www.headlinesplus.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.headlinesplus.com/
Submission: On November 28 via manual (November 28th 2022, 11:55:26 pm UTC) from US — Scanned from NL

Summary HTTP 85 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 23 domains to perform 85 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.headlinesplus.com. The Cisco Umbrella rank of the primary domain is 509199.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 17th 2022. Valid for: a year.

This is the only time www.headlinesplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	63.241.25.250 63.241.25.250	4266 (CERNET-AS...) (CERNET-ASN-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
9	2606:4700:303... 2606:4700:3037::ac43:b9ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
9	54.194.226.232 54.194.226.232	16509 (AMAZON-02) (AMAZON-02)
8	52.51.126.33 52.51.126.33	16509 (AMAZON-02) (AMAZON-02)
4	104.26.5.33 104.26.5.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3032::ac43:b6da	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::ac43:8b27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
4	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
2	3.248.128.187 3.248.128.187	16509 (AMAZON-02) (AMAZON-02)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
85	26

8 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.headlinesplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.241.25.250 (United States)

ASN4266 (CERNET-ASN-BLOCK, US)

cme3-api.phunware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3037::ac43:b9ba (United States)

ASN13335 (CLOUDFLARENET, US)

adserver.publir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.194.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-232.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.51.126.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com

yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.26.5.33 (United States)

ASN13335 (CLOUDFLARENET, US)

thepoliticalinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.boundingintosports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::ac43:b6da (United States)

ASN13335 (CLOUDFLARENET, US)

www.themix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:8b27 (United States)

ASN13335 (CLOUDFLARENET, US)

boundingintocomics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.128.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-128-187.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 8928 trends.revcontent.com — Cisco Umbrella Rank: 2094 images.revcontent.com — Cisco Umbrella Rank: 10141 yeet.revcontent.com — Cisco Umbrella Rank: 10442	132 KB
9	publir.com adserver.publir.com — Cisco Umbrella Rank: 563101	229 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 434 mug.criteo.com — Cisco Umbrella Rank: 1897	3 KB
8	headlinesplus.com www.headlinesplus.com — Cisco Umbrella Rank: 509199	683 KB
4	themix.net www.themix.net — Cisco Umbrella Rank: 739386	962 KB
4	thepoliticalinsider.com thepoliticalinsider.com — Cisco Umbrella Rank: 549976	210 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 454	787 B
2	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1951	641 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 554	1 KB
2	33across.com lexicon.33across.com — Cisco Umbrella Rank: 3151	366 B
2	boundingintocomics.com boundingintocomics.com — Cisco Umbrella Rank: 355218	1 MB
2	boundingintosports.com www.boundingintosports.com — Cisco Umbrella Rank: 985039	122 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 635	129 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	203 B
2	phunware.com cme3-api.phunware.com — Cisco Umbrella Rank: 762252	6 MB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	112 KB
2	adnxs.com acdn.adnxs.com — Cisco Umbrella Rank: 764 ib.adnxs.com — Cisco Umbrella Rank: 276	4 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1166	368 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	75 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	1 KB
0	rlcdn.com Failed api.rlcdn.com Failed
0	Failed function sub() { [native code] }. Failed
85	23

	Domain	Requested by
9	trends.revcontent.com	assets.revcontent.com
9	adserver.publir.com	www.headlinesplus.com adserver.publir.com
8	yeet.revcontent.com	assets.revcontent.com
8	www.headlinesplus.com	www.headlinesplus.com
4	mug.criteo.com
4	gum.criteo.com	2 redirects
4	www.themix.net
4	thepoliticalinsider.com
4	assets.revcontent.com	adserver.publir.com assets.revcontent.com
3	fonts.gstatic.com	fonts.googleapis.com
2	match.adsrvr.org	ads.pubmatic.com
2	id.crwdcntrl.net	ads.pubmatic.com
2	id5-sync.com	ads.pubmatic.com
2	lexicon.33across.com	ads.pubmatic.com
2	boundingintocomics.com
2	www.boundingintosports.com
2	images.revcontent.com
2	ads.pubmatic.com	assets.revcontent.com
2	www.facebook.com
2	cme3-api.phunware.com	www.headlinesplus.com
2	connect.facebook.net	www.headlinesplus.com connect.facebook.net
2	region1.google-analytics.com	www.googletagmanager.com
1	ib.adnxs.com
1	acdn.adnxs.com	www.headlinesplus.com
1	www.googletagmanager.com	www.headlinesplus.com
1	fonts.googleapis.com	www.headlinesplus.com
0	api.rlcdn.com Failed	ads.pubmatic.com
0	article Failed	www.headlinesplus.com
85	28

This site contains links to these domains. Also see Links.

Domain
adserver.publir.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-17` - `2023-02-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-07` - `2022-12-06`	3 months	crt.sh
*.phunware.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-31` - `2023-01-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
publir.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
assets.revcontent.com R3	`2022-11-13` - `2023-02-11`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
revcontent.com Amazon	`2022-06-16` - `2023-07-16`	a year	crt.sh
images.revcontent.com R3	`2022-11-06` - `2023-02-04`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-10-24` - `2023-01-22`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 3 frames:

Frame: headlinesplus://article
Frame ID: C941DD7D391DFBBF8B3C13208B838D7E
Requests: 46 HTTP requests in this frame

Frame: https://assets.revcontent.com/master/delivery.js
Frame ID: BA05FFB013C1520AADDEBE31E7398F41
Requests: 18 HTTP requests in this frame

Frame: https://assets.revcontent.com/master/delivery.js
Frame ID: 571FEECE6D59045346D4F8CC0F3823F6
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Headlines PlusDownload Headlines Plus AppDownload Headlines Plus AppClick to sort by category

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

85
Requests

95 %
HTTPS

52 %
IPv6

23
Domains

28
Subdomains

26
IPs

4
Countries

10464 kB
Transfer

11817 kB
Size

12
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://adserver.publir.com/www/delivery/cl.php?bannerid=18&zoneid=5&sig=96399818556d2d0152838917672aca1a95eca8a86a4eea43e1f1a813bcfdc291&dest=https%3A%2F%2Fwww.fourseasons.com%2F

Search URL Search Domain Scan URL

URL: https://adserver.publir.com/www/delivery/cl.php?bannerid=17&zoneid=6&sig=fb59eb202c8111788f336eb6d9bdca29f8b2cd03c45425575ccf0b138c5b7dd6&dest=https%3A%2F%2Fwww.dior.com%2Fen_us%2Fmens-fashion%2Fsummer-2022-collection

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.headlinesplus.com%2F&domain=www.headlinesplus.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=e2WKEHw4blZlREk1a2lPc0k1WVFBUTVaMm9TNUF2cERGM3Q1R3FRcndWbmZkV3NYaDdFQ0Rja0dibHVod09KajF2dXVtYkw3TTZPTVJaVW4rbnpaM01yTHlXaVJmc0VBYXJUK2lRTFptV1ZZYVYrWEdiRlpRaG5lSHNheVBUMkUwTkFSaVV4VGwxeS9uVXlRdWp0QmdiQXNsNE5MeFZZdDJHYWF5d3hZMWl1VTFzTXkvY0RUdmE5OVhYQTNCbmJqaTBxL3hya1FQRDBrd0FZUytyU2Q1N0RhWEhHL2I1czY4RmYrNDFWaldQK2UrRlNpOXVrSE8vMU1NWFZoWDZRRElZMGhlfA&cppv=2

Request Chain 82

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.headlinesplus.com%2F&domain=www.headlinesplus.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=JaA_pnxUM2NxN3FYanVNMEF1MUxpckpxL1lCSzJXczFWa3JuQVRPMHlCYzEvd0lMTjM1VlJ4SkZ1Y3h3cURKMlRhTm5xNXVjbExFaGxDNHp3VXlzMXlTU0dOdVI4YlByN1BUSk9vMFQ0Y3g5a0FvUGdVZFd2amRMeVNSWHhzd0JGZnBvbkJFUlZMZnBHSVZ4VHNzZ0gzbktmVEgxUGxBQVZKYnkxY3lhc3k3ckhRSVo1U2kySTJ2ZkdXME9Hdk5DbVQvNGI3OTljZ0s4SEhtL0tscjRNWTB2U0hEMFZDRlBLZm5TalVuUjBFejdQbUVzMk1jMkR0bWFkTjBndXpydDFoN29lfA&cppv=2

85 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.headlinesplus.com/ 5 KB
3 KB 463ms
396ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.headlinesplus.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa0d4e3884b058fcaf4c5170c2beb207e0a5345ba012db14f4bef18be668f834

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=60, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 771708083fbdb7ae-AMS
content-encoding: br
content-type: text/html
date: Mon, 28 Nov 2022 23:54:54 GMT
last-modified: Wed, 24 Aug 2022 13:47:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUhh3UZan2mCWbmzUYORCfq4RJEYBezzEtHrvbHbOh%2FDGLBx8lFKJcGhAuY1IL%2FXfSWJXuMKNrGlk0ffaLcJW0wxeDvfkUayrlwglhNM3u9WEYQ6fjQNUojGXmhGpEcL6DvKd7BCdh01gikPA%2BhIbvLylAg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: QnXNevPp6KXLc4h6BM0bYSSw/pNI+Iu4pEWR9eCZ0QwR79AqW9ZHGQpO5nm3scaggyJ6PVnjbeU=
x-amz-request-id: 1ZZPH4MJ097EXTTX
x-amz-version-id: ZaSOV08XyEIWI38mFoj4RoAxOw8diP2p

