cloudflarepoc.newsmax.com Open in urlscan Pro
2606:4700:3108::ac42:2bac Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cloudflarepoc.newsmax.com/
Submission: On June 21 via automatic, source certstream-suspicious (June 21st 2023, 8:28:10 pm UTC) — Scanned from DE

Summary HTTP 283 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 68 IPs in 9 countries across 54 domains to perform 283 HTTP transactions. The main IP is 2606:4700:3108::ac42:2bac, located in United States and belongs to CLOUDFLARENET, US. The main domain is cloudflarepoc.newsmax.com.
TLS certificate: Issued by GTS CA 1P5 on June 21st 2023. Valid for: 3 months.

This is the only time cloudflarepoc.newsmax.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
88	2606:4700:310... 2606:4700:3108::ac42:2bac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:350... 2a02:26f0:3500:18::1724:a29e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:350... 2a02:26f0:3500:18::1724:a29a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ee1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	52.222.169.46 52.222.169.46	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:d56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2.19.224.115 2.19.224.115	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:170... 2a02:26f0:1700:794::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ed3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.32.110.70 13.32.110.70	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:9800:a:e047:753:be1	() ()
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.255.231.185 34.255.231.185	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	185.239.173.210 185.239.173.210	55081 (24SHELLS) (24SHELLS)
1	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1 3	54.192.111.20 54.192.111.20	16509 (AMAZON-02) (AMAZON-02)
12	2a02:26f0:710... 2a02:26f0:7100::1720:eeeb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	88.221.168.201 88.221.168.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:202... 2600:9000:2022:7000:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.218.232.152 52.218.232.152	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:219c:6000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c0d::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	52.3.28.117 52.3.28.117	14618 (AMAZON-AES) (AMAZON-AES)
1 1	137.74.6.209 137.74.6.209	16276 (OVH) (OVH)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b120:94f1:b451:8dad:7124	14618 (AMAZON-AES) (AMAZON-AES)
1	3.233.112.95 3.233.112.95	() ()
14	52.213.207.136 52.213.207.136	16509 (AMAZON-02) (AMAZON-02)
5	72.246.169.146 72.246.169.146	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.39.80.159 52.39.80.159	() ()
2	2a00:1450:400... 2a00:1450:4001:802::200a	() ()
1	23.36.209.167 23.36.209.167	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:350... 2a02:26f0:3500:58f::aa5	() ()
1 2	44.210.5.53 44.210.5.53	() ()
1	2a00:1450:400... 2a00:1450:4001:830::2006	() ()
3 3	3.124.114.18 3.124.114.18	() ()
1	34.160.236.64 34.160.236.64	() ()
1	185.29.134.248 185.29.134.248	() ()
1	35.71.131.137 35.71.131.137	() ()
283	68

88 2606:4700:3108::ac42:2bac (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflarepoc.newsmax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:18::1724:a29e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.newsmax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:18::1724:a29a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.169.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-46.cdg52.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:d56 (United States)

ASN13335 (CLOUDFLARENET, US)

www.queryly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

assets.netizen.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.netizen.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.224.115 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-115.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:794::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ed3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.yieldlift.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-70.vie50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:9800:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.231.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-231-185.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.239.173.210 (United Kingdom)

ASN55081 (24SHELLS, US)

ghb.yieldlift.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.192.111.20 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-192-111-20.mrs52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:7100::1720:eeeb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

amp.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2022:7000:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.232.152 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:219c:6000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4db7952b25c252efb9e2f8a08616b3b8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.227.139.243 (Piscataway, United States) 1 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.28.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-28-117.compute-1.amazonaws.com

cookies.nextmillmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.74.6.209 (Warsaw, Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:94f1:b451:8dad:7124 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.112.95 (None, )

ASN- ()

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.213.207.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-207-136.eu-west-1.compute.amazonaws.com

trends.netizen.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 72.246.169.146 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-146.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.39.80.159 (None, )

ASN- ()

p.sitemana.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (None, )

ASN- ()

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.209.167 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-209-167.deploy.static.akamaitechnologies.com

79423.analytics.edgekey.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:58f::aa5 (None, )

ASN- ()

ma1540-r.analytics.edgekey.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.210.5.53 (None, ) 1 redirects

ASN- ()

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.114.18 (None, ) 3 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (None, )

ASN- ()

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (None, )

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
91	newsmax.com cloudflarepoc.newsmax.com www.newsmax.com — Cisco Umbrella Rank: 36770	679 KB
21	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1940 adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2890	107 KB
13	netizen.co assets.netizen.co — Cisco Umbrella Rank: 59968 trends.netizen.co — Cisco Umbrella Rank: 55011 images.netizen.co — Cisco Umbrella Rank: 63143	186 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 4db7952b25c252efb9e2f8a08616b3b8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155	84 KB
12	akamaized.net amp.akamaized.net — Cisco Umbrella Rank: 9777	238 KB
11	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 124 pubads.g.doubleclick.net Failed	203 KB
8	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 6629 yeet.revcontent.com	15 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com	41 KB
8	yieldlift.io player.yieldlift.io — Cisco Umbrella Rank: 47076 ghb.yieldlift.io — Cisco Umbrella Rank: 60107	193 KB
6	liadm.com 2 redirects b-code.liadm.com — Cisco Umbrella Rank: 2948 rp.liadm.com — Cisco Umbrella Rank: 2277 rp4.liadm.com i.liadm.com	21 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	103 KB
5	moatads.com z.moatads.com — Cisco Umbrella Rank: 620 px.moatads.com — Cisco Umbrella Rank: 541	107 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	360 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	326 B
4	google.de www.google.de — Cisco Umbrella Rank: 4835	776 B
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3657 onesignal.com — Cisco Umbrella Rank: 1235	82 KB
4	queryly.com www.queryly.com — Cisco Umbrella Rank: 12288 Failed	24 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4302 consentcdn.cookiebot.com — Cisco Umbrella Rank: 4756	34 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	edgekey.net 79423.analytics.edgekey.net — Cisco Umbrella Rank: 11264 ma1540-r.analytics.edgekey.net	319 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	245 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 160	3 KB
3	adtelligent.com 1 redirects player.adtelligent.com — Cisco Umbrella Rank: 7107 sync.adtelligent.com — Cisco Umbrella Rank: 5686	2 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2114 dis.criteo.com Failed	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1383 google-bidout-d.openx.net — Cisco Umbrella Rank: 1387	687 B
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	7 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	108 KB
3	typekit.net use.typekit.net — Cisco Umbrella Rank: 600 p.typekit.net — Cisco Umbrella Rank: 783	34 KB
2	googleapis.com imasdk.googleapis.com	347 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1215 pixel.quantserve.com — Cisco Umbrella Rank: 977	10 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1538	315 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1019 bcp.crwdcntrl.net — Cisco Umbrella Rank: 952	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 839 id5-sync.com — Cisco Umbrella Rank: 434	25 KB
1	adsrvr.org match.adsrvr.org	265 B
1	mathtag.com sync.mathtag.com	443 B
1	mookie1.com odr.mookie1.com	213 B
1	2mdn.net s0.2mdn.net	17 KB
1	sitemana.com p.sitemana.com	670 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 20050	257 B
1	nextmillmedia.com cookies.nextmillmedia.com — Cisco Umbrella Rank: 4295
1	trafmag.com t.trafmag.com — Cisco Umbrella Rank: 41008	351 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 772	277 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1141	642 B
1	amazonaws.com s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 2324	25 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 547	67 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 583	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509	2 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1553	8 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408	2 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2353 x.dlx.addthis.com Failed	361 B
1	twitter.com platform.twitter.com — Cisco Umbrella Rank: 959	28 KB
1	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4986	45 KB
0	zemanta.com Failed b1sync.zemanta.com Failed
0	rfihub.com Failed p.rfihub.com Failed
283	54

