfer

5542 kB
Size

15
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://newton.co/terms-of-use
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://newton.co/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.newton.co/relationship-disclosure
Title: Relationship Disclosure

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://web.tradenewton.com/r/KDKZDD HTTP 301
https://web.newton.co/r/KDKZDD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request KDKZDD Show response
web.newton.co/r/
Redirect Chain

https://web.tradenewton.com/r/KDKZDD
https://web.newton.co/r/KDKZDD

10 KB
3 KB

1466ms
1243ms

Document
text/html

13.32.99.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.newton.co/r/KDKZDD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-125.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

56e0823b7374c2c6f55f1ca725a9a80e002f0d0d10c0a00de505adf8aa7f3aa6

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: br
content-length: 2481
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-type: text/html
date: Wed, 10 May 2023 07:15:32 GMT
etag: "fb75cb9c727f6dbd212116f26a738859"
feature-policy: geolocation *
last-modified: Thu, 04 May 2023 18:29:27 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-id: IzaVtD7Q73A1QJ1iefrAP-n0OcS_yY2GKZ2TN2H9-wKnr4xeevR0Pw==
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
date: Wed, 10 May 2023 07:15:31 GMT
location: https://web.newton.co/r/KDKZDD
server: AmazonS3
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-id: Ka_KvxeNT48M50pVQals4b5YT-HqExl0Ss1gXYuD8PxABQTfskDxkw==
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront

GET
H/1.1 200
OK lineto-circular-book.woff2
newton-webapp-static-assets.s3.ca-central-1.amazonaws.com/fonts/ 50 KB
50 KB 504ms
172ms Font
binary/octet-stream 52.95.146.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://newton-webapp-static-assets.s3.ca-central-1.amazonaws.com/fonts/lineto-circular-book.woff2
Requested by: Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.146.250 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 39c5d1ed54e49102939d0280aeb20f01ef021bf5ffa74dc25fcafb43fce62ff3

Request headers

Referer
Origin: https://web.newton.co
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 07:15:33 GMT
Last-Modified: Fri, 03 Jul 2020 20:14:22 GMT
Server: AmazonS3
x-amz-request-id: H0EPE5FRJPBQS3Z0
ETag: "0415b07a54e28ed90ed2129f8d674c12"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 51112
x-amz-id-2: 2FV29qa6VeqQOxHoIrxPq7PWl/khD9Uc6tf27Xash2B3PEdMztQ3gpV0K2bJzZG9gQuT88zwjXQ=

GET
H2 200 index-d1e70271.js Show response
web.newton.co/assets/ 2 MB
552 KB 98ms
96ms Script
application/javascript 13.32.99.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.newton.co/assets/index-d1e70271.js

Requested by

Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-125.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c9dbf33013effe3dfdb3e6542949f8067386b0701d40763f9ed972a49f231bee

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://web.newton.co/r/KDKZDD
Origin: https://web.newton.co
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:32:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
x-amz-cf-pop: FRA60-P3
age: 477806
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 564115
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 04 May 2023 18:29:24 GMT
server: AmazonS3
etag: "baa7df698c9aa434b7faa2f147d5556f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
feature-policy: geolocation *
x-frame-options: SAMEORIGIN
accept-ranges: bytes
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: _A1h2O150txr3UcMhjpWjw_z94US2DdBAWkt_RU6vjoUWQub4nPLLA==

GET
H2 200 index-80069c7b.css
web.newton.co/assets/ 183 KB
21 KB 83ms
81ms Stylesheet
text/css 13.32.99.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.newton.co/assets/index-80069c7b.css

Requested by

Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-125.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

80069c7b50bc805eea63a9003d8d6189042bbd6cb4e0859fb7cc73825f835c26

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://web.newton.co/r/KDKZDD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:32:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
x-amz-cf-pop: FRA60-P3
age: 477806
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 21145
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 04 May 2023 18:29:24 GMT
server: AmazonS3
etag: "5ebd95a5ef2f34ae0d5761e5739a7248"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
feature-policy: geolocation *
accept-ranges: bytes
x-amz-cf-id: 1VV6PnXYaZPOXqA8s2cq_5HFcArBmczXsOrHbhe5xjZ83Y2Ux5IX-Q==

GET
H2 200 learn.js Show response
www.ipqualityscore.com/api/*/3puLAJNS2GFftvhSmrA0ozM9LCpagczL409L2QAZXwqbHSCKJedwXB47JmH7hLdrPpHM0AukYK3xD3BTsBKV1RUNrXibXqpm6e8ozKIwWXVJ5DNGJ4Znp7w8P5uBdMdsmmpMZdw4tUuFawJefThgAhuIw4KkvUeyDOdFuxG2... 133 KB
64 KB 165ms
57ms Script
application/javascript 2606:4700:20::681a:23c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ipqualityscore.com/api/*/3puLAJNS2GFftvhSmrA0ozM9LCpagczL409L2QAZXwqbHSCKJedwXB47JmH7hLdrPpHM0AukYK3xD3BTsBKV1RUNrXibXqpm6e8ozKIwWXVJ5DNGJ4Znp7w8P5uBdMdsmmpMZdw4tUuFawJefThgAhuIw4KkvUeyDOdFuxG2WUeznGzXjxsoTGOLtorYcZVFUmzJBZd8urKMOkzn71CbUBXeVtPrVH05tskeh9yLWHwFUlbjNx9EeI5WnDnGk2QU/learn.js
Requested by: Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:23c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1d227f77b5f85b92b777cb77a3fed7623f95978c7bc787af2fcf2023575b241