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 197ms
59ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Requested by

Host: www.headlinesplus.com
URL: https://www.headlinesplus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7dd05a523eb59989b0fc083c70ee213d845dd0f67d978a4295b7ac6d97bce6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 23:54:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 22:18:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 23:54:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
75 KB 122ms
50ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TZ0NB3RCB4

Requested by

Host: www.headlinesplus.com
URL: https://www.headlinesplus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32385a5884d718b9b4e792d2d1c01d582997b9f256724c1068bee6e473e4d612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75970
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Nov 2022 23:54:54 GMT

GET
H2 200 main.6dea0f05.chunk.css
www.headlinesplus.com/static/css/ 362 B
693 B 411ms
410ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.headlinesplus.com/static/css/main.6dea0f05.chunk.css
Requested by: Host: www.headlinesplus.com
URL: https://www.headlinesplus.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30df240fbcb2c562b3cdc57ae479575c842bd908977a1b39bcfc903a0bc13a89

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:54 GMT
x-amz-version-id: LL6Gy.D3_pxqFXJa2.IMeL3S4LylP_Pv
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QFY9XXMA1QPD1PEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: eA4prugrLisi/kNgNxWROsWw9KlBk4dMjnRgQwLu3VbVlDwwxx1auNGyQ00JTN3I5sWsfTDTXw0=
last-modified: Wed, 24 Aug 2022 13:47:19 GMT
server: cloudflare
etag: W/"a1a3cc0afead28e321729d7bf23a0190"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PtHUUFSpQebLRQLo4sl8Z19vecKw5Pm8nAkjml2658rNuYNduXnTwoRebTYeJakbU%2FQoHpAC5Vij%2F%2FJhUuU0v1HWMmzz7uzJeYJKfOgHMnvOZY%2FvaebNGA%2B7UdbKfx0uJRBRi80OPo7CJnNzalx%2Fbs3SjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400, must-revalidate
cf-ray: 7717080ab8ecb7ae-AMS

GET
H2 200 2.4659483e.chunk.js Show response
www.headlinesplus.com/static/js/ 330 KB
111 KB 413ms
412ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.headlinesplus.com/static/js/2.4659483e.chunk.js
Requested by: Host: www.headlinesplus.com
URL: https://www.headlinesplus.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ac5df461e9a90705166ec96238da382894e076eee5b1941fd44024af8b4d301

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:54 GMT
x-amz-version-id: QnGIbTzOW9jfruQP5aoJYuUFndmCMjUU
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QFY8V9MBH2XM6FJ1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 2y1AN6Hd1uHX8vxQ+5Elo5z8CX5xKPRdV8p+T7h5gx/Y5Kt545RUUmA5TbWAipbVWimJ+Z7Cnwo=
last-modified: Wed, 24 Aug 2022 13:47:19 GMT
server: cloudflare
etag: W/"73797dd03dab2104453458d14a16c584"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTh4836syziNzA3qA8WJoWlZlJBSUL08J12hXFjCHfANuztQAjtHs2L8pQVl5PApRQkkXbZ8rf65sNhy5jVz1Eoubs3yUz71%2B7b03soEnCdufrgGGVyQVd5NKvOHeV7y%2BKTCJdtgPTuZcM0mWIq37M%2Bym%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400, must-revalidate
cf-ray: 7717080ab8edb7ae-AMS

GET
H2 200 main.ab2dc881.chunk.js Show response
www.headlinesplus.com/static/js/ 217 KB
66 KB 355ms
354ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.headlinesplus.com/static/js/main.ab2dc881.chunk.js
Requested by: Host: www.headlinesplus.com
URL: https://www.headlinesplus.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08d1e8b17a3c4e28baa45e5993037c1dbe505f8a6cc04be2b637868628b7116c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:54 GMT
x-amz-version-id: zKTL6kBPUp54XbZWcnFWUu5vle.EgpbM
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PS2D8JQQR5XC1RAG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: cwKaCz+6KpRaEkqxbLuV41S8wS0yzQba9XheWKkFRaj8zMGypTSRG23MkyHazLDNFvABp3ru/Tk=
last-modified: Wed, 24 Aug 2022 13:47:19 GMT
server: cloudflare
etag: W/"9204854203be57ecfe91c92f024d57a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHWmhydxnPg%2BA%2FIZvQ4PR0vnL%2FFd1f09SOUpALKs51%2BixZo2zjz4uNqeDypVdp9zUOO4jvoHy7sVPFIp69l%2B1QLdv%2BH%2B9zFeXDV0YPiDvtpReFnFpl9gZg2aHw0BzzDatADhe%2FVrmffkz2Kzsjgf11BZl7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400, must-revalidate
cf-ray: 7717080ab8eeb7ae-AMS

POST
H2 204 collect
region1.google-analytics.com/g/ 0
351 B 81ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TZ0NB3RCB4&gtm=2oeb90&_p=385690606&cid=509345601.1669679695&ul=en-us&sr=1600x1200&_s=1&sid=1669679694&sct=1&seg=0&dl=https%3A%2F%2Fwww.headlinesplus.com%2F&dt=Headlines%20Plus&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TZ0NB3RCB4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 23:54:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.headlinesplus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 9 KB
4 KB 302ms
95ms Script
application/javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.headlinesplus.com
URL: https://www.headlinesplus.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Expires: Mon, 31 Oct 2022 05:58:51 GMT
Date: Mon, 28 Nov 2022 23:54:55 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 64506
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21930-LGA, cache-ewr18141-EWR
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1669679695.026136,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 3, 10102

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 128ms
43ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.headlinesplus.com
URL: https://www.headlinesplus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Nov 2022 23:54:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: skLTyUItHVawze1U/oe4WoX9OMdKB2HUveHuQ62r9R/+zIJBr+UKV3CKiJoEBahV0W/U/CMbg++SgE/PEYtqew==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1738759719797276 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 132ms
88ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1738759719797276?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d3f8cb3dd4bf027d328b66d2a964353f56dcfe558e0e8c185031c29b00ec6cd4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Nov 2022 23:54:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: lSulPXU+vyn1p6u+g9gqNMtnCKJwv83gcs0Sr4Qfrz/dJNmgu3/tlFfdXKbBSQwHyKVdNelIKS/pTyb0CLOLTQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET headlinesplus://article
headlinesplus://article 0
0

GET
H/1.1 200 categories Show response
cme3-api.phunware.com/v3.0/doc/Cc4fad736-f449-4c7d-8609-fe3c05da0a20/ 3 KB
4 KB 718ms
176ms XHR
application/json 63.241.25.250
CERNET-ASN-BLOCK

General

Check archive.org

Show headers Download Go to

Full URL

https://cme3-api.phunware.com/v3.0/doc/Cc4fad736-f449-4c7d-8609-fe3c05da0a20/categories

Requested by

Host: www.headlinesplus.com
URL: https://www.headlinesplus.com/static/js/2.4659483e.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.241.25.250 , United States, ASN4266 (CERNET-ASN-BLOCK, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

cecd9b05d7861e3eea63fd8a8714eeacf4e3511ef0890fd1256f5c2504f01202

Security Headers

Name	Value
Content-Security-Policy	default-src: https:
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	: 1;mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 23:54:55 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src: https:
Server: nginx/1.16.1
Referrer-Policy: no-referrer-when-downgrade
ETag: "085a882d-c23a-443b-bcb1-47563f4d8efb"
Transfer-Encoding: chunked
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json
Access-Control-Allow-Origin: https://www.headlinesplus.com
X-Frame-Options: sameorigin
Access-Control-Allow-Credentials: true
X-XSS-Protection: : 1;mode=block

GET
H/1.1 200 C6f1d4d69-1f7c-48d0-9549-53566c24ed4e
cme3-api.phunware.com/v3.0/doc/ 6 MB
6 MB 1018ms
475ms XHR
application/json 63.241.25.250
CERNET-ASN-BLOCK

General

Check archive.org

Show headers Download Go to

Full URL

https://cme3-api.phunware.com/v3.0/doc/C6f1d4d69-1f7c-48d0-9549-53566c24ed4e

Requested by

Host: www.headlinesplus.com
URL: https://www.headlinesplus.com/static/js/2.4659483e.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.241.25.250 , United States, ASN4266 (CERNET-ASN-BLOCK, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src: https:
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	: 1;mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 23:54:55 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src: https:
Server: nginx/1.16.1
Referrer-Policy: no-referrer-when-downgrade
ETag: "RXdNE98BMio+6wNxkITRUQ"
Transfer-Encoding: chunked
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json
Access-Control-Allow-Origin: https://www.headlinesplus.com
X-Frame-Options: sameorigin
Access-Control-Allow-Credentials: true
X-XSS-Protection: : 1;mode=block