	Domain	Requested by
88	cloudflarepoc.newsmax.com	cloudflarepoc.newsmax.com consent.cookiebot.com
13	fundingchoicesmessages.google.com	cloudflarepoc.newsmax.com consent.cookiebot.com
12	amp.akamaized.net	cloudflarepoc.newsmax.com amp.akamaized.net
8	trends.netizen.co	assets.netizen.co
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
7	securepubads.g.doubleclick.net	cloudflarepoc.newsmax.com www.googletagservices.com securepubads.g.doubleclick.net
6	yeet.revcontent.com	assets.netizen.co
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	cdnjs.cloudflare.com	cloudflarepoc.newsmax.com cdnjs.cloudflare.com consent.cookiebot.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	www.google.com	tpc.googlesyndication.com securepubads.g.doubleclick.net
5	www.googletagmanager.com	cloudflarepoc.newsmax.com www.googletagmanager.com amp.akamaized.net
4	px.moatads.com
4	www.facebook.com
4	www.google.de
4	ghb.yieldlift.io	player.yieldlift.io
4	player.yieldlift.io	cloudflarepoc.newsmax.com player.yieldlift.io
4	www.queryly.com	cloudflarepoc.newsmax.com consent.cookiebot.com
3	x.bidswitch.net	3 redirects
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	connect.facebook.net	cloudflarepoc.newsmax.com connect.facebook.net
3	sb.scorecardresearch.com	1 redirects
3	assets.netizen.co	cloudflarepoc.newsmax.com consent.cookiebot.com
3	cdn.jsdelivr.net	cloudflarepoc.newsmax.com consent.cookiebot.com securepubads.g.doubleclick.net
3	www.googletagservices.com	cloudflarepoc.newsmax.com consent.cookiebot.com securepubads.g.doubleclick.net
3	www.newsmax.com	cloudflarepoc.newsmax.com
2	i.liadm.com	1 redirects b-code.liadm.com
2	ma1540-r.analytics.edgekey.net	79423.analytics.edgekey.net
2	imasdk.googleapis.com	amp.akamaized.net imasdk.googleapis.com
2	images.netizen.co
2	assets.revcontent.com	assets.netizen.co
2	onesignal.com	cdn.onesignal.com
2	sync.adtelligent.com	1 redirects
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	cdn.onesignal.com	www.googletagmanager.com cdn.onesignal.com
2	b-code.liadm.com	www.googletagmanager.com b-code.liadm.com
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	oajs.openx.net	1 redirects
2	consentcdn.cookiebot.com	consent.cookiebot.com
2	use.typekit.net	cloudflarepoc.newsmax.com use.typekit.net
2	consent.cookiebot.com	cloudflarepoc.newsmax.com consent.cookiebot.com
1	match.adsrvr.org	i.liadm.com
1	sync.mathtag.com	i.liadm.com
1	odr.mookie1.com	i.liadm.com
1	s0.2mdn.net	imasdk.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	79423.analytics.edgekey.net	amp.akamaized.net
1	p.sitemana.com
1	z.moatads.com	assets.netizen.co
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	pixel.quantserve.com
1	region1.analytics.google.com	www.googletagmanager.com
1	a4p.adpartner.pro	1 redirects
1	cookies.nextmillmedia.com
1	t.trafmag.com
1	ap.lijit.com
1	4db7952b25c252efb9e2f8a08616b3b8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	rules.quantcount.com	secure.quantserve.com
1	s3.us-west-2.amazonaws.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	ads.pubmatic.com	assets.netizen.co
1	google-bidout-d.openx.net	oa.openxcdn.net
1	player.adtelligent.com	player.yieldlift.io
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	p.typekit.net	use.typekit.net
1	s7.addthis.com	cloudflarepoc.newsmax.com
1	platform.twitter.com	cloudflarepoc.newsmax.com
1	platform-api.sharethis.com	cloudflarepoc.newsmax.com
0	pubads.g.doubleclick.net Failed	imasdk.googleapis.com
0	b1sync.zemanta.com Failed	i.liadm.com
0	x.dlx.addthis.com Failed	i.liadm.com
0	p.rfihub.com Failed	i.liadm.com
0	dis.criteo.com Failed	i.liadm.com
283	84

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
www.newsmaxtv.com
www.facebook.com
twitter.com
www.newsmax.com
nmcdn.us
smeagol.revcontent.com
apps.apple.com
play.google.com
w3.newsmax.com
shop.newsmax.com
recruiting.ultipro.com
www.queryly.com

Subject Issuer	Validity	Valid
cloudflarepoc.newsmax.com GTS CA 1P5	`2023-06-21` - `2023-09-19`	3 months	crt.sh
www.newsmax.com R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-06`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
assets.netizen.co R3	`2023-05-07` - `2023-08-05`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-04-17`	a year	crt.sh
player.yieldlift.io R3	`2023-05-29` - `2023-08-27`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
ghb.yieldlift.io ZeroSSL ECC Domain Secure Site CA	`2023-06-05` - `2023-09-03`	3 months	crt.sh
player.adtelligent.com R3	`2023-05-20` - `2023-08-18`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-31` - `2023-06-29`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-28`	9 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
cookies.nextmillmedia.com Amazon RSA 2048 M02	`2023-06-13` - `2024-07-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
netizen.co Amazon RSA 2048 M02	`2023-02-14` - `2023-10-11`	8 months	crt.sh
assets.revcontent.com R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
images.netizen.co R3	`2023-05-05` - `2023-08-03`	3 months	crt.sh
p.sitemana.com Amazon RSA 2048 M02	`2023-06-10` - `2024-07-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.analytics.edgekey.net DigiCert TLS RSA SHA256 2020 CA1	`2023-06-15` - `2024-06-14`	a year	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://cloudflarepoc.newsmax.com/
Frame ID: 7A5D75A3A3F228F3F04227669EB9B475
Requests: 250 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: BECE546ED1F2ECAA9BC66F43CB4971B5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cloudflarepoc.newsmax.com&us_privacy=1YNY
Frame ID: 4EE428366FD474EBF7B7DB445ACEEF26
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 895F22D4750612DD59B6D4379CCC78D1
Requests: 1 HTTP requests in this frame

Frame: https://4db7952b25c252efb9e2f8a08616b3b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C05CC19F9224E814615256BB5D42A2FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2CCBA0EFBA83FD194DFFCF33C6118384
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FE55C11DE6C21C9BFCC7E8394CD029A1
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusnkhXan5hAFOOsohefKjJVFb-QdSI0mo0tGGRhHDCPDeCfms5KEKjoknZjqY8wRyNiII6xXYmejdxKZA_ZRwMhx2HP5kRuunWU2FdnJtBo4cH_YSS5cMbR9Wuo-gRAyJABUr3K-6MuTIreh60uXVlt7O1p7jnYEk0VwTULNrHtT9UU8oqjP8nad4qKO87HdO_zn0mQt8IhJaAW-CFsITpdh9JoQA7diQV-ubcSq3yInaJOs0Dq5u_AkrRHeZC139WV1WYHH_CD4c8tTwmK9iKOUf6hyO7reAY1p0FcP44NEFlenkQFmPdTN6zcptfQg2hAnrdmNtq_vXx9WceROJZvYUflCjVhoBUSg&sai=AMfl-YQ6M4T_5CaaLNs0QA31kifwso74AfqEQFoIz4m61PzbQ7GXNXw62tSYgpO4ExGyM-Pbx_9fO1Nw9OvBU03um_CQcNpeyC9xeBx8qHX_iI6zadgCDr4C-aAXzxPuk7gPB4KLsYHjp0fRTc4C_Lzik10&sig=Cg0ArKJSzBScoF52eyMeEAE&uach_m=[UACH]&adurl=
Frame ID: 53AAE9022A1A264AD0CBAFE5EF270340
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 46EE17F030EA58458EBA74F8507D99C5
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2335718575CCDD95F35017B0BE41F241
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01h3ft98jrs1r65kvn67qrwrf0&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YNY&
Frame ID: 4516254F4C54EF43039E6CEC30D19697
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Frame ID: 14D5321692B7EDB0F9AA7C5E943B7CF1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Newsmax – Breaking News | News Videos | Politics, Health, Finance

Detected technologies

Kentico CMS (CMS) Expand

Overall confidence: 100%
Detected patterns

/CMSPages/GetResource\.ashx

AddThis (Widgets) Expand

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

283
Requests

95 %
HTTPS

53 %
IPv6

54
Domains

84
Subdomains

68
IPs

9
Countries

3807 kB
Transfer

10874 kB
Size

35
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/us/app/id878180850
Title: VIEW

Search URL Search Domain Scan URL

URL: https://www.newsmaxtv.com/
Title: WATCH TV LIVE

Search URL Search Domain Scan URL

URL: http://www.newsmaxtv.com/
Title: TV

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newsmax

Search URL Search Domain Scan URL

URL: https://twitter.com/newsmax

Search URL Search Domain Scan URL

URL: https://www.newsmax.com/nmsubscribe
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://nmcdn.us/nqy
Title: SPONSOR: Biden May Have Revealed Newest Threat to 401K/IRAs–Shocking Details

Search URL Search Domain Scan URL

URL: https://nmcdn.us/3jk
Title: SPONSOR: International Dating Platform Unites Singles Around the World

Search URL Search Domain Scan URL

URL: https://nmcdn.us/7zi
Title: SPONSOR: Metformin May Harm Your Legs (Do This to Stop it)

Search URL Search Domain Scan URL

URL: https://nmcdn.us/r99
Title: SPONSOR: Congress Takes out Patent on Bible Secret

Search URL Search Domain Scan URL

URL: https://nmcdn.us/lc7
Title: SPONSOR: Do Diets Really Work? Here's What Takes Away Hanging Belly Fat Fast