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8359
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
last-modified: Wed, 10 May 2023 04:56:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uOmZN65wloFaVSkPsNQ2sj2hZI6opaddMhlTc9x8DDwwGX%2BFI7RT7%2BW1DgF8RRX1vFUQIOLWvhaBQRdteIdr%2B%2BtRC6j2tXm%2B9pV%2BNYfDA%2BmwVmL2NhAVrCBidYuAWYHj7DbW8L6yJUHstF%2BjuzdXy5ycdM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7c50643baf94d95b-HEL
expires: Thu, 11 May 2023 00:56:12 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
7 KB 173ms
66ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=e813e268-f00c-437d-8d24-d1a71758cacc

Requested by

Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21d2ea81f22f44525f201ad9f4702029e0b2bfe65d5a2b534104dbe4b2346bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:31 GMT
x-amz-version-id: PBHdtxERTX7HUmm2o8dmki0ZTZF0krHp
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: SYVZPA7QCMNGVK54
age: 23
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: fjUM/d9wFs4hbwlc/wUqQ29P6Vc7M8v72y/8ch57AM01JwazDHRNtgrzSVJSmpU9XSeCI9D4jfg=
last-modified: Fri, 17 Mar 2023 01:24:00 GMT
server: cloudflare
etag: W/"35755063f184195a50a9c07a2c71693a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRRL6hbNP7l1wukvx%2BPrQw%2FW0pjTl5GSmVd%2BuCY8ujNzRd1Z7iVhfh7%2F8ZU6GCESKgBQIEQHwuYfgDdVY%2Fg8vrwctI2h6D1CBr9A98pnRuMDX4kxbLUMR6SY5TYMHKGn5HMLAAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 7c50643baca1d973-HEL

GET
H2 200 e813e268-f00c-437d-8d24-d1a71758cacc Show response
ekr.zdassets.com/compose/ 404 B
1 KB 367ms
269ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/e813e268-f00c-437d-8d24-d1a71758cacc

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e813e268-f00c-437d-8d24-d1a71758cacc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3151d97e7769dc320ba879f5f3e86040828b4f2cc4a022d0944c2d669e3cb357

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:32 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 7c4ddb9c7f5f2d63-SEA, 7c4ddb9c7f5f2d63-SEA
x-runtime: 0.005898
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3151d97e7769dc320ba879f5f3e86040"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1qkOwDPDMRvi72nreJFf%2FBi5NrhCE4BrizXOX9wII9pvOwqtMYnazGgE%2F62x1s%2FiTVebcGHgu%2BEp7%2BN8GLDPaKr1ZIhMbRsY7m76Cl9pd1YcrVTYnWI1jIqRoeUI0eHRiI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 7c50643dee9ed97b-HEL

GET
H/1.1 200
OK udid.json Show response
fn.eu.ipqualityscore.com/udid/ 28 B
306 B 247ms
78ms XHR
application/json 2a01:4f8:13b:188b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fn.eu.ipqualityscore.com/udid/udid.json
Requested by: Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:13b:188b::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: /
Resource Hash: b64f1b50b676652ad9862501805156846dde7b81074e06c4d1a0741bea554c27

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 07:15:32 GMT
Last-Modified: Wed, 10 May 2023 03:15:32 GMT
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: close
Content-Length: 28
Expires: Fri, 10 May 2024 03:15:32 GMT

GET
H/1.1 200
OK lineto-circular-bold.woff2
newton-webapp-static-assets.s3.ca-central-1.amazonaws.com/fonts/ 56 KB
56 KB 158ms
158ms Font
binary/octet-stream 52.95.146.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://newton-webapp-static-assets.s3.ca-central-1.amazonaws.com/fonts/lineto-circular-bold.woff2
Requested by: Host: web.newton.co
URL: https://web.newton.co/assets/index-80069c7b.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.146.250 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2893d81424bea568a7070c4288163c05c53f7d16f1f8a54241e6152a030a33a3

Request headers

Referer
Origin: https://web.newton.co
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 07:15:34 GMT
Last-Modified: Fri, 03 Jul 2020 20:13:57 GMT
Server: AmazonS3
x-amz-request-id: 60GM7Z45AYMDNH27
ETag: "8bcdcb130e5255dca86fa0f2804c4496"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 56928
x-amz-id-2: B9dhtD7NHzQONKKYZoPwjnc9LmcMjy6N5wCjYFaYTjEyuqjEa2h1jcTSctXKHiKd/SSl4BUdQg0=

OPTIONS
H2 200 6268532b65193d15716995ce
app.launchdarkly.com/sdk/goals/ Frame 0
0 444ms
337ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/6268532b65193d15716995ce

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://web.newton.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Wed, 10 May 2023 07:15:34 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hel1410023-HEL
x-timer: S1683702934.737260,VS0,VE293

OPTIONS
H2 200 eyJraW5kIjoidXNlciIsImtleSI6ImktbG92ZS1teS1qb2IiLCJhbm9ueW1vdXMiOnRydWV9
app.launchdarkly.com/sdk/evalx/6268532b65193d15716995ce/contexts/ Frame 0
0 538ms
433ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/6268532b65193d15716995ce/contexts/eyJraW5kIjoidXNlciIsImtleSI6ImktbG92ZS1teS1qb2IiLCJhbm9ueW1vdXMiOnRydWV9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://web.newton.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Wed, 10 May 2023 07:15:34 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hel1410023-HEL
x-timer: S1683702934.737255,VS0,VE390

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 230ms
72ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: web.newton.co
URL: https://web.newton.co/assets/index-d1e70271.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 10 May 2023 07:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 633
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 10 May 2023 09:05:00 GMT

GET
H2 200 6268532b65193d15716995ce Show response
app.launchdarkly.com/sdk/goals/ 2 B
178 B 432ms
432ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/6268532b65193d15716995ce

Requested by

Host: web.newton.co
URL: https://web.newton.co/assets/index-d1e70271.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.0
accept-language: fi-FI,fi;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Wed, 10 May 2023 07:15:34 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: MISS
content-length: 26
x-served-by: cache-hel1410023-HEL
x-timer: S1683702934.075306,VS0,VE390
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 0