GET
H3 200 logo_stacked.4723b4b1.svg
www.headlinesplus.com/static/media/ 27 KB
10 KB 387ms
386ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.headlinesplus.com/static/media/logo_stacked.4723b4b1.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b3feb5b0a2102645a864efdae810899a055db9e8d77508c0b415ae5b1f48a9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:55 GMT
x-amz-version-id: _RoK.aIQMZnnp.FsuDMlNiqsJ_W4te9P
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QQ04QZHEFXR0AQJW
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: qKwmqS7REaU3j55U44Y+66DXYV8tpMM178/Rdo7mqqWVePGp7qylWr6ulGbBlpMjxlB1Y9OIOcw=
last-modified: Wed, 24 Aug 2022 13:47:19 GMT
server: cloudflare
etag: W/"7156a6fa4fc5cd17c1d868e0d646705b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRro%2FnyRiufojxsE1s09TPgcLSMdfW4JTFY6THkWQMKvth48w%2Bd9Wh%2FuoReSALombuI5C1RTU3wNOoQcLOjTL4Paki%2F0ZlsKe8Jro3t30fyQtOFa0sFNIXcBrsDOfe3aLxS5sRMyZN6EcelTYgSHEV7yWjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400, must-revalidate
cf-ray: 7717080dfdc9b93e-AMS

GET
H3 200 animation_loading.1cca7f73.gif
www.headlinesplus.com/static/media/ 211 KB
211 KB 411ms
410ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.headlinesplus.com/static/media/animation_loading.1cca7f73.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ca1fdb824fc2a7a45ca7e510a5820ab6ead49ef9ac05ada18cb2db3a4970ab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:55 GMT
x-amz-version-id: zWplIV6eshXK0f3JNuYKK7QSx0ZkJGnT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QQ09SAN17BP91AE2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 215734
x-amz-id-2: SSdGVNM2ZPS5+bADweznHgLZ8DGi61bIOVoroqywIL7jN1erTrgM7Jsun9ZzmAcVcU0NvKz+LPo=
last-modified: Wed, 24 Aug 2022 13:47:19 GMT
server: cloudflare
etag: "f968743b9e6c21d00c09093f07403a7b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkfUsFDkojLgeS3H62LXEKDFWXqRRbSc9Qw2OtK6kALvoDEfXu5elWxFLaBs6QJav9odqZFK65LMeaRew6w5FavuWlht1ln6jwfPW1YC4%2Fl%2BJIqGeT0P1a2yd7vnyiMD6cbEax6Q%2BubIMYvnQnl0AMqe3pY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7717080dfdcbb93e-AMS

GET
H3 200 footer_background.577f27f3.png
www.headlinesplus.com/static/media/ 69 KB
70 KB 358ms
357ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.headlinesplus.com/static/media/footer_background.577f27f3.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13654dc4a6cc3e80ad362314675f9c6881db3dd5e36a6c0891ce4bee2c040450

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:55 GMT
x-amz-version-id: fCxt5kSRMgw1ecsgnE2qbqLHuuLv6Tly
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QQ0FPHD8S3FZV772
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70873
x-amz-id-2: g7bTyO8wRRtgW7zPne7IKJJZVU7jhSlHLv8LVxjCq952U7GKJx0xebXnsbdriAADk9NEOw6gggw=
last-modified: Wed, 24 Aug 2022 13:47:19 GMT
server: cloudflare
etag: "73e5f967c52074db814f043162b30db1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcJlecB4DhpckCngtpZ1GCjD2NdYz2pKIUpu8YOfRxGlVXC0isGFRmamjUnQ5YuPFpcJxTuIOspq4G24%2FEIFuvKV8UfRiNXzoY%2BpbTm8Th%2FJBA%2FtN9W9oP4YZRGV8pwY9Nkk8%2FUXaYKHTth5j5W4KnC%2FQN8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7717080dfdcfb93e-AMS

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 192ms
58ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.headlinesplus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 03:39:12 GMT
x-content-type-options: nosniff
age: 418543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 03:39:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 191ms
58ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.headlinesplus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 360760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 19:42:15 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
349 B 89ms
24ms Image
image/gif 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=acc35baf-66c2-4fae-9d17-bf6cd2396ee9&it=1669679695071&v=0.0.20&u=https%3A%2F%2Fwww.headlinesplus.com%2F&st=1669679695071&et=1669679695072&if=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 23:54:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.21.3
Connection: keep-alive
X-Proxy-Origin: 31.204.150.149; 31.204.150.149; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 122ms
41ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1738759719797276&ev=PageView&dl=https%3A%2F%2Fwww.headlinesplus.com%2F&rl=&if=false&ts=1669679695187&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669679695186.1360442856&it=1669679694948&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Nov 2022 23:54:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 asyncjs.php Show response
adserver.publir.com/www/delivery/ 4 KB
3 KB 386ms
309ms Script
text/javascript 2606:4700:3037::ac43:b9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.publir.com/www/delivery/asyncjs.php
Requested by: Host: www.headlinesplus.com
URL: https://www.headlinesplus.com/static/js/main.ab2dc881.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: 9b3ae8ef20681e91040bfb2f762d0e9a8d067ee6be4eb2842162b42bb0552e93

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.27
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znpyHPU7kg%2Fv7deue6tC2kW6gro42WfYe3ojrzob4GG6Xcvdr29EbFklANIBNUfkuoRW170RfEBKcGPoxsAYNXVbMuSx%2FMMyKpWqakBwgIY6JWvI7SFY1xXoBMR7z613K9r1J79ehlKcCbsrfTw0NmqB"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
expire: Tue, 29 Nov 2022 00:54:56 GMT
cf-ray: 77170814ad5a9b46-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 asyncspc.php Show response
adserver.publir.com/www/delivery/ 745 B
1 KB 360ms
313ms XHR
application/json 2606:4700:3037::ac43:b9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.publir.com/www/delivery/asyncspc.php?zones=12&prefix=revive-0-&loc=https%3A%2F%2Fwww.headlinesplus.com%2F
Requested by: Host: adserver.publir.com
URL: https://adserver.publir.com/www/delivery/asyncjs.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: a89539b9616f87a6e9d752f8b1e887d9ed1e66d36cb45a40af562840b8ec2307

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.27
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1YtjahDlSznXipKZG92A8x9z4umIxEJ4Q82XZJglBsdlA7AKXtcxJbvfrdgftwXr2ue1yyrelHkQOKVNgQ88oVD3E6%2B51xveia%2F%2FRdZ8c7TB5cGvfbs9x4yGuuz%2Bcc8LZnEsC94fJpWG8%2FpHFlivfZK"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.headlinesplus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 77170816f8ea917d-FRA
expires: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 90ms
41ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1738759719797276&ev=Microdata&dl=https%3A%2F%2Fwww.headlinesplus.com%2F&rl=&if=false&ts=1669679696693&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Headlines%20Plus%22%2C%22meta%3Adescription%22%3A%22Headlines%20Plus%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669679695186.1360442856&it=1669679694948&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Nov 2022 23:54:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ Frame BA05 156 KB
49 KB 95ms
29ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: adserver.publir.com
URL: https://adserver.publir.com/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: cbbd0c5a903d0e3b0b058cf6248d956d70e452cba831866b8161381896b4e923

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:56 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 21:14:59 GMT
server: AmazonS3
x-amz-request-id: XKC9KMND758DG1PF
etag: "6d1b2100c62614d53dc882993fbdddc7"
x-hw: 1669679696.cds269.am5.hn,1669679696.cds109.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 50095
x-amz-id-2: kjCRpSn7JdIZz+ByFZVuvg6MDnMTJpN0kXg6u3+Xo8L1+0Rjnn7Am4mibcL0/qdxECSkWxdzBfM=

GET
H3 200 lg.php
adserver.publir.com/www/delivery/ Frame BA05 43 B
646 B 133ms
133ms Image
image/gif 2606:4700:3037::ac43:b9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adserver.publir.com/www/delivery/lg.php?bannerid=13&campaignid=4&zoneid=12&loc=https%3A%2F%2Fwww.headlinesplus.com%2F&cb=e0c8db4140
Requested by: Host: www.headlinesplus.com
URL: https://www.headlinesplus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 23:54:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.27
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZu9fzftsHJk0ndcB6M%2Fr5UJm%2BQ7V69y55sKneW4hhWJ33eylcFooJ6m8r3j7y5XjdSbDVNDhxbVAjcFpYB76%2FA78fzQu8SRFHNkcDgClwpza%2F1EKaGoUptHX9tMsfKgSmHbzIkEGkqgCk0Nscjvz5i6"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 771708193be7917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ Frame BA05 210 KB
65 KB 118ms
32ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:57 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 20:34:20 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=160771
accept-ranges: bytes
content-length: 65523
expires: Wed, 30 Nov 2022 20:34:28 GMT

GET
H/1.1 200
OK / Show response
trends.revcontent.com/api/demand/ Frame BA05 52 B
401 B 198ms
58ms Fetch
text/html 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=268337

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-226-232.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

X-RC-Region: eu-west-1b
Date: Mon, 28 Nov 2022 23:54:57 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
Content-Type: text/html; charset=UTF-8
access-control-allow-origin: https://www.headlinesplus.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 52

GET
H/1.1 204
No Content sync
trends.revcontent.com/ Frame BA05 0
0 187ms
47ms Fetch 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

X-RC-Region: eu-west-1a
access-control-allow-origin: https://www.headlinesplus.com
Date: Mon, 28 Nov 2022 23:54:57 GMT
access-control-allow-credentials: true
Server: openresty
Connection: keep-alive
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H/1.1 200
OK / Show response
trends.revcontent.com/api/delivery/ Frame BA05 7 KB
4 KB 334ms
334ms Fetch
text/html 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=268337&width=728&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.headlinesplus.com%2F&icr_url=&referer=https%3A%2F%2Fwww.headlinesplus.com%2F&va=0&time=1669679697419&banner_size=728x90&up=pc&bn=chrome&bv=107&widget_width=728&style_id=0&idhub[pubcid]=b614b79b-ec8e-4a2d-a644-9454c8263948&an=false