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/yoTJpc66b4NREahlb831TcWGueyz3LCS6O6EZaW8qSYh6-8Sn1MNz2PsFokUcf-aTbSPz2yBCyZJtiWoIZ07t7MLvhKqivYTIF4CBeYwm0eOB8AE72BFqViM35NflTtDg7zosS18m8Vm86Moa6W6V-cvmuuIzsuYg6kFQ_4nmbW4NDmCn8SOT_YFRF6Z9VnBwiA7KBmJPJD5RtbjkYyJKLvjrTpJkggadxbEmnWshqKFzv4heTAhYAz5bMxxIBePU9bjA6PKKfqX4rC1G7Q-_kDQoVYbHQxJnfuOQfI1eu6bMkrR4eYD8ywLkXZF35A6oHBjEBd8JnRwhekTrkkrZa4jvKG009u__2Lv_bBdvantIz5XpHNFKY3pLYZKCCaVC3IuOtscjqFsKi924JRYFxyRKlNF5OHVo3eggrm8gnXRoYMEKa3EaQJTrt_9iUMWUevckSVgwg?p=GgFDMNm6zaQGOiQxY2FhMDAwZC05MGY5LTQ5OWUtODkzMC01Yzg4ZmU3MDU5NjVCJDEzMmViNTM1LTAzNDItNGM3NC1iY2U1LWZiMGIxZTEyNTEyNEoLd2hpZS13YWxrZXJQh-wIWJ2lC2ILbmV3c21heC5jb21qB2Rlc2t0b3CQAQHYAbKO8AGqAg8xODUuMjEzLjE1NS4xNzE
Title: Men: Forget the "Blue Pill" Do This Instead (Watch)Watch The Video

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/RXflFS9IxeRtqmtV2GSbMpgSJp9CItvGEKclk950gFAB5phCN_1HBR8JKeBlZQnMFsmjx3BDNrfeHWW55x9GkgU09r9Mz73QC_QMgX1sgVOW9tUwIrDH1NBMvSlWoVTAsDuecTvpqvly39qWrx46r_kZj9C980LuPMJZEoHXdX_gTFjUUdN6U_Y5ZQJqo-SEsayjE1vFTUeHeGODis3-WU-deCvC93_vDh0-Ph0HGjLBlLPlqM1P-UEGMe2FpMD0FaYAX__ZbfRLb6xe0tAvk-N8_9ENmmCdJXRYDUvBka2CtNscGEzjWYXyGX-1dLc3aT6LQHjUQigs_9RAVSfxRKuP0LIXGa9Y8TSKGGGA5zGSlYC6UlzRDQwemkdjv9cPOtYSy9Yzldn_OfUszIKJ_Sm9Lc6el8Kd94L6zDEmaNmDySsJyC_7AvkQywCmFbLlJGa6IOsCLsynsuAiVX3xus1PMk4o_pbnjM5ltjJ_qW7bLZx-xqBPqyKuFfs6HO3uyj9gkvy_R3euOa5SVTKsQqAjWVaGolIG-M1pvPItih7Ux0eSn3cugOWHIasMEDw_XUBPRGvmOjjZ42ahen5Chiy4G93tskIi4aM?p=GgFDMNm6zaQGOiRmNmRkZjU4ZS0xZjExLTQ3YjItYjY1Ny04MzUzMjczYmYyMzdCJGNlZTMxN2I0LWQ0YjYtNGNkNC1hNTQ2LTMxYzM3OTRmOWFjMEoLd2hpZS13YWxrZXJQh-wIWIbICmILbmV3c21heC5jb21qB2Rlc2t0b3CQAQHYAbKO8AGqAg8xODUuMjEzLjE1NS4xNzE
Title: Abendessen: 10 Lebensmittel, Die Sie Niemals Abends Essen SolltenHealth Natural

Search URL Search Domain Scan URL

URL: https://www.newsmaxtv.com/findus
Title: Channels

Search URL Search Domain Scan URL

URL: https://www.newsmaxtv.com/#schedule-section
Title: Schedule

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/newsmax-tv/id878180850

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.fli.android.newsmaxapp&hl=en_US&gl=US

Search URL Search Domain Scan URL

URL: https://w3.newsmax.com/General/NMM/Offers/Issues/NMM-2023-06?dkt_nbr=070102e0boaz
Title: Check out latest edition here!

Search URL Search Domain Scan URL

URL: https://www.newsmax.com/privacystatement/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.newsmax.com/about/
Title: About

Search URL Search Domain Scan URL

URL: https://www.newsmax.com/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.newsmax.com/advertise/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://shop.newsmax.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.newsmax.com/rss/
Title: RSS

Search URL Search Domain Scan URL

URL: https://www.newsmax.com/archives/
Title: Archives

Search URL Search Domain Scan URL

URL: https://www.newsmax.com/links/
Title: Links

Search URL Search Domain Scan URL

URL: https://recruiting.ultipro.com/NEW1027/JobBoard/3d5ae180-49c4-20f7-d7b4-adfe940978a7/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.newsmax.com/termsconditions/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.queryly.com/
Title: search by queryly

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 127

https://oajs.openx.net/esp?url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&rid=esp&cc=1

Request Chain 132

https://gum.criteo.com/sid/json?origin=publishertagids&domain=newsmax.com&sn=ChromeSyncframe&so=0&topUrl=cloudflarepoc.newsmax.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=6RrVpnwrS2hrTUVoZGFQSkhFSHNEell0Mkl1aXZaSUV1RUhqNzJudXdYMnMzR29jRndPWW1GczcxT0RUSEJuUG00aE5HU1FNb0xGTG84dndnR3E5eHFsUkVCeDlMWEpkN1V2QTF6alVPRjdHTWtNclRQY3IzZm9yNnFuTFAxTmxST01FSGMySFM5MEdQZHF6STVYaVh5YnR4TXlNZGdobkxxeEJiRVcxTTd3clFxaHZsb0U4Ny9oRFFSN3pkUVVHN1ZjTGNMVit3RTczNDZpU3VNQXgrVWVsbW52ZHU3YTM1WGJFc2lPUGtYRjhnZzk1cExidVp5Ynk3V1g4dkhlbS9VazNaK29vWUgrU2tJd2NiYVdUY1dNcGpMUT09fA&cppv=2

Request Chain 142

https://sb.scorecardresearch.com/cs/9248945/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 175

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=f12fc764df547371

Request Chain 177

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=a0a5aa89-647b-426a-ba3e-02df1d1be5bb

Request Chain 193

https://rp.liadm.com/j?dtstmp=1687379288788&aid=a-026z&se=e30&duid=cd49d5059397--01h3ft98jrs1r65kvn67qrwrf0&tna=v2.7.2&pu=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&us_privacy=1YNY&wpn=lc-bundle&c=PHRpdGxlPgoJTmV3c21heCDigJMgQnJlYWtpbmcgTmV3cyB8IE5ld3MgVmlkZW9zIHwgUG9saXRpY3MsIEhlYWx0aCwgRmluYW5jZQo8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJUb3AgbmV3cyBoZWFkbGluZXMsIHZpZGVvcyBhbmQgY29tbWVudHMgZnJvbSBOZXdzbWF4LmNvbSBjb3ZlcmluZyBwb2xpdGljcywgdGhlIFdoaXRlIEhvdXNlLCBDb25ncmVzcywgSG9sbHl3b29kLiBVLlMuIG5ld3MgeW91IGNhbiB0cnVzdCBvbiBoZWFsdGgsIHBlcnNvbmFsIGZpbmFuY2UsIGZhaXRoLCBmcmVlZG9tIGlzc3VlcyBhbmQgbW9yZS4iPg HTTP 302
https://rp4.liadm.com/j?dtstmp=1687379288788&aid=a-026z&se=e30&duid=cd49d5059397--01h3ft98jrs1r65kvn67qrwrf0&tna=v2.7.2&pu=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&us_privacy=1YNY&wpn=lc-bundle&c=PHRpdGxlPgoJTmV3c21heCDigJMgQnJlYWtpbmcgTmV3cyB8IE5ld3MgVmlkZW9zIHwgUG9saXRpY3MsIEhlYWx0aCwgRmluYW5jZQo8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJUb3AgbmV3cyBoZWFkbGluZXMsIHZpZGVvcyBhbmQgY29tbWVudHMgZnJvbSBOZXdzbWF4LmNvbSBjb3ZlcmluZyBwb2xpdGljcywgdGhlIFdoaXRlIEhvdXNlLCBDb25ncmVzcywgSG9sbHl3b29kLiBVLlMuIG5ld3MgeW91IGNhbiB0cnVzdCBvbiBoZWFsdGgsIHBlcnNvbmFsIGZpbmFuY2UsIGZhaXRoLCBmcmVlZG9tIGlzc3VlcyBhbmQgbW9yZS4iPg&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NWU%3D&n3pc=true

Request Chain 275

https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D&us_privacy=1YNY HTTP 302
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2484576212589273180&us_privacy=1YNY HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1YNY

Request Chain 276

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=cf637065-cd6f-4240-a918-753c4e8357c3&us_privacy=1YNY HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=b61fcbf5-5947-4d4f-a907-1adfcdd5bef2%3A1687379290.4563146&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db61fcbf5-5947-4d4f-a907-1adfcdd5bef2%253A1687379290.4563146%26_%3D1687379290.460949&cb=1687379290.4609838

Request Chain 277

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=cf637065-cd6f-4240-a918-753c4e8357c3&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1YNY HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=cf637065-cd6f-4240-a918-753c4e8357c3&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1YNY HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=4f7a3e63-649c-44ea-9c09-ff99ed0c6060 HTTP 303
https://x.bidswitch.net/sync?ssp=liveintent&user_id=cf637065-cd6f-4240-a918-753c4e8357c3 HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4f7a3e63-649c-44ea-9c09-ff99ed0c6060&ssp=liveintent&gdpr=&gdpr_consent=