GET
H2 200 eyJraW5kIjoidXNlciIsImtleSI6ImktbG92ZS1teS1qb2IiLCJhbm9ueW1vdXMiOnRydWV9 Show response
app.launchdarkly.com/sdk/evalx/6268532b65193d15716995ce/contexts/ 710 B
605 B 560ms
559ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/6268532b65193d15716995ce/contexts/eyJraW5kIjoidXNlciIsImtleSI6ImktbG92ZS1teS1qb2IiLCJhbm9ueW1vdXMiOnRydWV9
Requested by: Host: web.newton.co
URL: https://web.newton.co/assets/index-d1e70271.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2dfb18dacb0439afab3903e8e23e00a28360488254b313fbb793e6bd4d80a103

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.0
accept-language: fi-FI,fi;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:34 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 228
x-served-by: cache-hel1410028-HEL, cache-hel1410023-HEL
x-timer: S1683702934.172025,VS0,VE512
etag: "338dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 1

GET
H2 200 datadog-logs-v4.js Show response
www.datadoghq-browser-agent.com/ 47 KB
16 KB 236ms
76ms Script
application/javascript 13.225.83.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Requested by: Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.83.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-103.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6720e25340d7335e18866f1ec15be93d2d5006ab11a97479034167c7e00b19e4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:15 GMT
content-encoding: br
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
last-modified: Wed, 03 May 2023 13:04:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 20
x-amz-server-side-encryption: AES256
etag: W/"5eb039a68702c95f0ece01588d891a0d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: V_ejhz7r00jHc6OQ-Ifqayv7n1N0BUj3zaOQ3U_r4F2IV5Pg5yw41Q==

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ 138 KB
44 KB 267ms
108ms Script
application/javascript 13.225.83.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.83.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-103.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef9997709a9b41df3a71bb505f8dd577e8077e5a73091285356e4435c9bfa636

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:13 GMT
content-encoding: br
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
last-modified: Wed, 03 May 2023 13:04:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 21
x-amz-server-side-encryption: AES256
etag: W/"114dcf275ec56f54e931b2d17976b48a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: lrM8_UanUDoqKY3blNDb27QMbTwEHYCGBO1k9aVwc6lzl7rT7243RA==

POST
H/1.1 200
OK fetch Show response
fn.eu.ipqualityscore.com/api/*/3puLAJNS2GFftvhSmrA0ozM9LCpagczL409L2QAZXwqbHSCKJedwXB47JmH7hLdrPpHM0AukYK3xD3BTsBKV1RUNrXibXqpm6e8ozKIwWXVJ5DNGJ4Znp7w8P5uBdMdsmmpMZdw4tUuFawJefThgAhuIw4KkvUeyDOdFux... 1 KB
1 KB 364ms
218ms XHR
application/json 2a01:4f8:13b:188b::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fn.eu.ipqualityscore.com/api/*/3puLAJNS2GFftvhSmrA0ozM9LCpagczL409L2QAZXwqbHSCKJedwXB47JmH7hLdrPpHM0AukYK3xD3BTsBKV1RUNrXibXqpm6e8ozKIwWXVJ5DNGJ4Znp7w8P5uBdMdsmmpMZdw4tUuFawJefThgAhuIw4KkvUeyDOdFuxG2WUeznGzXjxsoTGOLtorYcZVFUmzJBZd8urKMOkzn71CbUBXeVtPrVH05tskeh9yLWHwFUlbjNx9EeI5WnDnGk2QU/learn/fetch
Requested by: Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:13b:188b::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4d32992c75f13c6f0c136dad20ae4bca8b79b713c6a04d20f74fda75888f621d

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 10 May 2023 07:15:34 GMT
Server: nginx
Connection: close
X-Robots-Tag: noindex
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8

OPTIONS
H2 204 /
api.newton.co/dashboard/api/referrals/active-campaigns/ Frame 0
0 479ms
151ms Preflight 15.222.108.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.newton.co/dashboard/api/referrals/active-campaigns/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.222.108.172 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-222-108-172.ca-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: browser,device-id,odyssey-environment,operating-system
Access-Control-Request-Method: GET
Origin: https://web.newton.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: device-id,browser,operating-system,is-pwa-installed,x-requested-with,x-csrftoken,user-agent,origin,dnt,content-type,authorization,accept-encoding,accept,odyssey-environment
access-control-allow-origin: https://web.newton.co
date: Wed, 10 May 2023 07:15:34 GMT
server: nginx/1.14.2

OPTIONS
H2 204 /
api.newton.co/dashboard/api/system/status/ Frame 0
0 475ms
152ms Preflight 15.222.108.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.newton.co/dashboard/api/system/status/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.222.108.172 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-222-108-172.ca-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: browser,device-id,odyssey-environment,operating-system
Access-Control-Request-Method: GET
Origin: https://web.newton.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: device-id,browser,operating-system,is-pwa-installed,x-requested-with,x-csrftoken,user-agent,origin,dnt,content-type,authorization,accept-encoding,accept,odyssey-environment
access-control-allow-origin: https://web.newton.co
date: Wed, 10 May 2023 07:15:34 GMT
server: nginx/1.14.2

GET
H2 200 / Show response
api.newton.co/dashboard/api/referrals/active-campaigns/ 130 B
1 KB 487ms
185ms XHR
application/json 15.222.108.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.newton.co/dashboard/api/referrals/active-campaigns/

Requested by

Host: web.newton.co
URL: https://web.newton.co/assets/index-d1e70271.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.222.108.172 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-222-108-172.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.2 /

Resource Hash

b9b7bb5996a883bc2e67ef09146662851fad4cdafbb8ffdec19e805d72c622f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

browser: null
accept-language: fi-FI,fi;q=0.9
odyssey-environment: production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Accept: application/json, text/plain, */*
device-id: null
Referer
operating-system: null