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-226-232.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

1b25f6f0462d1585c0ce7c205613ad1e99294e029d33aa27d14cefd63bc0696f

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

X-RC-Region: eu-west-1b
Date: Mon, 28 Nov 2022 23:54:57 GMT
content-encoding: gzip
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
access-control-allow-origin: https://www.headlinesplus.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 3885

GET
H2 200 rtbWidget.delivery.js Show response
assets.revcontent.com/master/ Frame BA05 16 KB
5 KB 29ms
28ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/rtbWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: f3f7e0c5ca173328f7f813474750073fb3eef3382520f26f635e647f4d3683f4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:57 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 21:15:02 GMT
server: AmazonS3
x-amz-request-id: 6XPS7W2PBZ6GEVBS
etag: "fb225ec5c72f6eeb4694d141497a976e"
x-hw: 1669679697.cds269.am5.hn,1669679697.cds002.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 5031
x-amz-id-2: G01lvaca207HzC/Ol43Lm3tyk78zZcsKNsCjuIkCOhybKsv1SLU/KCtr7yx3KASUj6xwlqzXIs4=

GET
H2 200 79c8e0d8c2021fb7dc089d8f7bafd1fc.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_90,h_90,w_180,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ Frame BA05 8 KB
9 KB 5069ms
5006ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_90,h_90,w_180,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/79c8e0d8c2021fb7dc089d8f7bafd1fc.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

bb948107328ec4a86e85dc5315bb53ab384e6de5fdf9666e2aaed246f7d59c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:55:02 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Fri, 21 Oct 2022 10:07:49 GMT
server: Cloudinary
etag: "66d13803f5f21cf4a0aea01c8877dfc5"
x-hw: 1669679697.cds219.am5.hn,1669679702.cds309.am5.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=219;cpu=1;start=2022-11-27T14:53:50.782Z;desc=miss,rtt;dur=0,cloudinary;dur=125;start=2022-11-27T14:53:50.830Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 8633

POST
H/1.1 204
No Content impression
trends.revcontent.com/event/ Frame BA05 0
0 173ms
49ms Fetch 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-226-232.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-RC-Region: eu-west-1b
Date: Mon, 28 Nov 2022 23:54:57 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
access-control-allow-origin: https://www.headlinesplus.com
access-control-allow-credentials: true
Connection: keep-alive
access-control-allow-headers: Content-Type

POST
H/1.1 204
No Content view
trends.revcontent.com/event/ Frame BA05 0
0 45ms
45ms Fetch 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/view

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-226-232.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-RC-Region: eu-west-1b
Date: Mon, 28 Nov 2022 23:54:58 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
access-control-allow-origin: https://www.headlinesplus.com
access-control-allow-credentials: true
Connection: keep-alive
access-control-allow-headers: Content-Type

OPTIONS
H/1.1 200
OK page-view
yeet.revcontent.com/yeet/events/ Frame 0
0 191ms
45ms Preflight 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.headlinesplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 28 Nov 2022 23:54:58 GMT
Server: openresty
X-RC-Region: eu-west-1a
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

OPTIONS
H/1.1 200
OK widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 194ms
49ms Preflight 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.headlinesplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 28 Nov 2022 23:54:58 GMT
Server: openresty
X-RC-Region: eu-west-1b
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H/1.1 204
No Content page-view
yeet.revcontent.com/yeet/events/ Frame BA05 0
0 47ms
46ms Fetch 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

X-RC-Region: eu-west-1a
access-control-allow-origin: *
Date: Mon, 28 Nov 2022 23:54:58 GMT
Server: openresty
Connection: keep-alive
vary: Origin

POST
H/1.1 204
No Content widget-loaded
yeet.revcontent.com/yeet/events/ Frame BA05 0
0 47ms
47ms Fetch 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

X-RC-Region: eu-west-1b
access-control-allow-origin: *
Date: Mon, 28 Nov 2022 23:54:58 GMT
Server: openresty
Connection: keep-alive
vary: Origin

GET
H3 200 animation_loading.1cca7f73.gif
www.headlinesplus.com/static/media/ 211 KB
211 KB 32ms
32ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.headlinesplus.com/static/media/animation_loading.1cca7f73.gif
Requested by: Host: www.headlinesplus.com
URL: https://www.headlinesplus.com/static/js/2.4659483e.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ca1fdb824fc2a7a45ca7e510a5820ab6ead49ef9ac05ada18cb2db3a4970ab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:58 GMT
x-amz-version-id: zWplIV6eshXK0f3JNuYKK7QSx0ZkJGnT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QQ09SAN17BP91AE2
age: 3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 215734
x-amz-id-2: SSdGVNM2ZPS5+bADweznHgLZ8DGi61bIOVoroqywIL7jN1erTrgM7Jsun9ZzmAcVcU0NvKz+LPo=
last-modified: Wed, 24 Aug 2022 13:47:19 GMT
server: cloudflare
etag: "f968743b9e6c21d00c09093f07403a7b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bona5zKOqDtQGZcwd6w42uzR1ujeS2tzMAb1Qxtdx9sLSerXgHKz4JYur5U11dgmaOKZhz9mDgNofbP8Ah2zFL%2FWW66B4CjTsOrmaJ%2BIvXzM55VQdcEfuSp1DidBxl6kCEPPUGQksYMTdC30tLsDfGMcePk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 771708246941b93e-AMS

GET
H3 200 asyncspc.php Show response
adserver.publir.com/www/delivery/ 2 KB
1 KB 132ms
131ms XHR
application/json 2606:4700:3037::ac43:b9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.publir.com/www/delivery/asyncspc.php?zones=%7C5%7C6%7C11&prefix=revive-0-&loc=https%3A%2F%2Fwww.headlinesplus.com%2F
Requested by: Host: adserver.publir.com
URL: https://adserver.publir.com/www/delivery/asyncjs.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: 2d887de459e644579ac8a865f34959132466d57cb8b65eed4f402ccd35cc76e0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.27
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spIckoIpguDaR2%2FxDgsw7u5wNU%2BOJLZgyQWpmHfPKP9nnnnlVWto6agbOVqE9KDgX%2FNKvJBa7yoEvbPGzgJ0SOZbqVVTCaug42rxw2HByQNOS2%2BLv6hWo%2FWMhM7hbhqEmNXycnWAD2F2EIzxl0Kc1cVC"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.headlinesplus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 77170824aaa1917d-FRA
expires: 0

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df7c201666810975f1c8abab5d3961ac4305e6b0a76702bfacfd61d5188abe4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c9d462b92388823c096698825be88ee0c0e9bb71be8dc467853784d06da2287

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aeb8f203a6a21cca668c5c8983dfe86b3cf95add102305da8208100595d69800

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2022.11.28-07.21-thepoliticalinsider-63850a209ca9b-1024x573.jpg
thepoliticalinsider.com/wp-content/uploads/2022/11/ 46 KB
47 KB 119ms
28ms Image
image/webp 104.26.5.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thepoliticalinsider.com/wp-content/uploads/2022/11/2022.11.28-07.21-thepoliticalinsider-63850a209ca9b-1024x573.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

097744257dc6e3b8d9d840fdb68bd4da78603aacfb94d0fa18b77eb1cda46bae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
www-authenticate: Basic realm="Protected"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-ws: W1
age: 15645
cf-polished: qual=85, origFmt=jpeg, origSize=72171
content-disposition: inline; filename="2022.webp"
content-length: 47502
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 19:21:05 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMeG7CGO8fZWHF04SEvUkAujjbWdXvCJzG1KL63U6VxEQ34jQALK8vTU0ompTTE5Cj8OkSe2s95OBYEPK4E7deFq4j3GNaZcpuxu%2FL4m7sY9UdLbmzA4TBKQYMwP2%2BU1jHS4hQqj2XFo"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 771708255eabb97b-AMS
expires: Tue, 28 Nov 2023 19:34:13 GMT

GET
H2 200 Joey-Logano.jpg
www.boundingintosports.com/wp-content/uploads/2022/11/ 57 KB
57 KB 629ms
538ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boundingintosports.com/wp-content/uploads/2022/11/Joey-Logano.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7bff6a8f236fd11d737330d983372682027281e0cff5a8d53300d58487c9c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:59 GMT
www-authenticate: Basic realm="Protected"
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: W2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57860
last-modified: Mon, 28 Nov 2022 22:34:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eq56oVwRJq2ie6oeGHjETwVhuOuWsu9TqnAkKXzOB%2FUhb%2BEVc6RsxRw62DTNFfVcosTVBFvxZwD5c7g%2BkvzRcrB9rAd3SKZhZ3hWXfK2cSJD82vrOFxFGGksNfMZKohGcZJf8waG7jSjUIuXEVZl0fbXIZ16PpV43g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 771708256dc41c90-AMS
expires: Tue, 28 Nov 2023 23:54:58 GMT