Request Chain 280

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=cf637065-cd6f-4240-a918-753c4e8357c3&us_privacy=1YNY HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=cf637065-cd6f-4240-a918-753c4e8357c3&us_privacy=1YNY&rd=Y

283 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cloudflarepoc.newsmax.com/ 385 KB
76 KB 259ms
196ms Document
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b3dc49d94ba659f483e6bcfa6efbf827ee367681fe729a88a72acd36f01f3c5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7daefef1cbe61919-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 20:28:04 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wo1VdR2XFkplFoPYLj9XBnOBks7ju%2BmAMTgVOHFlyP0lnQQhvPlsprdedNLyJfJrK24NMy1Qt0ihN3HjbfKNFDFBXgirpAayjr%2FXhf6EFEWbWafvc%2F0HLK%2FLm8EAvzFkpMLpSC95re1x8%2FQz88hXfwEGNGwg4OT0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;includeSubDomains;preload
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge IE=edge

GET
H2 200 GetResource.ashx
cloudflarepoc.newsmax.com/CMSPages/ 0
449 B 173ms
167ms Stylesheet
text/css 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/CMSPages/GetResource.ashx?stylesheetname=Empty

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: attachment; filename="Empty.css"
alt-svc: h3=":443"; ma=86400
content-length: 0
x-ua-compatible: IE=edge
last-modified: Wed, 03 Aug 2022 18:58:40 GMT
server: cloudflare
etag: "cssstylesheet|1537f138-8154-43b1-9ffb-c35a6dda086c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C59kd2IkEuUmLFZjRJKRzVy86JPPnu1pc9iR8VtnlxoFjHK3Mj27BaAkdZJGfCUgC9XTebu6%2BOzq5L13DNWuSskYQ3kkJtWhBoSUfMo6l6v2AynTDseofNZyI9i1eS%2FyhNHu%2FJA3pufRrd5PkXhqmV2UHYJCipUo"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, must-revalidate
cf-ray: 7daefef31dee1919-FRA
expires: Wed, 21 Jun 2023 20:58:05 GMT

GET
H2 200 cookieBot.css
www.newsmax.com/css/ 2 KB
814 B 80ms
16ms Stylesheet
text/css 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newsmax.com/css/cookieBot.css

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer / ASP.NET

Resource Hash

2074d239d8626098f43625c48639c95393a87d1326e2e8c9ce09964f9e597f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Wed, 21 Jun 2023 20:28:05 GMT
last-modified: Thu, 15 Jun 2023 18:58:35 GMT
server: Akamai Resource Optimizer
etag: "d5352876b19fd91:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=80989
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468716_388276382_151175438_28_8131_5_0_-";dur=1
accept-ranges: bytes
content-length: 446
x-ua-compatible: IE=edge

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 107 KB
33 KB 45ms
11ms Script
application/javascript 2a02:26f0:3500:18::1724:a29a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 445a40338fb4c488b9b8432ec3014e6fda1e95370e87f33fdc527c06d04dbaa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: gzip
last-modified: Wed, 07 Jun 2023 06:53:11 GMT
etag: "ed3f55b9c99d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=985
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 33583
expires: Wed, 21 Jun 2023 20:44:30 GMT

GET
H2 200 xgw0ani.css
use.typekit.net/ 1 KB
813 B 61ms
7ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/xgw0ani.css

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d319bdf140fe2cdd1d0923db42f5b400d486cba4dee2ef348c56589bda2e2464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 21 Jun 2023 20:28:05 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 590

GET
H2 200 newsmax.min.css
cloudflarepoc.newsmax.com/css/ 237 KB
44 KB 184ms
178ms Stylesheet
text/css 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/css/newsmax.min.css

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ef6058292ccc26a22da224e9bc33514fd4feb09c90da968d56d07854f2a2475b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Thu, 15 Jun 2023 19:09:20 GMT
server: cloudflare
etag: W/"95afcce3bc9fd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BV9fuyooTx5nuoTNcDTtBOkks8CnKJXvs8sftEo0KeWG93xcFCbCUpF5rcw3LO%2FsCOceTsfEomlwC2tAo6rW7S5P8zjatnclfABYtf%2Bp%2BvKcdkzeeazIEJA6T2hmLkUBhUasdOD%2BrqxAYOPSCZKFcCR%2B8v3hZYYd"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 7daefef31dfd1919-FRA

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 35ms
15ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 777268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhcMkxqIy3pyZ71Rjf1NINk%2FAE%2FGEmdXkdAWt53zUGLr48OvAnrggOqnW0aUhfyKkglRRMQwwrAvbhbjUrPFoeYdCuI8BpSi73P%2BtDGmG0aeJWeJfGO1GPctx%2BrJhX%2FuE0sPv%2ByTEAjDqBv7O8SZkurS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7daefef33980993f-FRA
expires: Mon, 10 Jun 2024 20:28:05 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
cloudflarepoc.newsmax.com/js/ 85 KB
31 KB 196ms
190ms Script
application/javascript 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/js/jquery-3.2.1.min.js

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Mon, 07 Oct 2019 21:07:02 GMT
server: cloudflare
etag: W/"01f232a537dd51:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5J0VYzxXkFUWqYKPWOVKdCY5Y4YkD6mzCVTY2PmZitT0magFvTWEnI6iUMn73u6He0LXK2RnEWaJPrgYkjWlauQWJ6geFf2GGI6wKo1xBkMfQcyiUS6YBrVfhgAi4dPTyl8NsTPbDa%2BV3UtkzUscXKS3h1cualw"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 7daefef31dfe1919-FRA

GET
H2 200 nm-common.bundle.min.js Show response
cloudflarepoc.newsmax.com/js/dist/ 358 KB
106 KB 190ms
184ms Script
application/javascript 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/js/dist/nm-common.bundle.min.js

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8c104894c3614094abfa85aee0f0292918ed5eb80c6e497b66ad14fd6ea82bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Tue, 23 May 2023 11:30:04 GMT
server: cloudflare
etag: W/"08620eb698dd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fiqgmnq%2BQh%2BNc0pE0EpnATqFdOJ%2F4ui74fd%2FySxeOoA%2Bb8B4LGdJ1TTn7mN9LIul8ARM5EyyQQcOMTrwoIomQ2xLHqhHeBw7BOiJEvHonQPiIKRH685ypsgk0fmdvXy19MVG%2FgIK0xYEUt7uQGs7MZiLDV%2BOQrl9"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 7daefef31e011919-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
26 KB 273ms
140ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3f6d5a058b098bff36e4e53acb9e9e6d18cf7cc48e115f67c5d93da5d3cde36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26436
x-xss-protection: 0
server: cafe
etag: 550 / 19529 / m202306140101 / config-hash: 13361936451535775382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 20:28:05 GMT

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 43 KB
10 KB 36ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3533481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9564
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-ab69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZWWIUlyuHUCwkRxsbjm7B438aAua%2FZyE7895PE8DoY%2FgTcta8p%2FnVVaafkZOEQtSxu8pYiat3auHEiPfbW7VpCMVxXScwk98YwzaU6CGi%2FE%2FcXw6HhNI7A5KXn82LT1QjEic8GDixHyiLXxxXoBUe%2Bv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7daefef33986993f-FRA
expires: Mon, 10 Jun 2024 20:28:05 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 2 KB
973 B 36ms
17ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3540140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 657
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FT4rP%2BeY4IgeyectEzCr6GKn8dP3dFXhI4vHQzbGCdy1QlrCWnK3yHZ0WpVC9LoAmQV6gQ2Icb9sbaOGoeA2vcsPkRqXcgz1GJJsh6dwaDt3%2FQWPCYbDtwGKRHHMpe4bizL4ugnVg1s%2FPM9qT7vSGSQ7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7daefef33982993f-FRA
expires: Mon, 10 Jun 2024 20:28:05 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 1 KB
733 B 35ms
16ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4474
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 394
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ht5nffG4ziR3qXf1uA31GAVPOW6TAfxY8wAptRdYaDMMbzBSGQW5yQIrK8mlSwG6G7SBoQiVXx8GjBxKlSkNlfrvSp29zaNWT%2B1W%2FLJvq2Dx8anouR9VcaGnR2y%2FYk6WO0c8gqCjaZ5GZO%2FNxA4bdq3x"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7daefef33984993f-FRA
expires: Mon, 10 Jun 2024 20:28:05 GMT

GET
H2 200 pub-2932230807573228 Show response
fundingchoicesmessages.google.com/i/ 147 KB
49 KB 156ms
66ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-2932230807573228?ers=1

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a2ed126dc370334f4e70b5ccdd2ac816f7bb2018b402e85934af96aad7821b5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v8o1_7pQ7GJ2FHndCW5h8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-v8o1_7pQ7GJ2FHndCW5h8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lozad.min.js Show response
cdn.jsdelivr.net/npm/lozad/dist/ 3 KB
3 KB 31ms
7ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 20:28:04 GMT
x-content-type-options: nosniff
age: 26803
x-jsd-version: 1.16.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3095
x-served-by: cache-fra-eddf8230124-FRA
x-jsd-version-type: version
etag: W/"c17-/CtD5WDEW7iHrdmPF7CEBoqSMss"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 201 KB
45 KB 87ms
17ms Script
text/javascript 52.222.169.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.169.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-169-46.cdg52.r.cloudfront.net