Response headers

date: Wed, 10 May 2023 07:15:34 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx/1.14.2
allow: GET, HEAD, OPTIONS
x-frame-options: DENY
content-type: application/json
vary: Origin, Cookie
access-control-allow-origin: https://web.newton.co
access-control-allow-credentials: true
access-control-allow-headers: device-id,browser,operating-system,is-pwa-installed,x-requested-with,x-csrftoken,user-agent,origin,dnt,content-type,authorization,accept-encoding,accept,odyssey-environment
content-length: 130

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 119 KB
47 KB 280ms
86ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-117436166-4

Requested by

Host: web.newton.co
URL: https://web.newton.co/assets/index-d1e70271.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f5d01aaa56368e7e9640b3d536d89ebe3fbd83fc781d81ddb2d5703adb908602

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 May 2023 07:15:33 GMT

GET
H2 200 / Show response
api.newton.co/dashboard/api/system/status/ 17 B
952 B 487ms
186ms XHR
application/json 15.222.108.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.newton.co/dashboard/api/system/status/

Requested by

Host: web.newton.co
URL: https://web.newton.co/assets/index-d1e70271.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.222.108.172 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-222-108-172.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.2 /

Resource Hash

cd6814ad85652b8583282963c6756075fe09a6276130db2d28ce42f953351d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

browser: null
accept-language: fi-FI,fi;q=0.9
odyssey-environment: production
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Accept: application/json, text/plain, */*
device-id: null
Referer
operating-system: null

Response headers

date: Wed, 10 May 2023 07:15:34 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx/1.14.2
allow: GET, HEAD, OPTIONS
x-frame-options: DENY
content-type: application/json
vary: Origin, Cookie
access-control-allow-origin: https://web.newton.co
access-control-allow-credentials: true
access-control-allow-headers: device-id,browser,operating-system,is-pwa-installed,x-requested-with,x-csrftoken,user-agent,origin,dnt,content-type,authorization,accept-encoding,accept,odyssey-environment
content-length: 17

GET
H2 200 web-widget-framework-4156df7a230d696d9dfa.js Show response
static.zdassets.com/web_widget/latest/ Frame 2259 163 KB
51 KB 64ms
63ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e813e268-f00c-437d-8d24-d1a71758cacc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

099bd9867467f5ad904780b6a1c2a93aaa54e869c4ffec16f12878cd9bce907a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:33 GMT
x-amz-version-id: tWrlWgSWj4y2kCVtosT1irVWDwD.aQlK
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4ASD6BC4DB3A1F8V
age: 451999
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: QragrPajtgWXI2GSOKNz+36HPUXiDNzgWDUbdUopsGuQKzksAEgLtbYMf9RsvWr4AYE8rzx6WUAUlbFHJWRQAQ==
last-modified: Fri, 05 May 2023 01:12:08 GMT
server: cloudflare
etag: W/"8fb65d85b93d5ff05784a92cb5fd6750"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYgNc44eF6DDurvpNPJB%2FQziq5kXnGemCOB2csF7eSZZllYFaNjLSll7KcG3SmblWjizkfVSF5x8UysQ%2BsWPJqWFr8nLJOm%2BW7beilTLLQQMDbUQzIi7ASqKpebgEcP2Ou720Q0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7c5064482df7d973-HEL
expires: Sat, 04 May 2024 01:12:06 GMT

GET
H2 200 config Show response
newtoncrypto.zendesk.com/embeddable/ Frame 2259 659 B
1 KB 314ms
189ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newtoncrypto.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c79336a6c26b1c9dc7d7dbdd24c3bb47bfc55d150f58608f7267ea4649149e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-78cbb8b796-fghjv
x-cached: MISS
x-request-id: 7c50644a297e9920-IAD
x-runtime: 0.002297
last-modified: Wed, 10 May 2023 07:15:34 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3gbSA0fDgorW6A2Fjrt2Jo6%2FhGDX23mrpwVeltIun7%2BjnVEkW%2FS8PEWAqAsg%2BfLzGghcWH4rDoKfZXGvOj3TSoPqGtGr84HRllxUmN1nd0538xmsStthPT%2Bt9H5VKWffznQxWpGfeb6Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 7c50644a297e9920-ARN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
80 KB 92ms
91ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P96X8NW2S4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117436166-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d12d4f49a45af5a2e155fd07dc8f9c2596b1f0b8260e79cbfa29fb38d79f769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81803
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 May 2023 07:15:34 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 90ms
81ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=325824960&t=pageview&_s=1&dl=https%3A%2F%2Fweb.newton.co%2Fr%2FKDKZDD&ul=en-us&de=UTF-8&dt=Newton&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=204159016&gjid=1546210582&cid=1174920808.1683702934&tid=UA-117436166-4&_gid=895314087.1683702934&_r=1&gtm=457e3580&jsscut=1&z=472310596

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 May 2023 07:15:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://web.newton.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-main-045c15a.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 2259 1 MB
300 KB 78ms
78ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-045c15a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b288b6208cc6323cad302f11a9fd9834ffb805697a0a0bf470b8d755e64790c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:34 GMT
x-amz-version-id: OF603kM6JheN1drlFuNSgbvf38TOXoYk
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4ASFS70JKE9BKYXC
age: 451999
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: kSkHTY5VoAUGlES3/iDjAA2QHMiZR2jZcu0iNO7yuO/bRUFaKorOYkKaynDD5z8XBCiEbTFevLAvsJtTV30CBw==
last-modified: Fri, 05 May 2023 01:14:49 GMT
server: cloudflare
etag: W/"f39832e8ba6f55355f7b1fa431b62614"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKWzaamJtD4U0NAHgjgIyMocLktyOLbqrKfgG6%2Bgf67z212hfKmxSapXyVYwx5k4%2FUlCZe37nxZ0rsNPoUwwgZyISSjTatrqrbYXUpMlV%2FAqzlsDKGfWVqoaRGtplllxyTj8Lv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7c50644b5efcd973-HEL
expires: Sat, 04 May 2024 01:14:48 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 243ms
78ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-117436166-4&cid=1174920808.1683702934&jid=204159016&gjid=1546210582&_gid=895314087.1683702934&_u=aEDAAUAAAAAAACAAI~&z=1098133794