GET
H2 200 2022.11.28-09.04-thepoliticalinsider-63852267465bf-1024x573.jpg
thepoliticalinsider.com/wp-content/uploads/2022/11/ 77 KB
78 KB 595ms
504ms Image
image/jpeg 104.26.5.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thepoliticalinsider.com/wp-content/uploads/2022/11/2022.11.28-09.04-thepoliticalinsider-63852267465bf-1024x573.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8feb128352ef6cdf541944456acc430af480a1a1d1a84fc846f16319406bea62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
www-authenticate: Basic realm="Protected"
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-ws: W1
content-length: 78924
last-modified: Mon, 28 Nov 2022 21:04:39 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ah5BA4TeiCknGCDtXiCd5ZBvCvkyTZUWSeNJE8eLaMwEwjIH9prVTgbaERwxVLsvo9Ivsyqj%2B58uDIAUEepOd9hWxCgLAr4jORCL5PE%2BEpW30Waq0OIKsTJRFzyWXFfTeXI2TWeq7yjH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 771708255eadb97b-AMS
expires: Tue, 28 Nov 2023 23:54:58 GMT

GET
H2 200 Gregg-Berhalter.jpg
www.boundingintosports.com/wp-content/uploads/2022/11/ 64 KB
65 KB 125ms
34ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boundingintosports.com/wp-content/uploads/2022/11/Gregg-Berhalter.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebe4a1838635d1ff61f2faa380fff255e4063d63dc11f5d01a360b835044b129

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:58 GMT
www-authenticate: Basic realm="Protected"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: W2
age: 1471
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65560
last-modified: Mon, 28 Nov 2022 21:55:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZXIjhiSCHoja3N6k1NIiVEiqUISQaVnf1cIUImS9MmTwr8dKYkFMZIu4TQD7jJhisisPxB9G4T9wdIByp89veOlhZx%2B%2Bwx1zd%2BXAQZPkLIyQLqtb1S2iTVjUXeBbbjo%2F%2FjVIjgIDSYfUiB0BKslaX6FecPD65yXXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 771708256dc51c90-AMS
expires: Tue, 28 Nov 2023 23:30:27 GMT

GET
H2 200 2022.11.28-06.41-thepoliticalinsider-638500e5ab061-1024x573.jpg
thepoliticalinsider.com/wp-content/uploads/2022/11/ 25 KB
25 KB 144ms
54ms Image
image/webp 104.26.5.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thepoliticalinsider.com/wp-content/uploads/2022/11/2022.11.28-06.41-thepoliticalinsider-638500e5ab061-1024x573.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

844021af5a9cb781b6df18341e6ffde0d5d54b3cb32ab493a263e77483dcf945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
www-authenticate: Basic realm="Protected"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-ws: W1
age: 6471
cf-polished: qual=85, origFmt=jpeg, origSize=42154
content-disposition: inline; filename="2022.webp"
content-length: 25180
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 18:41:42 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1lv5ZCyLC9qKKG74XvPbcmcJOzKOu8zYlcF%2FPXMrUrjMCvOjHuG5Ntgme1VvD2O1VMrdRATN9dKnG70tejWhlR57y9B%2BcXTWYWQ0uEjeDUB5jnqCNwQNa%2Ft0zjkKF2CX%2Fg648nxJ9C%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 771708255eaeb97b-AMS
expires: Tue, 28 Nov 2023 22:07:07 GMT

GET
H2 200 2022.11.28-08.25-themixnet-6385195079dc6-800x448.jpg
www.themix.net/wp-content/uploads/2022/11/ 39 KB
39 KB 165ms
73ms Image
image/jpeg 2606:4700:3032::ac43:b6da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.themix.net/wp-content/uploads/2022/11/2022.11.28-08.25-themixnet-6385195079dc6-800x448.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:b6da , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa8854df1b1af601c012f1941019731c296ce42b60dbd5c0a232775471adea42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
www-authenticate: Basic realm="Protected"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-ws: W2
age: 10028
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39472
last-modified: Mon, 28 Nov 2022 20:25:52 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqfCMa9uZLOfoxLWoyn8Rx7NCyQBCMRZ2aC%2BqcZypKkTO%2FPNfl%2F%2FI80zRB2ASe6J7P5n2jpOqsZfMpY1e0K%2BCsu%2Fs38p75PQY41Z8SknDBMjoV1qMz8mARHOtNZ1Eaw21kyPRsRgnLCCgLkj%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 771708256a9abbcd-FRA
expires: Tue, 28 Nov 2023 21:07:50 GMT

GET
H2 200 2021.01.22-03.58-themixnet-600af62fc9625-800x447.png
www.themix.net/wp-content/uploads/2021/01/ 321 KB
322 KB 132ms
40ms Image
image/png 2606:4700:3032::ac43:b6da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.themix.net/wp-content/uploads/2021/01/2021.01.22-03.58-themixnet-600af62fc9625-800x447.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:b6da , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b980b8ca7bfe77a8895bae91fed158f74f8f36fd35ad3ec1aed61622d3e5bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
www-authenticate: Basic realm="Protected"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-ws: W1
age: 1864
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 328886
last-modified: Fri, 22 Jan 2021 15:58:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNIV3rApWb7xtIpefJ24izhJwxqiqWJa4zipnjhtO2oo4uRX2Nv0v4mHaAy6hxhZesgI0V9RgdREAIQGn0%2BQsaGmT8%2FwdSBPlrwsPIHmAqj5%2BmYPo3soEtY6ehRHZ%2BqhzhHYGk2%2BGHj36nXhKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 771708256a9cbbcd-FRA
expires: Tue, 28 Nov 2023 23:23:54 GMT

GET
H2 200 2022.11.28-08.30-themixnet-63851a653c863-800x448.jpg
www.themix.net/wp-content/uploads/2022/11/ 30 KB
31 KB 164ms
73ms Image
image/jpeg 2606:4700:3032::ac43:b6da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.themix.net/wp-content/uploads/2022/11/2022.11.28-08.30-themixnet-63851a653c863-800x448.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:b6da , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c5495ca26de4cbb6ae2856553db6b113f4ea5bbe11d5db17487982724e2efe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
www-authenticate: Basic realm="Protected"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-ws: W2
age: 10028
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30977
last-modified: Mon, 28 Nov 2022 20:30:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnFCatGwh39v8Lv4bu1iLvGdvopvJ9qDa%2Fd%2Bl4bG0uHmvscIMG7yXe0TcotB5Ndfph%2BirYsdDck1kztpFAcwI4GhoDALpFKmpAHPWf5qEQZGLm1o35%2FAoo018gOJ9eb7Gnf7x5mzjUcdbIVnag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 771708256a9dbbcd-FRA
expires: Tue, 28 Nov 2023 21:07:50 GMT

GET
H2 200 2022.11.28-08.10-boundingintocomics-638515a08dd40.png
boundingintocomics.com/wp-content/uploads/2022/11/ 868 KB
869 KB 130ms
40ms Image
image/png 2606:4700:3032::ac43:8b27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boundingintocomics.com/wp-content/uploads/2022/11/2022.11.28-08.10-boundingintocomics-638515a08dd40.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7559f01011fa9f1b3cba5fe41ce60e0b3a492579c997f6841bb0ded1f09224f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:58 GMT
www-authenticate: Basic realm="Protected"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: W1
age: 11908
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 888735
last-modified: Mon, 28 Nov 2022 20:10:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FhlYc8XLgV5C0WAprPZbtoPCaxRuw3VZ74e1XdGp1w2ZMiCNFLwfyUi0qWZBm9Az0RP4AcSj7r31da8oWBSuepmKE2VuLtIxvqqb1Th1NKz2WC0NBwRUGzAX%2Ba7BR10v5mFwqtLhf0D6TF9ww1LrUtKTDFt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 771708256936924a-FRA
expires: Tue, 28 Nov 2023 20:36:30 GMT

GET
H2 200 2022.11.28-07.23-boundingintocomics-63850aa23c0c3.png
boundingintocomics.com/wp-content/uploads/2022/11/ 572 KB
573 KB 162ms
72ms Image
image/png 2606:4700:3032::ac43:8b27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boundingintocomics.com/wp-content/uploads/2022/11/2022.11.28-07.23-boundingintocomics-63850aa23c0c3.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5185f1f210e7009bdb1a42017224e9da9cb2e403bea122593bf4c062c6e5ecc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:58 GMT
www-authenticate: Basic realm="Protected"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: W2
age: 12159
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 585408
last-modified: Mon, 28 Nov 2022 19:23:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpusLl6Efc7JBmatKsut%2FPBSuRV%2F3Wi1B8TLrkHCQnRYs1%2BGavqWUv2eCqxwySYXUgwFJZElKeCzdCyAPEdEn3sv4pwxvxAmvZ3ouPUy4O9C5LI1AJRpelIscrDjMRJBzSnSBv869L7y4vTywBpWIq4hy8f3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 771708256938924a-FRA
expires: Tue, 28 Nov 2023 20:32:19 GMT

GET
H2 200 2022.11.28-05.15-thepoliticalinsider-6384ec9fdb7d7-1024x573.jpg
thepoliticalinsider.com/wp-content/uploads/2022/11/ 60 KB
61 KB 46ms
45ms Image
image/webp 104.26.5.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thepoliticalinsider.com/wp-content/uploads/2022/11/2022.11.28-05.15-thepoliticalinsider-6384ec9fdb7d7-1024x573.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82cba525fefc4832b03537d30594e223470599dcd87bc3247f82027de41c4645