Software

Resource Hash

e9b6e5d6207dea3753f55720cef88d4c6a60758ffacb7808ec6081b2a63bbc5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:26:52 GMT
content-encoding: gzip
via: 1.1 fd000a128e6bb534d86b423d2d506d52.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: CDG52-P2
age: 73
etag: W/"3225f-sMYnyFmnB+/njI8u5nwE2QPqhYo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: 61TaFmpeidmgBIXX66oZs5hH-izt8nU1pMXGSuZ94NDm9bujKxHFug==

GET
H2 200 analytics.js Show response
cloudflarepoc.newsmax.com/js/ 4 KB
1 KB 158ms
154ms Script
application/javascript 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/js/analytics.js

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

aca9e5a67f06ff68ac7ced2031ef234afd2f20010451a904f25b8d4fcbfb04f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Mon, 07 Oct 2019 21:07:02 GMT
server: cloudflare
etag: W/"01f232a537dd51:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YU5Gbt%2FF37%2FV2iPMEMGSnN1b8VkaKl191JmucCdH28Bs6TxSr7Z0tMmXLqcGROi7GVmDo3U0v%2BWjn6Fl4GddYNs4rZV%2F0MYfP1TKluxZou%2FMjD1bMB%2FFLfOIRcxmRiqEzGsAUOcSSYHkqtsY0ZBY40kRJHde%2Bvr"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 7daefef31e021919-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 217ms
111ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d609cb1430ec19af108e46e3ba2ce81d5fc5355de5f2d4447ff25b856fd7340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26436
x-xss-protection: 0
server: cafe
etag: 189 / 19529 / 31075399 / config-hash: 13361936451535775382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 20:28:05 GMT

GET
H2 200 WebResource.axd Show response
cloudflarepoc.newsmax.com/ 23 KB
5 KB 150ms
146ms Script
application/x-javascript 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/WebResource.axd?d=ajj-54hEFw_9s8vUhC7aqiqIMz0pNh5t4_SU2ofVsVwummsDI5FJiI5GycwOyKPz2gszbuHXhWsBOxBmW8C9TcQBcJ41&t=637811549229275428

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Wed, 23 Feb 2022 00:28:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwIDeTnS%2B11Y6jya0s6Mn5wTByldsvdqA3FkUGco7hQ27GSN3vysv907F3BpwcptBnnZvR8zkK%2FMzJ0mw1R4D3aw6oJ4aQEdVNNlTstTPKt4dwVoUqouQlgwEbIeRNfoeMw%2FNcvolCkyE6GI%2FjuQ8rgIC7B1DVBw"}],"group":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 7daefef31e041919-FRA
expires: Thu, 20 Jun 2024 12:13:16 GMT

GET
H2 200 ScriptResource.axd Show response
cloudflarepoc.newsmax.com/ 100 KB
26 KB 728ms
724ms Script
application/x-javascript 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/ScriptResource.axd?d=loHavPNe5-_O6-V3CpmHjIdMuSiXtcpWnzKoZD-UT8JxRi8UwWlnQEWIm_xcEZefPXVTHWQVkrAwyQS5K6tYoAzkJ1emGBD02Q1-XF_Wkm8MAoqsOJaC48nXex3lIrasiamatjcOgjyDKLfqTq2xRqsscLw1&t=ffffffffaa493ab8

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Wed, 21 Jun 2023 12:16:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqDGCI3CCvKDctcWTVTTmSHWEHS7gQ7Piol98GaP7WqQpj2jlktmNY3CKqWlGi82H%2BKlxKnQhx6zjsZrSYMScjXvBuymtSVbXCVivpL1TOPd2GPtNk9ci6UnA72U8r1eGrEW9IdnmrSevTNRW1xm%2Fg%2BUTMDErFuN"}],"group":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 7daefef31e061919-FRA
expires: Thu, 20 Jun 2024 12:16:19 GMT

GET
H2 200 ScriptResource.axd Show response
cloudflarepoc.newsmax.com/ 39 KB
11 KB 157ms
153ms Script
application/x-javascript 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/ScriptResource.axd?d=ZdTB-9wgzkd9MabCDj2_sb4StvrEu3LYOwvQ0ovmO7RIA8MWwIA06RJTjeOr04VT2W6gvKbcIGnaVcB4YCVNs7UBEyicwrJOogQaVis9iLBEtOOhRy7hM4660Qd2GT-FSNcpu2pEX72vVsVfVTR3eSQV2jYblFlPZ-AzoBtrh_Obe_2_0&t=ffffffffaa493ab8

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Wed, 21 Jun 2023 13:40:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMBxybrsqmLJtP5h4W2Ug9IBIobs%2Bbo7x6lidwKI6BCz8gVlLlSbpwbSfKqRhIgNue%2FG%2B4e7G2cFwIX2pBppq4GvZfGElCXAOYeFW5E0Mi8sWntHsI8CSoE3rcE%2BYoynv53HE54fhtwNDyy6eiTG0%2FlD5qq0Bamu"}],"group":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 7daefef31e071919-FRA
expires: Thu, 20 Jun 2024 13:40:28 GMT

GET whitesearchicon.png
www.queryly.com/images/ 0
0

GET
H2 200 queryly.v4.js Show response
www.queryly.com/js/ 46 KB
10 KB 45ms
15ms Script
application/x-javascript 2606:4700:20::681a:d56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.queryly.com/js/queryly.v4.js
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f4cff2a345300085e749e83fdd2d293cd11ffbbdf676bb85e138562086a06802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17681
x-powered-by: ASP.NET
last-modified: Mon, 06 Feb 2023 15:55:16 GMT
server: cloudflare
etag: W/"08aa167433ad91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXTRcWtNThp4MfNCE9As9cZySE0doqv2i52fWdwhtFuP8AQkVADJHS2a8CgbqsOxloQJdRhC26Z9WCqankBLwZ%2FA1M5TG8WosCPmAh%2FVwZlTmbTJ7Jphupd33jGotcgSrygDWewmflFJpzAXmw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7daefef49a2b9012-FRA
access-control-allow-headers: *

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 157ms
148ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=d152f1b7-73da-4b7b-ad6d-93c2dc97c0c2&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVv2qGfe98lbFYQfbL769pj5a3x0mcnjzJ7UxTuzi%2FkDONX8yqcdKIKihfOQ3t9wJB3%2FNoYW3P6Pwn4EhTyYHo8yDtWQ6WQ6tyJsH2ylSzgaXkR6GjcvrUCTvA8bm4sEjgr1xnZPN18fxMBytYYx2YsTR6pUz07%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47be7926e-FRA
alt-svc: h3=":443"; ma=86400

GET GetFile.aspx
www.newsmax.com/CMSPages/ 0
0

GET
H3 200 video.png
cloudflarepoc.newsmax.com/app_themes/newsmaxnew/images/ 1 KB
2 KB 176ms
167ms Image
image/png 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudflarepoc.newsmax.com/app_themes/newsmaxnew/images/video.png

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

91f0e3fd56b066715625bef36e3c3d23559c416bd7f69c38e504a904313576b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1337
x-ua-compatible: IE=edge
last-modified: Mon, 07 Oct 2019 21:06:52 GMT
server: cloudflare
etag: "03e2d24537dd51:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgPYmWbIV7nKCCgHjhFOl8t2HdduyO6Sc%2BNJbzc4KdxzvTwn%2FxLbz5ZALX4KhpSbGWdi0j1OBGW2jMz6FBmPGWhURjonImaiL4JsUEwTSArbzbn81CAb8WzpMno1MNAmtheWhsOXjmdLS1YkxJPTP0VHVtWsWqV1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7daefef47be9926e-FRA