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 10 May 2023 07:15:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://web.newton.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 147ms
45ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P96X8NW2S4&gtm=45je3580&_p=325824960&_gaz=1&cid=1174920808.1683702934&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683702934&sct=1&seg=0&dl=https%3A%2F%2Fweb.newton.co%2Fr%2FKDKZDD&dt=Newton&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P96X8NW2S4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 07:15:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://web.newton.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 162ms
78ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P96X8NW2S4&cid=1174920808.1683702934&gtm=45je3580&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P96X8NW2S4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 07:15:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://web.newton.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
408 B 285ms
96ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P96X8NW2S4&cid=1174920808.1683702934&gtm=45je3580&aip=1&z=1307523025

Requested by

Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 07:15:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us-json-045c15a.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 2259 25 KB
6 KB 68ms
68ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-045c15a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-045c15a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b1e453d0d95718e19766d3023ea82dc059f728f3b112b7980773c109ac0bd31

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:34 GMT
x-amz-version-id: XVMb8ZsqSEAhcXLM3CAPrV3WIa4.AAgK
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: C6EZ4K51H7010C6Y
age: 451982
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Cc/5YedcXqRYSi1f66q1+PEe5CesQ25vMtdBVIp9/G3mEHIBOq4hEsFCILKeAIppH/O+rRc6tyI=
last-modified: Fri, 05 May 2023 01:14:51 GMT
server: cloudflare
etag: W/"89b68f56c96d15075b04b0ea633eabf1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BGjmPWhvMvLXIRL7y8wBfw0js3%2B3ZU9lH1BKQXf0nTlLAGr0r6rN%2BXv9%2BscTQXb%2Ff9kWbXBqpRbyI4bq5AGex8ibVDP3ozFRQieP6EkprtJehbYON3RgrwzMeIm1UWaaDRo0uU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7c50644e4d9dd973-HEL
expires: Sat, 04 May 2024 01:14:50 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 256ms
91ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-117436166-4&cid=1174920808.1683702934&jid=204159016&_u=aEDAAUAAAAAAACAAI~&z=1232035240

Requested by

Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 07:15:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
107 B 98ms
97ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-117436166-4&cid=1174920808.1683702934&jid=204159016&_u=aEDAAUAAAAAAACAAI~&z=1232035240

Requested by

Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 07:15:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index-bf4a5b16.js Show response
web.newton.co/assets/ 4 KB
2 KB 500ms
499ms Script
application/javascript 13.32.99.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.newton.co/assets/index-bf4a5b16.js

Requested by

Host: web.newton.co
URL: https://web.newton.co/assets/index-d1e70271.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-125.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1f4ebf2d60184bb8b80f121a9fbfa09c1dbf80f9926bb30376f4669fb8edb693

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://web.newton.co
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 1690
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 04 May 2023 18:29:24 GMT
server: AmazonS3
etag: "53a77d664a9f359d3dd0d671c6a0bf08"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
feature-policy: geolocation *
x-frame-options: SAMEORIGIN
accept-ranges: bytes
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: W8lsA911-dJ65aaf17i6wTz2C0B-IvUd66qsNkH05hJQDcVgDDaH1w==

GET
H2 200 Checkbox-2b2b4b1b.js Show response
web.newton.co/assets/ 532 B
1 KB 537ms
533ms Script
application/javascript 13.32.99.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.newton.co/assets/Checkbox-2b2b4b1b.js

Requested by

Host: web.newton.co
URL: https://web.newton.co/assets/index-d1e70271.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-125.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e2d0549d024de8be97e90eb48427066d8f48278be39fa3b03f21abdc23ce3945

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://web.newton.co
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 532
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 04 May 2023 18:29:08 GMT
server: AmazonS3
etag: "1b4b27ac4f3176c6b087e720f3e23e54"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
feature-policy: geolocation *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: flt4ASRQkXH3QedxcLz7Tp4L4U2F_bKEu9dbw_xicIIn3rWRgr_Nyw==

GET
H2 200 Checkmark-53bd057f.js Show response
web.newton.co/assets/ 2 KB
1 KB 512ms
511ms Script
application/javascript 13.32.99.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.newton.co/assets/Checkmark-53bd057f.js

Requested by

Host: web.newton.co
URL: https://web.newton.co/assets/index-d1e70271.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-125.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6f7d9f00040b3f0720c5220f39b25ad4c3bf84b677a0d52f819faff0034a98f5

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://web.newton.co
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 793
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 04 May 2023 18:29:21 GMT
server: AmazonS3
etag: "07a886857dddb0f86102ac4a078fe72f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
feature-policy: geolocation *
x-frame-options: SAMEORIGIN
accept-ranges: bytes
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 8vMKs4CdhdGvzCa5b7acsbEAxaW4Ol_J0-wTe7yHm6X8cSMa2o24VQ==

GET
H2 200 styled-7140dcb3.js Show response
web.newton.co/assets/ 3 KB
2 KB 485ms
485ms Script
application/javascript 13.32.99.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.newton.co/assets/styled-7140dcb3.js

Requested by

Host: web.newton.co
URL: https://web.newton.co/assets/index-d1e70271.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-125.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0d017cbfd733b7f1c06e0ee23e0607e42c4da93b671a359a27336ce01d7af3f9

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://web.newton.co
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 1094
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 04 May 2023 18:29:24 GMT
server: AmazonS3
etag: "509a2631ace198bc58c1b365b0ba4580"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
feature-policy: geolocation *
x-frame-options: SAMEORIGIN
accept-ranges: bytes
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: HYIRVxNEU8X1sC7Gu8wzgIJy2UnNfeDDFx-80yRLPhfeCTDtpifMtA==