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
www-authenticate: Basic realm="Protected"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-ws: W1
age: 6398
cf-polished: qual=85, origFmt=jpeg, origSize=87643
content-disposition: inline; filename="2022.webp"
content-length: 61638
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 17:15:12 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSYSVFk4vqmL5qVhB3sfQGZj%2B86p6ii%2FuewSvshtDTmYmxWu58tgur9%2FPq%2BSq1e%2BoFuAU0TZXVobfkcd%2BGO9GPLWT0BrZUHOAmtnVbMFRXvxXqxERfizWSvMPbOSAml8Y9E8e%2BmOP3CA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 771708257ec4b97b-AMS
expires: Tue, 28 Nov 2023 22:08:20 GMT

GET
H2 200 2022.11.28-06.08-themixnet-6384f9180cb5e-800x492.png
www.themix.net/wp-content/uploads/2022/11/ 569 KB
570 KB 64ms
64ms Image
image/png 2606:4700:3032::ac43:b6da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.themix.net/wp-content/uploads/2022/11/2022.11.28-06.08-themixnet-6384f9180cb5e-800x492.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:b6da , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0226e136eed172a793ae0ac84c74a56e8d3bd910c4f82872f02495064ba71aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
www-authenticate: Basic realm="Protected"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-ws: W2
age: 5951
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 583128
last-modified: Mon, 28 Nov 2022 18:08:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFClMv6GBFZOkhzm%2FSPE1TL%2FldBi8UXxsTmzo2Ft3BS5Z313rBEbddEz4FaiJZuWhs%2F9ecYpDl82HDXOeWzx%2FlvsOrkRRBeN5JDr%2FaPLrW7loTdqu%2Fvnsxc5YqVWbRx2AozCiSCsml%2FcOztH8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 771708257ab2bbcd-FRA
expires: Tue, 28 Nov 2023 22:15:47 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 97ms
32ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.headlinesplus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 25806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 16:44:52 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ Frame 571F 156 KB
49 KB 29ms
27ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: adserver.publir.com
URL: https://adserver.publir.com/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: cbbd0c5a903d0e3b0b058cf6248d956d70e452cba831866b8161381896b4e923

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:58 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 21:14:59 GMT
server: AmazonS3
x-amz-request-id: XKC9KMND758DG1PF
etag: "6d1b2100c62614d53dc882993fbdddc7"
x-hw: 1669679698.cds269.am5.hn,1669679698.cds109.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 50095
x-amz-id-2: kjCRpSn7JdIZz+ByFZVuvg6MDnMTJpN0kXg6u3+Xo8L1+0Rjnn7Am4mibcL0/qdxECSkWxdzBfM=

GET
H3 200 lg.php
adserver.publir.com/www/delivery/ 43 B
658 B 363ms
362ms Image
image/gif 2606:4700:3037::ac43:b9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adserver.publir.com/www/delivery/lg.php?bannerid=18&campaignid=4&zoneid=5&loc=https%3A%2F%2Fwww.headlinesplus.com%2F&cb=d8c03d3a3f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 23:54:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.27
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvAVQBcQHXTmqiGxTCWS7mNo7m17%2BB%2BhJD2sga1houUmiA%2BAHgUZN%2F%2F2lThPlYY%2FRTKeizR%2FOphsdiXqIvplWFuSUQ8AEwvwXxnPq8r%2BwA%2Bplq%2FD7%2BxOQ%2Bi0XfmT9pUtQb5cbuGcJxCZFuni4c4Y6gu4"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 771708259bd1917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3 200 lg.php
adserver.publir.com/www/delivery/ 43 B
651 B 332ms
331ms Image
image/gif 2606:4700:3037::ac43:b9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adserver.publir.com/www/delivery/lg.php?bannerid=17&campaignid=4&zoneid=6&loc=https%3A%2F%2Fwww.headlinesplus.com%2F&cb=713a717332
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 23:54:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.27
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kt7t0%2FhGTEEBIEA1bzk6qJHPVWMnZepXV%2FOTr0PYp06t7Pp85sIiQymzbFc2yVVkGxALTYis3g7O%2BIvWhB%2FeD7ykCNT4%2Fb5sVR7iL46OCH0caxTG4qVxI%2F6hkAGKDQKfraL1R7dhjnSK1XQanvRYNUCu"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 771708259bd3917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3 200 lg.php
adserver.publir.com/www/delivery/ Frame 571F 43 B
654 B 130ms
129ms Image
image/gif 2606:4700:3037::ac43:b9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adserver.publir.com/www/delivery/lg.php?bannerid=11&campaignid=4&zoneid=11&loc=https%3A%2F%2Fwww.headlinesplus.com%2F&cb=111d0e4ede
Requested by: Host: www.headlinesplus.com
URL: https://www.headlinesplus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 23:54:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.27
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Tq%2Bx7HL3UrBlFnT0wRr45P9lO4yARYt7Ocgj%2BYX%2BdklsZr18goYQS0v%2FpxcsfqY0LKi5rqai8%2BT%2BKLYu390TP1nhynGH8GAzNs%2F70YJQkRaL74TUGczPE94EhqZsE%2FNTxYNWQXPRMOyke5SbAjhE7OD"}],"group":"cf-nel","max_age":604800}
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 771708259bd4917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3 200 5fd6e568b924ed5b530ed4596ba9255c.png
adserver.publir.com/www/images/ 122 KB
123 KB 298ms
298ms Image
image/png 2606:4700:3037::ac43:b9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adserver.publir.com/www/images/5fd6e568b924ed5b530ed4596ba9255c.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95031e1246ce7c692a2346194fb39a6872faf85e92d6931c6b8864c6d94bfad7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:59 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 11 Mar 2022 14:42:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1e84c-5d9f2569c7eed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ox56rDc0u1%2BBaXK309xFvo%2BYDBZyRb7QsmZthSInaetFGMk4GPl4YUsZM7%2FvC3zzIJUX0M78009QDmbz37zEAIkpbY6e3xBhOUOrL51X2ELz9L6B%2B4zgwF3BWufcF0Zj2AwCB1y2OsK1DhcK2wUFbh%2FN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 771708259bd8917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 125004

GET
H3 200 9eae8d8be8cb4551e85ba944d13bdff0.png
adserver.publir.com/www/images/ 98 KB
99 KB 393ms
393ms Image
image/png 2606:4700:3037::ac43:b9ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adserver.publir.com/www/images/9eae8d8be8cb4551e85ba944d13bdff0.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f4a1098296888d9bf80d24d680e1d2250a8e72480c7f9b9ac22c8907c491300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:59 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 11 Mar 2022 14:39:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "18855-5d9f24c01f521"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92TnCsrn5JllYWg9Tj0JkGL4BvzGFhD8SlCTWlPAZpIsa5KQbij2y5Uk0nzyFXMRehvhUEqyxTp2QWE43KG6RlLIi2WFQ3Na1uPc4nuSSvL2e9zhLE5M7vRmwU75I3Od92qMyljp3sIYsPfnzX0CL8Sf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 771708259bd9917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100437

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ Frame 571F 210 KB
65 KB 36ms
35ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:58 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 20:34:20 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=160770
accept-ranges: bytes
content-length: 65523
expires: Wed, 30 Nov 2022 20:34:28 GMT

GET
H/1.1 200
OK / Show response
trends.revcontent.com/api/demand/ Frame 571F 52 B
401 B 64ms
64ms Fetch
text/html 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=268339

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-226-232.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

X-RC-Region: eu-west-1b
Date: Mon, 28 Nov 2022 23:54:58 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
Content-Type: text/html; charset=UTF-8
access-control-allow-origin: https://www.headlinesplus.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 52

GET
H/1.1 204
No Content sync
trends.revcontent.com/ Frame 571F 0
0 60ms
60ms Fetch 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

X-RC-Region: eu-west-1a
access-control-allow-origin: https://www.headlinesplus.com
Date: Mon, 28 Nov 2022 23:54:58 GMT
access-control-allow-credentials: true
Server: openresty
Connection: keep-alive
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H/1.1 200
OK / Show response
trends.revcontent.com/api/delivery/ Frame 571F 7 KB
4 KB 251ms
251ms Fetch
text/html 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=268339&width=160&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.headlinesplus.com%2F&icr_url=&referer=https%3A%2F%2Fwww.headlinesplus.com%2F&va=0&time=1669679698996&banner_size=160x600&up=pc&bn=chrome&bv=107&widget_width=160&style_id=0&idhub[pubcid]=b614b79b-ec8e-4a2d-a644-9454c8263948&an=false

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-226-232.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

8acff1e3a798e3612aa602ee029ecb37dec2046589d38e8c9d27d35acd89496b

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

X-RC-Region: eu-west-1b
Date: Mon, 28 Nov 2022 23:54:59 GMT
content-encoding: gzip
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
access-control-allow-origin: https://www.headlinesplus.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 3708

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 107ms
35ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.headlinesplus.com%2F&domain=www.headlinesplus.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.headlinesplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.headlinesplus.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 28 Nov 2022 23:54:58 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 374545
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ Frame BA05 49 B
300 B 171ms
111ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001kQgaMAAS&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Nov 2022 23:54:59 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.headlinesplus.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame BA05
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.headlinesplus.com%2F&domain=www.headlinesplus.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=e2WKEHw4blZlREk1a2lPc0k1WVFBUTVaMm9TNUF2cERGM3Q1R3FRcndWbmZkV3NYaDdFQ0Rja0dibHVod09KajF2dXVtYkw3TTZPTVJaVW4rbnpaM01yTHlXaVJmc0VBYXJUK2lRTFptV1ZZYVYrWEdiRlpRaG5lSHNheV...