GET GetFile.aspx
www.newsmax.com/CMSPages/ 0
0

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 185ms
176ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=12864f3d-2813-4fcd-abc5-f6afd5bf8dd3&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjCYV45O0xZonZPwfS%2Bli%2FeHS%2B8ucRl2oPnKcZ08WhNJiVO2R26w86UQH3VSt6k%2Broh%2Fb41T0%2Ft0jMjOT15jd7p0lWqqXMp4uZCbWsLFsSyNCFOo5SX6YdcFaIIaudu9gXei8yC0fhg1jwfuJOitJvEuQBVeCQWz"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47bea926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 155ms
146ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=1b8d4fc9-0aa4-45c0-a1a0-dbc449740d6b&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FQ%2F6ha8wuOrEUSJaGXpkrqHUFHc8W6lV1rZOqIpLUV2LxoUXFKB3YZU9JoVwF4XTbvPG0WFk2YO4kvnJhATRdY3odTjJUsx52ripheBqQ3amy7fVYqYaYE57aP94sFjvMF%2FsL89mUG1Wi3iJC34fGSUiLLAkioK"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47bec926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 159ms
150ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=32124640-5cb7-4dab-83ab-f1b38de26b27&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NguycEa93oj%2B9INxBX5WafyVsz723nDz4rjh7B6pcsnSIdT8VPI0uiosd9h7VW%2FB%2Br%2Bkmxc4khRqUa4P6mQdIXJJeE1owtbLvn%2Fae4FQL7F6mA2Vu6%2BSTXXD7BZORnLLkzCyYeKvmaqP%2B%2B181ywICXOmtnkxfC3i"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
x-cnection: close
cf-ray: 7daefef47bf0926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 157ms
148ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=0c633c5c-fb2d-4642-a7ce-73b0786fa706&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QpcT%2FidfE%2BjSO899uxHekSX4Z44UawsRERv9Bg%2FhGgX26qTQmc5AZgaBbmnrEKpNw4tYBehtwmKW3kAVQsyAY0iYGrLe7jMHib1Zmf%2F2LMnKDdPWWpxlTh%2FpLWIB9XnUAj3o%2FTilCD9rrE4KU7XH65StP2rPtEPI"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47bf1926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 163ms
154ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=40a363d8-1218-4f30-8ebd-789ea6b00605&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ie0q0cLyst2Y9m2EBJq0eO4TGkasZCBCaoVa28Jh%2BeHh2f4fVBpJd2%2BcFjtXEB%2FnWr7EydxcQSsghiT480s8vzG25jTyztZ7hdQjxVqLaHQqZ3Qs9i96s64LRswIuHYEUJ1ypvUSfJ%2F9rQHBlaJ90I%2BFFriKr7Xz"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47bf2926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 152ms
143ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=6288893f-953d-4745-86d1-92f687ef7f72&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hAWnWPoxL8jtSyjB4unBJfM5WUCSTcEzxpVt%2FqcsJVCLD36Rubh3xdcjl7EXHA8kmUGSFZjldV1M30S0VBU7Rb2s2kXfDimVlS1DCjF9Rf16tLQY5houyxmLJNe4OaD%2BIi4pYGgFsq70l5SiQ7UeOK6qI%2FMRdk5"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47bf6926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 165ms
156ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=18b206c6-820f-461d-905a-870e5d5fe089&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nx8O3ll7zoGz3GPTQ3hiFK%2F4YCx7JH7kZ5j0g%2B2GBxCuIxUya%2F55rX1xSrJtpyIG16bHajW%2FAJoh033G4WK1KqGrhM8wFB1D%2B2UHPc44o9tv8VhrzE8Y5rgAxJ3MQDSck38bro9DW7cvHBqL1KZm%2Fbn3w0Izw4DR"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47bf8926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 164ms
155ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=f3c97aa4-a403-4602-8f65-8aa453051f4d&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkqRgi7ISU48ELfUuQe9h2Ty6UB0rE2EIBYbWAbD2JEzCtbEmeY%2FK8TOpLRS2D5R4VbqMdBLxK1jx30x4K4bljGF9JCgXtShnzDFbkTMWqRRsYSWjEEPmVVHbL7Yo8QYY1Whfvjm06na4EE%2B%2FbNF5g2zyr8h1HrF"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47bfb926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 164ms
155ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=f858e17b-b6b6-4c7c-aaa0-e316241bd823&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puMDnEtmLxKN1c3QDRuqZ9plXHojZQHZ0ugFOiDjVA2szvgqxNfZSqlS6otRgyFrjTjOeExhlghHy%2B7bgCIeX%2FiNfqUMxW60i61dK%2B0moAiJ7sj%2BxEQeXruqti30lrQ1r4UYjNY42FWhK2KxJEtEBwcYIp3Q88hQ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47bfe926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 key.png
cloudflarepoc.newsmax.com/app_themes/newsmaxnew/images/ 301 B
872 B 175ms
166ms Image
image/png 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudflarepoc.newsmax.com/app_themes/newsmaxnew/images/key.png

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bfed6e0df9443581048fab45ae451481f56c4155985d8dcf8bc13ed268af4824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 301
x-ua-compatible: IE=edge
last-modified: Mon, 07 Oct 2019 21:06:50 GMT
server: cloudflare
etag: "011fc22537dd51:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qgUC0m30ncWbzR4%2F4lKrcw8dH22FCqW3cMGIvQ%2Fm4GTo7MIJ67KLPgPyl6TGwaw3oHMvt%2B78HZDYYESlYsNxlwZ1kn6xOcIDP5aCc6DpU9gqCiln3h6AlPpS9rGkd%2FS4KIEz%2FVWONq9p6SfvdQEXL%2FVq4QNjzak"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7daefef47c03926e-FRA

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 176ms
167ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=42ece4f1-6ed5-444f-a787-d568ccb5be11&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5dgg2eI4Vg1O7sZl9Md8mWVyW3Z%2BVG%2FR7fnDh%2B5f2U8gox4JFX7vjLZ8ZTVCIpiYX6kfVhjZpOiApz2j4%2BJIBsVDmy5mReDBjv6IPOe%2B5MZDhKR4z%2Bro4tYjOaJXU5SgM6k00IhNd8Ner3okdCcQMMvlKiSyNFz"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c07926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 164ms
155ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=e64fe0f4-d258-4c09-8946-bfc2234cfd5f&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvUvtVnt6QAJSNK94B39k5JDJP7uZuUtH8PVWhL5CaNrwMFtlgtQQyytWe9HX4mJHDOeUJck1Id3UHBg7%2BoWIYcjCcfOVTHtcCXge5CYLJxIcypi%2BEwdKvK8lyNYwLofDwyYsDdjmmO%2BmjBXctbpvhazZIK98EAE"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c09926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 157ms
148ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=aae609fd-e813-4a00-b5bc-70f5dff4d159&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IWavEJGIPdq8pLl1I3e37Jiquc6KNla%2F2qM8frYFylHy33H%2BGbMS86hK94fxJ17si%2FeUcG6KBzoMDn4GfqrrY0BR2qK81J3mUZdRLki9hIorU361cRn9L%2FaQMpqBWudFvrdgn1PCpzyP4ZZsfcW4HeR1sRe2av%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c0a926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 162ms
153ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=e42e3cba-19d6-4dda-8f4a-7573c970b96e&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8%2BKfRpKaw4C33Vlswzgbth3TRiwGF9iY%2BifEVs7zKNVJCfw7d5QoBTSV7RXGPQ3BxhF12Y6TT%2B%2BprvFwuwNrGg2PkhdkJOybc04cQELqFYfBS%2BJ50dtHJRao4BwzS3rzzLaR0dQKmxrxmxBefzoXoILUV7vmP5g"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
x-cnection: close
cf-ray: 7daefef47c0b926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 160ms
152ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=5184fd72-b440-4d28-9f9d-8f5f1099321d&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kUBZLCZpM8qaYVRN%2BNiBPcHrpEqIUUbGfZIrxRoYzhMdF8LbvrrzfntdZ0SJy%2F70S6eOxS%2FBDGAoRWkoiXt2GggykK1T%2BJmySgxvAKolkKMV1ka8E6FOZXt%2Bxj73Fto0hq9FAV8g7FW%2FPWFsXK2oxfYOFiHwM4m"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c0c926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 186ms
177ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=ff9e6626-1a4a-4585-a713-12d209f5df00&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oh%2BMKDMmpTq8P7XN7F%2Bmg2akTqzywT516s5ZS5QlOZXVD1cn9yrzb%2FsFvaO%2FSShKXe8ScQ9BVw6OQ13DqTwybMijyHTtKjYC6SzYiPwJR8P3cSoV%2FdLdovgn4C11HnTPCw7jWji4ulz7kGc05XtBh70%2F6Mgiu5kX"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c0d926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 166ms
157ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=fb096847-5d85-4383-9d4f-7ee91a228b47&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oonkT5uEqicV4eO%2BemWBf7eb5Ts0xRYuqBt20Ia%2FNHFUkyJxOrKB0XCFRZ7STyh3tiXhWtNaA%2BPlNAXq5Blja9xsW9Ln8QPvja8JpTBQso7aDokrANV1u5PfHaxFkC43jM%2FdbXI3PUouv6nRDGYY5FoUCbCG8rJK"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c0e926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 176ms
167ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=c75de1bb-4ab9-42cb-af19-4f966240bfb1&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tgD9mulOsiJ38kkFi0esB4VzKEmgODWbtIjJlrE9j%2FZfMEDa%2FjFVfQZEhn9M1VaiWt3uCwyOya91UWIJY8sve9rhwrFXc57yVAcEi1TkyEpfGqWSeVlWHyEXrwS87LsNTCm0C4isYlzBbZdwG0GUB6Pd%2BG1lq4s"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c12926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 170ms
161ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=1d6e794d-8bfb-437d-94cd-2a0b748ba373&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FMzkfJh4qlXRXW1wMxGh4YomYAlnSdVMg3O8f0OPVxRG743uQieKBSNKTO4Atk6fzYmxzP2IDYPUalz9UDr4xlDBXtXmQjQbZoIC0zHmnLXxJgtYycSeFk%2BqATLgAx%2Bg1tJkhwvWax7ZJqILP%2BrE6IMEzxvxm0x"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
x-cnection: close
cf-ray: 7daefef47c13926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 delivery.js Show response
assets.netizen.co/master/ 160 KB
51 KB 97ms
17ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.netizen.co/master/delivery.js
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4bf4b3ba6f93adaa0aad39f0b22b65fd8e42f244c67be4c11f3324cec0c01aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 16:08:11 GMT
server: AmazonS3
x-amz-request-id: 0V2SV2P38DTG136E
etag: "91de284f2de507091d4f0122ffd493a7"
x-amz-server-side-encryption: AES256
x-hw: 1687379285.cds262.am5.hn,1687379285.cds250.am5.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 51832
x-amz-id-2: t1De4DY3bqsDHEuxF/usNNCqa7IQ1sKgjT4QOa/RIj+xNCBJxNlmJP0fn8/VkBiyXXv7sYETMaQ=