GET
H2 200 Link-c21ae3ab.js Show response
web.newton.co/assets/ 158 B
863 B 468ms
468ms Script
application/javascript 13.32.99.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.newton.co/assets/Link-c21ae3ab.js

Requested by

Host: web.newton.co
URL: https://web.newton.co/assets/index-d1e70271.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-125.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b9775967eff5e898bcc9ebbf402b57bce8b9c68a2a48fbe0a2c5c0f1d7d2a866

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://web.newton.co
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 158
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 04 May 2023 18:29:10 GMT
server: AmazonS3
etag: "c3c4f58c8f43855adf8f6bb414882b24"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
feature-policy: geolocation *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: sh-iiY2Ny2G9wDX0YAOKnuTjXHINB1FMnR0kdNOZp1IYqEG2sDYFqA==

GET
H2 200 Trans-176261e6.js Show response
web.newton.co/assets/ 9 KB
4 KB 521ms
521ms Script
application/javascript 13.32.99.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.newton.co/assets/Trans-176261e6.js

Requested by

Host: web.newton.co
URL: https://web.newton.co/assets/index-d1e70271.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-125.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8c6cb7ba690c73d38610d4243f4a17989a566bf78ba666935dc8efa855567888

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://web.newton.co
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 3249
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 04 May 2023 18:29:23 GMT
server: AmazonS3
etag: "1dfe0f33034c642bf21a370a216c25ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
feature-policy: geolocation *
x-frame-options: SAMEORIGIN
accept-ranges: bytes
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: S5R0h7X4-LO8wQkasX01uxcE9bIx9YqV3LFBrRIPnW9LDENq-4mCYw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 79ms
79ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=325824960&t=pageview&_s=1&dl=https%3A%2F%2Fweb.newton.co%2Fr%2FKDKZDD&dp=%2Fr&ul=en-us&de=UTF-8&dt=Newton&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1926770273&gjid=2029838481&cid=1174920808.1683702934&tid=UA-117436166-4&_gid=895314087.1683702934&_r=1&_slc=1&z=1572991127

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 May 2023 07:15:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://web.newton.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 eyJraW5kIjoidXNlciIsImtleSI6ImktbG92ZS1teS1qb2IiLCJhbm9ueW1vdXMiOnRydWV9
clientstream.launchdarkly.com/eval/6268532b65193d15716995ce/ 731 B
0 574ms
379ms EventSource
text/event-stream 3.33.235.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/6268532b65193d15716995ce/eyJraW5kIjoidXNlciIsImtleSI6ImktbG92ZS1teS1qb2IiLCJhbm9ueW1vdXMiOnRydWV9

Requested by

Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.235.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aa1ba9bef7b18c265.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:15:35 GMT
strict-transport-security: max-age=31536000
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-content-length
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 78ms
77ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-117436166-4&cid=1174920808.1683702934&jid=1926770273&gjid=2029838481&_gid=895314087.1683702934&_u=aEDAAUABAAAAACAAI~&z=2116496359

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 10 May 2023 07:15:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://web.newton.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 85ms
84ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-117436166-4&cid=1174920808.1683702934&jid=1926770273&_u=aEDAAUABAAAAACAAI~&z=509741361

Requested by

Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 07:15:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.fi/ads/ 42 B
63 B 112ms
112ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-117436166-4&cid=1174920808.1683702934&jid=1926770273&_u=aEDAAUABAAAAACAAI~&z=509741361

Requested by

Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 07:15:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
305 B 713ms
382ms Fetch
application/json 2600:1f18:24e6:b900:9d24:e015:bfa6:1472
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.42.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Anewton-web%2Cversion%3A1.0.0&dd-api-key=pub30185e6ff53f2eb54b49e0fb693ac8a2&dd-evp-origin-version=4.42.0&dd-evp-origin=browser&dd-request-id=1c2c76ff-7601-4eab-a8f8-54acb638091b&batch_time=1683702935130

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:9d24:e015:bfa6:1472 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

5a45feff6562bbb2ef176eb6f938f8700840a641e146678db407317c0e9b2c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 10 May 2023 07:15:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

OPTIONS
H2 204 6268532b65193d15716995ce
events.launchdarkly.com/events/diagnostic/ Frame 0
0 493ms
157ms Preflight 52.7.139.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/6268532b65193d15716995ce

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.139.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-139-47.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://web.newton.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Wed, 10 May 2023 07:15:35 GMT
strict-transport-security: max-age=31536000

POST
H2 202 6268532b65193d15716995ce Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 163ms
163ms XHR
application/json 52.7.139.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/6268532b65193d15716995ce

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.139.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-139-47.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.0
accept-language: fi-FI,fi;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 10 May 2023 07:15:35 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H2 200 vexx5uo9 Show response
widget.intercom.io/widget/ 7 KB
3 KB 617ms
456ms Script
application/javascript 13.224.189.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/vexx5uo9
Requested by: Host: web.newton.co
URL: https://web.newton.co/r/KDKZDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-49.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef2623832b84d5fe1a6b0a0d2bab51b160f77d0d343ea784875588004325f4e1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: 9HpTLey3VNy5taqD.WRIrl9Nz.2Kg1fs
content-encoding: gzip
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
date: Wed, 10 May 2023 07:10:50 GMT
x-amz-cf-pop: FRA2-C1
age: 598
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2679
last-modified: Tue, 09 May 2023 15:24:52 GMT
server: AmazonS3
etag: "7f5966638c053a52c7561099329dd769"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: F1Hm390AZahAATK6Jnrq6nva-sU--I8iaEPuukm5JDYYekIsROLeHQ==