351 B
643 B

75ms
26ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=e2WKEHw4blZlREk1a2lPc0k1WVFBUTVaMm9TNUF2cERGM3Q1R3FRcndWbmZkV3NYaDdFQ0Rja0dibHVod09KajF2dXVtYkw3TTZPTVJaVW4rbnpaM01yTHlXaVJmc0VBYXJUK2lRTFptV1ZZYVYrWEdiRlpRaG5lSHNheVBUMkUwTkFSaVV4VGwxeS9uVXlRdWp0QmdiQXNsNE5MeFZZdDJHYWF5d3hZMWl1VTFzTXkvY0RUdmE5OVhYQTNCbmJqaTBxL3hya1FQRDBrd0FZUytyU2Q1N0RhWEhHL2I1czY4RmYrNDFWaldQK2UrRlNpOXVrSE8vMU1NWFZoWDZRRElZMGhlfA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c8190358c79f94c4b038644fadaac13ede795f9b2607f31e4f71cee74dda81ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 23:54:59 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1125438
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 23:54:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=e2WKEHw4blZlREk1a2lPc0k1WVFBUTVaMm9TNUF2cERGM3Q1R3FRcndWbmZkV3NYaDdFQ0Rja0dibHVod09KajF2dXVtYkw3TTZPTVJaVW4rbnpaM01yTHlXaVJmc0VBYXJUK2lRTFptV1ZZYVYrWEdiRlpRaG5lSHNheVBUMkUwTkFSaVV4VGwxeS9uVXlRdWp0QmdiQXNsNE5MeFZZdDJHYWF5d3hZMWl1VTFzTXkvY0RUdmE5OVhYQTNCbmJqaTBxL3hya1FQRDBrd0FZUytyU2Q1N0RhWEhHL2I1czY4RmYrNDFWaldQK2UrRlNpOXVrSE8vMU1NWFZoWDZRRElZMGhlfA&cppv=2
access-control-allow-origin: https://www.headlinesplus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 595707
content-length: 0
expires: 0

POST
H/1.1 200 1285.json Show response
id5-sync.com/g/v2/ Frame BA05 216 B
631 B 108ms
34ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1285.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

efb54e36680a76161bfcd437967b5b6e8a7895b289edc616f2d8a1dd9a888231

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.headlinesplus.com
date: Mon, 28 Nov 2022 23:54:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ Frame BA05 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame BA05 43 B
321 B 155ms
44ms XHR
application/json 3.248.128.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.128.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-128-187.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 23:54:59 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.headlinesplus.com
cache-control: no-cache
x-server: 10.45.10.35
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame BA05 63 B
394 B 149ms
41ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 594b6f77b0aa291840adcc09136997f8def4f6db3e076e1bdfa9ad921acc06a8

Request headers

Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Nov 2022 23:54:59 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.headlinesplus.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 28 Dec 2022 23:54:59 GMT

GET
H2 200 rtbWidget.delivery.js Show response
assets.revcontent.com/master/ Frame 571F 16 KB
5 KB 27ms
27ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/rtbWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: f3f7e0c5ca173328f7f813474750073fb3eef3382520f26f635e647f4d3683f4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:59 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 21:15:02 GMT
server: AmazonS3
x-amz-request-id: 6XPS7W2PBZ6GEVBS
etag: "fb225ec5c72f6eeb4694d141497a976e"
x-hw: 1669679699.cds269.am5.hn,1669679699.cds002.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 5031
x-amz-id-2: G01lvaca207HzC/Ol43Lm3tyk78zZcsKNsCjuIkCOhybKsv1SLU/KCtr7yx3KASUj6xwlqzXIs4=

GET
H2 200 15197652001792716067.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_90,h_100,w_160,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ Frame 571F 5 KB
6 KB 59ms
59ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_90,h_100,w_160,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15197652001792716067.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

d59391db462c55105ce42038542421d02374de9c37f81a11f959c7a4af92d578

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:54:59 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Mon, 15 Nov 2021 07:11:13 GMT
server: Cloudinary
etag: "07cab1bf9e0bd2cd423535bcafc52b10"
x-hw: 1669679699.cds219.am5.hn,1669679699.cds204.am5.sc,1669679699.cds204.am5.p
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2022-11-28T23:54:59.317Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 5615

POST
H/1.1 204
No Content impression
trends.revcontent.com/event/ Frame 571F 0
0 46ms
45ms Fetch 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-226-232.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-RC-Region: eu-west-1b
Date: Mon, 28 Nov 2022 23:54:59 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
access-control-allow-origin: https://www.headlinesplus.com
access-control-allow-credentials: true
Connection: keep-alive
access-control-allow-headers: Content-Type

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 109ms
25ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 28 Nov 2022 23:54:59 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 567811
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H/1.1 200
OK page-view
yeet.revcontent.com/yeet/events/ Frame 0
0 45ms
45ms Preflight 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.headlinesplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 28 Nov 2022 23:54:59 GMT
Server: openresty
X-RC-Region: eu-west-1b
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

OPTIONS
H/1.1 200
OK widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 46ms
46ms Preflight 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.headlinesplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 28 Nov 2022 23:54:59 GMT
Server: openresty
X-RC-Region: eu-west-1a
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H/1.1 204
No Content page-view
yeet.revcontent.com/yeet/events/ Frame 571F 0
0 48ms
48ms Fetch 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

X-RC-Region: eu-west-1b
access-control-allow-origin: *
Date: Mon, 28 Nov 2022 23:54:59 GMT
Server: openresty
Connection: keep-alive
vary: Origin

POST
H/1.1 204
No Content widget-loaded
yeet.revcontent.com/yeet/events/ Frame 571F 0
0 45ms
45ms Fetch 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

X-RC-Region: eu-west-1a
access-control-allow-origin: *
Date: Mon, 28 Nov 2022 23:54:59 GMT
Server: openresty
Connection: keep-alive
vary: Origin

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 81ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TZ0NB3RCB4&gtm=2oeb90&_p=385690606&cid=509345601.1669679695&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1669679694&sct=1&seg=0&dl=https%3A%2F%2Fwww.headlinesplus.com%2F&dt=Headlines%20Plus&en=scroll&epn.percent_scrolled=90&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TZ0NB3RCB4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 23:54:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.headlinesplus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 35ms
35ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.headlinesplus.com%2F&domain=www.headlinesplus.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.headlinesplus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.headlinesplus.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 28 Nov 2022 23:55:00 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 478458
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 envelope Show response
lexicon.33across.com/v1/ Frame 571F 49 B
66 B 162ms
111ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001kQgaMAAS&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Nov 2022 23:55:00 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.headlinesplus.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 571F
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.headlinesplus.com%2F&domain=www.headlinesplus.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=JaA_pnxUM2NxN3FYanVNMEF1MUxpckpxL1lCSzJXczFWa3JuQVRPMHlCYzEvd0lMTjM1VlJ4SkZ1Y3h3cURKMlRhTm5xNXVjbExFaGxDNHp3VXlzMXlTU0dOdVI4YlByN1BUSk9vMFQ0Y3g5a0FvUGdVZFd2amRMeVNSWH...

359 B
650 B

31ms
30ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=JaA_pnxUM2NxN3FYanVNMEF1MUxpckpxL1lCSzJXczFWa3JuQVRPMHlCYzEvd0lMTjM1VlJ4SkZ1Y3h3cURKMlRhTm5xNXVjbExFaGxDNHp3VXlzMXlTU0dOdVI4YlByN1BUSk9vMFQ0Y3g5a0FvUGdVZFd2amRMeVNSWHhzd0JGZnBvbkJFUlZMZnBHSVZ4VHNzZ0gzbktmVEgxUGxBQVZKYnkxY3lhc3k3ckhRSVo1U2kySTJ2ZkdXME9Hdk5DbVQvNGI3OTljZ0s4SEhtL0tscjRNWTB2U0hEMFZDRlBLZm5TalVuUjBFejdQbUVzMk1jMkR0bWFkTjBndXpydDFoN29lfA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4d00ef2bc2d6d3c21aa9c83bf385019db047aba49bf0bbd25c133a49336b77d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.headlinesplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 23:55:00 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1459533
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 23:55:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=JaA_pnxUM2NxN3FYanVNMEF1MUxpckpxL1lCSzJXczFWa3JuQVRPMHlCYzEvd0lMTjM1VlJ4SkZ1Y3h3cURKMlRhTm5xNXVjbExFaGxDNHp3VXlzMXlTU0dOdVI4YlByN1BUSk9vMFQ0Y3g5a0FvUGdVZFd2amRMeVNSWHhzd0JGZnBvbkJFUlZMZnBHSVZ4VHNzZ0gzbktmVEgxUGxBQVZKYnkxY3lhc3k3ckhRSVo1U2kySTJ2ZkdXME9Hdk5DbVQvNGI3OTljZ0s4SEhtL0tscjRNWTB2U0hEMFZDRlBLZm5TalVuUjBFejdQbUVzMk1jMkR0bWFkTjBndXpydDFoN29lfA&cppv=2
access-control-allow-origin: https://www.headlinesplus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 514400
content-length: 0
expires: 0

POST
H/1.1 200 1285.json Show response
id5-sync.com/g/v2/ Frame 571F 216 B
631 B 34ms
34ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1285.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

c3f1484df5b067cebd5b720ce0dd4c2a88e84ecfde19db44bf8a456bd876d109

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.headlinesplus.com
date: Mon, 28 Nov 2022 23:55:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 571F 43 B
320 B 43ms
43ms XHR
application/json 3.248.128.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.128.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-128-187.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 23:55:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.headlinesplus.com
cache-control: no-cache
x-server: 10.45.12.96
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 571F 63 B
393 B 44ms
44ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e10dbbbfd96f22362234e93632bcd37cb21f6bd6b9a1d5bbfcfd1b1aa3e207fb

Request headers

Referer: https://www.headlinesplus.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Nov 2022 23:55:00 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.headlinesplus.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 28 Dec 2022 23:55:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 25ms
25ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 28 Nov 2022 23:55:00 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 233408
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: article
URL: headlinesplus://article

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=13781

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.headlinesplus.com/	1970-01-20 17:23:59	Name: _ga_TZ0NB3RCB4 Value: GS1.1.1669679694.1.0.1669679694.0.0.0
.headlinesplus.com/	1970-01-20 17:23:59	Name: _ga Value: GA1.1.509345601.1669679695
.headlinesplus.com/	1970-01-20 09:57:35	Name: _fbp Value: fb.1.1669679695186.1360442856
adserver.publir.com/	1969-12-31 23:59:59	Name: OAGEO Value: 2%7CDE%7CEU%7C1%7CFrankfurt%20am%20Main%7C60313%7C50.1188%7C8.6843%7C1000%7CEurope%2FBerlin%7C%7CHE%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
adserver.publir.com/	1970-01-20 16:33:35	Name: OAID Value: 01000111010001000101000001010010
www.headlinesplus.com/	1970-01-20 08:31:11	Name: _pbjs_userid_consent_data Value: 3524755945110770
.headlinesplus.com/	1970-01-20 12:07:11	Name: _pubcid Value: b614b79b-ec8e-4a2d-a644-9454c8263948
www.headlinesplus.com/	1970-01-20 07:48:03	Name: _lr_retry_request Value: true
www.headlinesplus.com/	1970-01-20 08:31:11	Name: _lr_env_src_ats Value: false
www.headlinesplus.com/	1970-01-20 09:14:23	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-28T23%3A55%3A00%22%7D
.headlinesplus.com/	1970-01-20 17:09:35	Name: cto_bundle Value: RGMjSV9Ga0tHZ3UwTyUyQm91TkU4NiUyQmhoWGpOempQdUhtVXE4NURSY2ZOVkJoVHd3R2RKQWVNd3hrVjhYUElUUE1zMHR5S25CUkM1ZDJnYXR1ZE9Xb3FpVjFadXVsTjhzUWJ4JTJCZ0lLV1E4Z1JrTHJiVCUyRnQyVW81dEtnekhMaFo5QzlDRjJH
.headlinesplus.com/	1970-01-20 17:09:35	Name: cto_bidid Value: LQwtA19Tanh2a2pyUUNOUGJ2S0xVZmxyanhxVGglMkZRS1ZzTUl4MnlVTDZwOGdHV0clMkJ6ZlNoTml0QW9sejlmbkZvVzVacVVadmJpWkUwcDFaRGZLY0k0WTFEaEElM0QlM0Q

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.headlinesplus.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13781' from origin 'https://www.headlinesplus.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13781 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
adserver.publir.com
api.rlcdn.com
article
assets.revcontent.com
boundingintocomics.com
cme3-api.phunware.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
images.revcontent.com
lexicon.33across.com
match.adsrvr.org
mug.criteo.com
region1.google-analytics.com
thepoliticalinsider.com
trends.revcontent.com
www.boundingintosports.com
www.facebook.com
www.googletagmanager.com
www.headlinesplus.com
www.themix.net
yeet.revcontent.com
api.rlcdn.com
article
104.26.5.33
151.101.129.108
151.139.128.10
162.19.138.83
178.250.2.146
185.89.211.84
2001:4860:4802:34::36
23.35.236.201
2600:1901:0:8344::
2606:4700:3032::ac43:8b27
2606:4700:3032::ac43:b6da
2606:4700:3037::ac43:b9ba
2a00:1450:4001:811::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2008
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
3.248.128.187
35.71.131.137
52.51.126.33
54.194.226.232
63.241.25.250
0226e136eed172a793ae0ac84c74a56e8d3bd910c4f82872f02495064ba71aa1
02ca1fdb824fc2a7a45ca7e510a5820ab6ead49ef9ac05ada18cb2db3a4970ab
08d1e8b17a3c4e28baa45e5993037c1dbe505f8a6cc04be2b637868628b7116c
097744257dc6e3b8d9d840fdb68bd4da78603aacfb94d0fa18b77eb1cda46bae
13654dc4a6cc3e80ad362314675f9c6881db3dd5e36a6c0891ce4bee2c040450
1b25f6f0462d1585c0ce7c205613ad1e99294e029d33aa27d14cefd63bc0696f
223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3
2c9d462b92388823c096698825be88ee0c0e9bb71be8dc467853784d06da2287
2d887de459e644579ac8a865f34959132466d57cb8b65eed4f402ccd35cc76e0
30df240fbcb2c562b3cdc57ae479575c842bd908977a1b39bcfc903a0bc13a89
32385a5884d718b9b4e792d2d1c01d582997b9f256724c1068bee6e473e4d612
34b3feb5b0a2102645a864efdae810899a055db9e8d77508c0b415ae5b1f48a9
4c5495ca26de4cbb6ae2856553db6b113f4ea5bbe11d5db17487982724e2efe8
4d00ef2bc2d6d3c21aa9c83bf385019db047aba49bf0bbd25c133a49336b77d9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
594b6f77b0aa291840adcc09136997f8def4f6db3e076e1bdfa9ad921acc06a8
6f4a1098296888d9bf80d24d680e1d2250a8e72480c7f9b9ac22c8907c491300
7dd05a523eb59989b0fc083c70ee213d845dd0f67d978a4295b7ac6d97bce6ea
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
82cba525fefc4832b03537d30594e223470599dcd87bc3247f82027de41c4645
844021af5a9cb781b6df18341e6ffde0d5d54b3cb32ab493a263e77483dcf945
8ac5df461e9a90705166ec96238da382894e076eee5b1941fd44024af8b4d301
8acff1e3a798e3612aa602ee029ecb37dec2046589d38e8c9d27d35acd89496b
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8b980b8ca7bfe77a8895bae91fed158f74f8f36fd35ad3ec1aed61622d3e5bbc
8feb128352ef6cdf541944456acc430af480a1a1d1a84fc846f16319406bea62
95031e1246ce7c692a2346194fb39a6872faf85e92d6931c6b8864c6d94bfad7
9b3ae8ef20681e91040bfb2f762d0e9a8d067ee6be4eb2842162b42bb0552e93
a89539b9616f87a6e9d752f8b1e887d9ed1e66d36cb45a40af562840b8ec2307
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa0d4e3884b058fcaf4c5170c2beb207e0a5345ba012db14f4bef18be668f834
aa8854df1b1af601c012f1941019731c296ce42b60dbd5c0a232775471adea42
aeb8f203a6a21cca668c5c8983dfe86b3cf95add102305da8208100595d69800
af7bff6a8f236fd11d737330d983372682027281e0cff5a8d53300d58487c9c4
bb948107328ec4a86e85dc5315bb53ab384e6de5fdf9666e2aaed246f7d59c01
c3f1484df5b067cebd5b720ce0dd4c2a88e84ecfde19db44bf8a456bd876d109
c8190358c79f94c4b038644fadaac13ede795f9b2607f31e4f71cee74dda81ea
cbbd0c5a903d0e3b0b058cf6248d956d70e452cba831866b8161381896b4e923
cecd9b05d7861e3eea63fd8a8714eeacf4e3511ef0890fd1256f5c2504f01202
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d3f8cb3dd4bf027d328b66d2a964353f56dcfe558e0e8c185031c29b00ec6cd4
d59391db462c55105ce42038542421d02374de9c37f81a11f959c7a4af92d578
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
df7c201666810975f1c8abab5d3961ac4305e6b0a76702bfacfd61d5188abe4a
e10dbbbfd96f22362234e93632bcd37cb21f6bd6b9a1d5bbfcfd1b1aa3e207fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5185f1f210e7009bdb1a42017224e9da9cb2e403bea122593bf4c062c6e5ecc
e7559f01011fa9f1b3cba5fe41ce60e0b3a492579c997f6841bb0ded1f09224f
ebe4a1838635d1ff61f2faa380fff255e4063d63dc11f5d01a360b835044b129
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb54e36680a76161bfcd437967b5b6e8a7895b289edc616f2d8a1dd9a888231
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f3f7e0c5ca173328f7f813474750073fb3eef3382520f26f635e647f4d3683f4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

www.headlinesplus.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

95 %HTTPS

52 %IPv6

23 Domains

28 Subdomains

26 IPs

4 Countries

10464 kBTransfer

11817 kBSize

12 Cookies

2 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.headlinesplus.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

95 %
HTTPS

52 %
IPv6

23
Domains

28
Subdomains

26
IPs

4
Countries

10464 kB
Transfer

11817 kB
Size

12
Cookies

85 HTTP transactions
3 data transactions