GET
H2 200 frame-modern.7d7bce00.js Show response
js.intercomcdn.com/ Frame 2C0A 479 KB
134 KB 257ms
84ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.7d7bce00.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/vexx5uo9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a2e48ee7a7a6d20e3dbdd92680faf4130f375a9531cf6c83ef9d24f1993bb68f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: LalHkxyB5A0XWmuw8AlXF1s_zg3BIgEE
content-encoding: gzip
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
date: Wed, 10 May 2023 05:24:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 6640
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 136854
last-modified: Tue, 09 May 2023 15:23:03 GMT
server: AmazonS3
etag: "4cc09b4572a2f03ce2f7ad6c95dbeca4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: TkdjEZot2YeiQ5OEfj2Tbuul9863UukD2S2QUfaDSTBdZukckoqPsw==

GET
H2 200 vendor-modern.0d75a5a7.js Show response
js.intercomcdn.com/ Frame 2C0A 236 KB
73 KB 412ms
239ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.0d75a5a7.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/vexx5uo9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a3612d41edf50265879d4ef2ca9404ffe0c6a64d0b459eb1094c54a37672694e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: gBFJli29DV3zuaW1XMekR3Oh1S_ZWFJU
content-encoding: gzip
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
date: Wed, 10 May 2023 05:52:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 4958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74264
last-modified: Fri, 05 May 2023 15:22:47 GMT
server: AmazonS3
etag: "2135eb0bd1afd52d7bc48f2b603f7182"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: tuAT2ppRvh7AvY5rf3GthUJZev5JqHisfNBE7Y6e3jHGA2LYtKBj4w==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 2C0A 5 KB
3 KB 728ms
418ms XHR
application/json 52.201.183.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7d7bce00.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.201.183.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-183-245.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b943044e2a53125610a099eca2f83ff31b62d4db9cd449a11c572203104e8e87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 10 May 2023 07:15:37 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0fa60d636030eae18
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 004hvr9qc050g3e4l640
x-runtime: 0.226803
server: nginx
etag: W/"b943044e2a53125610a099eca2f83ff3"
x-ratelimit-remaining: 66663
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://web.newton.co
x-intercom-version: 614ecef46672d62829543ebd8b610e7a6393ce1a
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1683702940
x-ratelimit-limit: 66666
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

OPTIONS
H2 204 6268532b65193d15716995ce
events.launchdarkly.com/events/bulk/ Frame 0
0 156ms
156ms Preflight 52.7.139.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/6268532b65193d15716995ce

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.139.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-139-47.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://web.newton.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Wed, 10 May 2023 07:15:37 GMT
strict-transport-security: max-age=31536000

POST
H2 202 6268532b65193d15716995ce Show response
events.launchdarkly.com/events/bulk/ 0
344 B 159ms
159ms XHR
application/json 52.7.139.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/6268532b65193d15716995ce

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.139.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-139-47.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID: 76526dc0-ef02-11ed-96a9-853d1d4cf70a
X-LaunchDarkly-Event-Schema: 4
accept-language: fi-FI,fi;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json
Referer
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.0

Response headers

date: Wed, 10 May 2023 07:15:37 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 46ms
45ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P96X8NW2S4&gtm=45je3580&_p=325824960&cid=1174920808.1683702934&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1683702934&sct=1&seg=0&dl=https%3A%2F%2Fweb.newton.co%2Fr%2FKDKZDD&dt=Newton&en=scroll&epn.percent_scrolled=90&_et=10
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P96X8NW2S4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 07:15:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://web.newton.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
web.newton.co/r	1970-01-20 20:27:18	Name: ipqsd Value: 183233983184646620
.newton.co/	1970-01-20 20:27:18	Name: mp_a0575958bb78e8e7ebf5d813fa3c70e6_mixpanel Value: %7B%22distinct_id%22%3A%20%221880483e8542c2-04802042c1b613-13313170-1d4c00-1880483e8557d6%22%2C%22%24device_id%22%3A%20%221880483e8542c2-04802042c1b613-13313170-1d4c00-1880483e8557d6%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.newton.co/	1970-01-20 11:43:09	Name: _gid Value: GA1.2.895314087.1683702934
.web.newton.co/	1970-01-20 21:17:42	Name: device_id_1683702934 Value: DXDGBpN8DB-1683702934
.newton.co/	1970-01-20 11:41:42	Name: _gat_gtag_UA_117436166_4 Value: 1
.newton.co/	1970-01-20 21:17:42	Name: _ga Value: GA1.1.1174920808.1683702934
.newton.co/	1970-01-20 21:17:42	Name: _ga_P96X8NW2S4 Value: GS1.1.1683702934.1.0.1683702934.60.0.0
api.newton.co/	1970-01-20 11:51:47	Name: AWSALBTG Value: 0Po9mreDG4ShohtxIifxXxVua5i+X8BztlgWKWCdudU8fXsThBrEJICOElqVkT8CEOapElsgU4djsCWcwGj7LCGawMwPhKc9uyWA8pMRJOk3FBZMCuCKypt3hLJV80aNhhOUVFR6cCbvWOY+seENTb7F/bxR3/7I6/mirE8bG1m3
api.newton.co/	1970-01-20 11:51:47	Name: AWSALBTGCORS Value: 0Po9mreDG4ShohtxIifxXxVua5i+X8BztlgWKWCdudU8fXsThBrEJICOElqVkT8CEOapElsgU4djsCWcwGj7LCGawMwPhKc9uyWA8pMRJOk3FBZMCuCKypt3hLJV80aNhhOUVFR6cCbvWOY+seENTb7F/bxR3/7I6/mirE8bG1m3
.newton.co/	1970-01-20 11:41:57	Name: sessionid Value: hqzsqnnta6iqys0zbvypuntcjl4s73ai
.newton.co/	1970-01-20 11:41:42	Name: _gat Value: 1
.newton.co/	1970-01-20 18:10:32	Name: intercom-id-vexx5uo9 Value: e354d855-f08e-49f6-b276-c279109833d5
.newton.co/	1970-01-20 11:51:47	Name: intercom-session-vexx5uo9 Value:
.newton.co/	1970-01-20 18:10:32	Name: intercom-device-id-vexx5uo9 Value: dc136947-f401-4764-8205-51feb78d3826
web.newton.co/	1970-01-20 11:41:43	Name: _dd_s Value: logs=1&id=1a86c29a-ee00-4c50-9c6f-d1647d641e0b&created=1683702933917&expire=1683703833980&rum=2

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://web.newton.co/r/KDKZDD Message: [.WebGL-0x29f0009eaa00]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels
rendering	warning	URL: https://web.newton.co/r/KDKZDD Message: [.WebGL-0x29f002bc5500]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.newton.co
app.launchdarkly.com
clientstream.launchdarkly.com
ekr.zdassets.com
events.launchdarkly.com
fn.eu.ipqualityscore.com
js.intercomcdn.com
newton-webapp-static-assets.s3.ca-central-1.amazonaws.com
newtoncrypto.zendesk.com
region1.analytics.google.com
rum.browser-intake-datadoghq.com
static.zdassets.com
stats.g.doubleclick.net
web.newton.co
web.tradenewton.com
widget.intercom.io
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.google.fi
www.googletagmanager.com
www.ipqualityscore.com
104.16.53.111
104.18.70.113
13.224.189.49
13.225.83.103
13.32.99.125
15.222.108.172
151.101.66.217
18.66.121.12
18.66.147.5
2001:4860:4802:34::36
2600:1f18:24e6:b900:9d24:e015:bfa6:1472
2606:4700:20::681a:23c
2a00:1450:4001:80b::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c07::9a
2a01:4f8:13b:188b::2
3.33.235.18
52.201.183.245
52.7.139.47
52.95.146.250
099bd9867467f5ad904780b6a1c2a93aaa54e869c4ffec16f12878cd9bce907a
0d017cbfd733b7f1c06e0ee23e0607e42c4da93b671a359a27336ce01d7af3f9
1f4ebf2d60184bb8b80f121a9fbfa09c1dbf80f9926bb30376f4669fb8edb693
21d2ea81f22f44525f201ad9f4702029e0b2bfe65d5a2b534104dbe4b2346bbe
27c79336a6c26b1c9dc7d7dbdd24c3bb47bfc55d150f58608f7267ea4649149e
2893d81424bea568a7070c4288163c05c53f7d16f1f8a54241e6152a030a33a3
2dfb18dacb0439afab3903e8e23e00a28360488254b313fbb793e6bd4d80a103
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
3151d97e7769dc320ba879f5f3e86040828b4f2cc4a022d0944c2d669e3cb357
39c5d1ed54e49102939d0280aeb20f01ef021bf5ffa74dc25fcafb43fce62ff3
4b1e453d0d95718e19766d3023ea82dc059f728f3b112b7980773c109ac0bd31
4b288b6208cc6323cad302f11a9fd9834ffb805697a0a0bf470b8d755e64790c
4d32992c75f13c6f0c136dad20ae4bca8b79b713c6a04d20f74fda75888f621d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
56e0823b7374c2c6f55f1ca725a9a80e002f0d0d10c0a00de505adf8aa7f3aa6
5a45feff6562bbb2ef176eb6f938f8700840a641e146678db407317c0e9b2c4c
6720e25340d7335e18866f1ec15be93d2d5006ab11a97479034167c7e00b19e4
6f7d9f00040b3f0720c5220f39b25ad4c3bf84b677a0d52f819faff0034a98f5
80069c7b50bc805eea63a9003d8d6189042bbd6cb4e0859fb7cc73825f835c26
8c6cb7ba690c73d38610d4243f4a17989a566bf78ba666935dc8efa855567888
8d12d4f49a45af5a2e155fd07dc8f9c2596b1f0b8260e79cbfa29fb38d79f769
a2e48ee7a7a6d20e3dbdd92680faf4130f375a9531cf6c83ef9d24f1993bb68f
a3612d41edf50265879d4ef2ca9404ffe0c6a64d0b459eb1094c54a37672694e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1d227f77b5f85b92b777cb77a3fed7623f95978c7bc787af2fcf2023575b241
b64f1b50b676652ad9862501805156846dde7b81074e06c4d1a0741bea554c27
b943044e2a53125610a099eca2f83ff31b62d4db9cd449a11c572203104e8e87
b9775967eff5e898bcc9ebbf402b57bce8b9c68a2a48fbe0a2c5c0f1d7d2a866
b9b7bb5996a883bc2e67ef09146662851fad4cdafbb8ffdec19e805d72c622f4
c9dbf33013effe3dfdb3e6542949f8067386b0701d40763f9ed972a49f231bee
cd6814ad85652b8583282963c6756075fe09a6276130db2d28ce42f953351d3e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2d0549d024de8be97e90eb48427066d8f48278be39fa3b03f21abdc23ce3945
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2623832b84d5fe1a6b0a0d2bab51b160f77d0d343ea784875588004325f4e1
ef9997709a9b41df3a71bb505f8dd577e8077e5a73091285356e4435c9bfa636
f5d01aaa56368e7e9640b3d536d89ebe3fbd83fc781d81ddb2d5703adb908602

web.newton.co Open in urlscan Pro 13.32.99.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

41 %IPv6

16 Domains

23 Subdomains

21 IPs

5 Countries

1553 kBTransfer

5542 kBSize

15 Cookies

3 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

web.newton.co Open in urlscan Pro
13.32.99.125 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

41 %
IPv6

16
Domains

23
Subdomains

21
IPs

5
Countries

1553 kB
Transfer

5542 kB
Size

15
Cookies

55 HTTP transactions
0 data transactions