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 171ms
162ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=a01dbfa7-f677-4330-b639-ece12e4f2793&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXoOw2ha6wIVaWBUVGfY%2FrdWv%2B7km2HMI2lSKCoipaQYFLCqJ31Wbk2TFMvQ%2FKDdspRKu6iF9qI2v8qf9MG1%2BBdV8yrHK27G6fqPfl0ReY89qrdqMHqdlwc3TumBUpjuI79woEG6gj9dOqcSmW9WNZwy3869OVIk"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
x-cnection: close
cf-ray: 7daefef47c15926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 172ms
163ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=fb2ebf5c-c5e4-436f-a742-39fa2261af9a&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQAxns3LaHIA11XW9o4GcSduhpH2V2wpAbXoJ7zhK%2FMbb7w%2FWHZs4%2BpRGL%2FgK2U%2BUcDqAleFfu9hDvDTTqaHpRRNEhyagBzyJ0HTc6WH095KbOWDsJrsqT1q%2FPDO45CoqnmR1JPIkQzWH6%2BeJxwFdltGouFhF3NU"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
x-cnection: close
cf-ray: 7daefef47c16926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 172ms
163ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=954814ba-8890-4b3d-9396-5028268f2666&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1X0rl%2BOptjT8HhPmzzg6685Pjk3jvWNgH87CgtPQw%2Fi43ZgpzNa%2B0%2F0qP4SG5x%2FeOifTOmZ%2FdkOB8dw64VBZYdHtwyxpu11luG5dyNRP1lgkda6pl22Tlim9G4RITnaU1NswKYOF9mz3L6Po0hurT%2Fa47nei54Cx"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c18926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 156ms
147ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=f00a0799-ede2-461f-b68c-e9f327abde0c&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHxzoyrJ5RmA2XHCdKF12AtnJjAZKNzwLkrGytJxJ5rLAjQEUtBAk1q8AioslL4vpKEMKTOn9l%2Fjdfl5qAnB6Upx1ak0x2hAGcxVJSOoJK3ADQ2elp1Zn2ynJmGGUaNYD9Z5YqvYknWCei42QCrt16H2nXyHv0pY"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c1a926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 167ms
158ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=79d52ddf-0e67-4362-8974-cdc61982dc51&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fgPQjAK5ZsJaXAs0o%2FGWear9QfUhb4upAYHvbXeEACCzQ8m9v9l7bWZy0dPEVDX%2BkoVVGx6Zqu%2FtDqU3QMBt%2BL4El88VZ10TAjnHSd1KTnaSJDJ1XLMSbB3VdXEKeuAUEqm%2BXXOko8eM83Pr8blvGcQvRcDO1Oj"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c1c926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 158ms
149ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=4aba6cce-5f59-4637-85ff-2d7bd75f8c32&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DVAEr%2BtYC%2BRP93MQt2roidzWoLxl9dHiju5zPJapLzhUGbLvH1Ne5GktlxXHsSyd9eKI4SXD59uSfFgUDCm4cmFJLtHtJgNW6n5AjmZkF2p6e8ndvaZFoFrXdD7rz8OwSsKPXuAf5MU49g%2ByvPcuFposy2toIsD"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c1d926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 180ms
171ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=725cf6be-6928-405b-9f65-a3e12c55d0a4&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlEh7A7djGJYWqCCKoNGKhL2chmMSKOYLMV7XDfHsGa9R5tTqXKB1mkEi5cvUDHJ%2BOWYkcTNnv6z2b7hRfruwxeeWMKBUs6EE%2BhzZtXyL7vPIGe7TyZiv66CF5WACxzflVpmvkGnVSnCTu%2B65iyNvt1ivqhESaEj"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c1e926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 160ms
151ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=320a16ac-14b9-4f2e-a6ed-cfa956c471e5&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDSZBcd6Ejj1RcGvowKrI9RRe2IkD63g6gfcRckYRqNY%2BQ5NRUry2tcjlQ3xJefUqDlL6o6dUzNx%2FIIbU%2BXz3eA1zpU8GcmkhZkr%2BuUaYxOf%2FQkiR%2BKDy0QSJGPBxPAYouEQ9ZU8sj8nlgdjVQ7esOVDNJjNslac"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c1f926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 169ms
160ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=fb250523-112f-47aa-b3b3-1fb1c6f7ad82&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzJbQdGbDJIbOpBGXzstbHYi%2B%2FqLSTwCcp3fkoTvgLi7DXfN3iFP4%2FReVs7LBDmaUo6iLg0SidJ4XzQjgiBmsyOvmYqVJlSCB8EDUn0NPdw8TzYhzz1kK%2F5kTUzcl9EAAKWHh9BZiDKvXChvUw5WS1gDWLqxF7SV"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c20926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 175ms
167ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=e6359a12-512c-41b5-b1b1-bc586fb57a23&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRPOtpRiR8lik26xBc9LZmI6zSDEARyVqbcz5c7LqHGXGz0%2FYP6LArZKZW51PGlXbyHNQIMLYL%2Fb4SIi5KsOatPWIJgqLQBofx4AjKf631BPKbOYip5h6TyrWZcVdNcgezORjA0UmyV0Ryw8%2B0S0ly5sjjhzr2S2"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c21926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 176ms
167ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=3871d1ad-c7c6-445f-b684-602cd877df85&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPvpykjBRpK%2BJghBi7Ks6IJqXR6y%2B3hMB3DEX64OfGJt4phxTfG4YgCPIeLyWN0%2FEtjxP6LElYsWh0PueIEbuRkJnKyHIQRLAUwi1mgqkeZ4EyFQyARIAbv2rC6oXouefD7LceuGmvgaBF4xVjhnIpO9njOgONxj"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
x-cnection: close
cf-ray: 7daefef47c22926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 172ms
163ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=37c9f3c3-b313-4b1a-b365-72f66d34f461&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePDSO54jb7jygfSjVXE1p5%2FvELPINT%2FK%2Bxd9oQ3AmInC6AlxQR3xlINPdmjvsOgRjtmeDebCgDFtNx4u0A2OQmRDN1hw65X0dvZvRuhcyiD4xsHPIw7QxTitJCCMPolVsmV1LiCrtozLdrQvqpQ1cxGasCjsxOOC"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
x-cnection: close
cf-ray: 7daefef47c23926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 194ms
185ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=1278f973-b1a0-4822-adfc-611bb135e86a&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OGHsiOTfhKtY3vG%2BS5azwdx4c4Ba5oXq9rGK%2BF3aIDhAPNYnPawMaeMWXvHo9CecvCbEpQJdFXDRLlvJQ7lW5s%2B6Erf7x%2F%2FCjfgKbxjpZZXrTQIgJ4fLrDSQ%2BP%2FDforJ%2Br09aaeBiYMbiBa%2BrwkziO4hywJXvFq"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
x-cnection: close
cf-ray: 7daefef47c24926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 167ms
159ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=a3f6d4ad-2ef6-4852-af15-4059c787a30d&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdztqRABgcE%2FD3IV8nDAxYieLbp5h28nPSTISuzIpO4Ne2FB2ueFcOtdKzESqRf4i0%2BoIBOSW230r1hwheTEcyrJPgpkpRkdV6J9MkuGdLQLCurGZxaZ5P7Y3RwOCfMTTmGq%2FO7yVjrxHhz5hpsdgj4fpxIsoiTl"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
x-cnection: close
cf-ray: 7daefef47c25926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 168ms
159ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=3f1f0604-b8d9-4262-890b-1599641bbcd3&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0yi6wSxtugeZoWx3LMIjs4VKl44E8dT5KrO%2B9HRXQ4XJUDRGIdL1pYx651ronjOQiH9tGR69210ow6ptFesMWuHt%2Bnag7IoSOCeLsCQi%2FUpo7VDIoeAHi4YUSERacwoEF4prwZ%2FivMOqjX0Hvcq%2FHVjQu3M9Pks"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c26926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 158ms
149ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=b89fe51a-88c1-4fad-b553-4527c395ae1a&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCQgvwKubE%2Fj5hnEL7LpQJ%2BNGivhWbhI7AWV9bB9ol1qzw6mDXvCV%2BdTvzAiruJzydOjdC22uw30U8J8mXbi45O11umobHdfnSN3JPZeFqGd%2BVdwZtvUg4O2%2F7wEGb6FG7bN0PSNK0RIwHtfciFGLq2ba7VhEG1r"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c28926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 166ms
158ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=a6e79320-848d-4be1-8c51-b9de3d3ace1d&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4ePU2%2Fvd2xHu%2FLmOlzBmaqFrJF%2BkWGjaJ4gz0B7M%2BVXfWkrq9qg%2B1E7XhLzH3uEadcsLIEtxyX8HEUBvPRFOCj36wFok3%2FFToR1pue1cRquGvsdEsUmxM68TpyPXjdaox60zbe8axzgxWmX5RUB9vtmh1SIKpck"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c2a926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 175ms
167ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=94f2ebe8-83f0-4433-b28d-595f73239a05&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTSMYcqF02SNREFHOrQMZ7ID2VjzXmLN5uCDxlLVkP8Sk5ZHwCCrUgRGviP3FJPFmcYpDS7X%2F0mx8YDPfitkvXrI6wvIWJdQEMDB0jlP4SIEP4ksfZtcpdugPb5Gq4lKsQ96ehBE6NVQw0aDPZi6ijhIZMLz0V30"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c2b926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 178ms
169ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=17c1704a-51cf-494b-a70e-289274046de4&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFTsYVRXVtHIjzfDQzjUZV9Naw%2FMpARicwZEJ%2FaC7YqsNvD8UqmqazPSe13b86%2BFN9qeRePYr%2FhlFmc5FgMkjlKQwU3brsJZSza2vl0eCiyOqZUB9LdQ0MOoi0BYYW3TKtevoFI5spMdZAVPE%2Bab5PU3h%2Fk2XEhU"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
x-cnection: close
cf-ray: 7daefef47c2e926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 169ms
160ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=9f3586c9-8b2b-4246-9b25-861c989e4d05&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwG76msgHsPGiCQRM6dWWyEaLXDIvY6dB9OWS8LnTxTd37JTm2wfVWYSFPwankcZUK8I2Mo%2BKs%2BZdookgxi6BC3BagqKLxZIbeHyR6descX8d2OYbU8HmgsD7cgnc6iwusUSmDZJYogTai8AdfU%2FJ4xD724ej6rD"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c2f926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 166ms
158ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=f47e6071-a389-4aa3-ac8e-b917394e4b13&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SouPCtpZv7TdFOwkif%2FlYQZI2aYGBySccUeZFVnZfvYcY1wsVqQZ2%2B1GfSS0VpG0GX8%2FFLjWpxu9nZ9Y%2BvPLsnsf4jDGZ6Wx6qUfA13trEEWTze82u8lZmq%2FiRVAX0fFYWYWYnZ3296rQDmdc9uwCClagJeFqUYv"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c32926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 178ms
169ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=d4b3e540-c994-4a68-9d42-f80c50e849bd&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oT8DKGHRxLPEmG5wAqELfVhPGc04cq3IGPxoGceGr3oHxyD%2B1e%2BmzHepWuks3VPCHbYV%2Fgfjq%2BqyiOsy3msG7GEDKpYwaz42dJqtwZcyaeeio3l9WmtZWW6KWH6kbI1jdVHIfgcSFynkLEdBdh7MZqBEaJIZx38u"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c33926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 162ms
154ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=5e3d2d04-eb34-4d9a-b6fa-cbf242091a3d&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1LahMJlc%2FxkeQ17nBlT0dllAHkLCn2zCKRAMdHyShtsOMhHvrKBbvGxZKS8z2atsmrYfLXoQF2ahzyq1%2Ffd9IJLCF1LdHRCKZX4q61%2BdKDc2HpYkfKnJXtsWJfJXH2AVUmSavp2gOGltDNDm908RuUPD1DX1aIZ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c34926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 171ms
163ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=b0cc96d3-4b6b-4c2e-9fd8-9aaa948569fd&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EJYvZZ1tBWp941TdruqaDVT3UyowgQRdsAR1Viz99hzPeA2bmm%2FlqZ%2Bl4ZY7dY8mOLCC2s3SGfR3SikQsWVCGUUPwF62fLGKlhjbBlsitlr864Z%2F25EXyBY9DdYEWKBpe2RmwlOQ9lSOt2WT8Qgffkzrnj6H0Hh"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c37926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 175ms
167ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=b0b35ec8-661c-4289-b6b5-97b1444a3f56&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edcxsEW58l63c9bge20MJQS2Me%2B3vCa0ud70Oq319AqdEWvNUJT4k4rqsa%2FTwtGAKMMbXvMNM%2FZncHINOc8scZc5CYRl2RrHCaNpeNdlFtX2QGGVStuH5Lxt9FcCImTd9CKfHcxIIArPnNYHgjFrnEope5cMK4m9"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c38926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 176ms
167ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=d01fead2-f451-40fb-82d9-7d8fabdb9234&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2D5xBZHrtq3%2Fmi5BLF%2BksjNiGkZS5RW7RtWwyWHE1Fk42CZCEkMMMd2rNfxJ4aWDvDEk2ked9W7uUwCkxm1mICokK87AmNN5OXPNcHHb7xf0Y%2BLo8cnTQSoZHT5a3U9f3PJUz3Y47Z2hsNkfUYFC1J648UHGRaS5"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c39926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 176ms
168ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=bd9784cc-76bf-4da8-a267-c457b998174c&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYJt2JYNsxNe0KZJOfC3WGtnXVEDGVeiZPUCPBg4eBXEgjHHOnAYr9XTA3AKuBGO5%2FDvPJVJwo6rwYOsmJmJ%2BzlvjIHFEUYEB6qqHvJson%2FY7joW%2FKhJAcfx4kwyGGZmAGA%2FgWDLz3r1vAwWujoasMOPKHjhAKKa"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c3a926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 181ms
173ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=4ea2199a-c164-4bc0-ab0d-25a35936c928&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKunvYnlhpwhMNZNRr1nBsVLzt%2BCMa5yjPQgK6zB1Dg2SdkXWMfSeFov%2FNMdPQp0ryN7r2Cod8tLsNT%2BYZjQbmzjLGiYQOjWUFOPGlJF1CX3jJbBEHmcjkrAWK%2FhMBW%2FmZUPQ6viZAXNdnjWGLNXRy9l4Sjl0G3u"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c3c926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 169ms
160ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=08cde0b4-3b0a-495c-aa73-60efc939877e&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epCUO8laWbokLSxn3IdIBiKWJZC1l%2BFWmfEvWfXaLCHNxvXI5Uepl6AMXoWQaXHC%2BkJaIHkfNcmvygDgJ0%2Ft687zUCpt7lHswXhNOp27ik%2F17FFJXRiInFxD1EQ%2BLUDD6ZUSqTJXCWDFIWz14J5KL%2F0RSEXzP%2B3q"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c3d926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 178ms
170ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=80a57a33-da27-4519-af96-6a3758a88712&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FteTRR5vSxgIyJ1XMsxrNlPqRVTfDF6kDxe5qBEThPq7vGspAdF63hsXrkSIRr%2BfVSXQgSykMt0YsRrom07WI7MoRq42wJRneA66xnv3CuqiPNd%2Fm4vOW1zqyTE8Mvk7hgmTJFgqiKekyhF3Ge7oEgF4oI5uOvf"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c3e926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 183ms
174ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=b13c6a37-7efc-45d9-a7c9-3642f7c5d5e1&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ud8hMARpHibu2UStqnb5qPzNs6e3OUYMlokXIfeERNUS2f3MEqaFlGFXyqAcSd5ocedxI7iNYhWgtdk9iw4bIa7yygQHw0xr6Eynm6wI%2F%2Bestqi6m3XAdcE%2B056D53riAV%2FZQhWRzad7rUvDm0GlRhNFGzBSjutL"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c3f926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 182ms
173ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=733c52b0-345c-43ce-88a1-eca236422284&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xiHj1cUoskPuheDAHIA1VRfU3xUq3Q%2FeMmJyioTdRA5vq2iL2zH7ym%2BA5beiM3%2FVJDt3dYqt1VKHGnUbPEQE0RUSrxEaOPUbpOupk0X%2FeMesObk1AqmE1F%2Fp%2BgVIU6yLEzpV58QUw1cKSJ1Z6sChfQ5uTvm%2BfDeV"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c41926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 593ms
585ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=751e7a05-9682-4646-be31-66994a842248&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwMeV%2BIa9DG7iDjZsP87LQ%2F3KqB4%2BC3n3v2rMbbAkxhnAbcENRyEjin3XszNAR%2F9nuh17JAr5GociWc11zQj4rgq7pAXcPl%2Famdo2K18kdQTyS1w2EPtu18EXWI0NOkaSTkcUxkZeOLi6Jm0jLbz02SUeRgILfua"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
x-cnection: close
cf-ray: 7daefef47c43926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 179ms
170ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=5216e892-bfe2-40c3-8f3e-e4ce69323016&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziNn1eKFQ3mMXZGnrv60mLH8r4kn3mPNkU3471T7pqrPCwjpEc5C%2Bp2PGj3ehAZSdFEYY1QYZcJNWtzYm8WL7GXTTv7FTpkXWYWcvGbpOkRCfDwMBYlTsxvan2jyWz0iJOro1%2FPFs1qefnMrwV1pobyE%2BLuioS4j"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 7daefef47c45926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 599ms
591ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=7ee1f94f-a219-4682-a492-301f0cf4d452&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbnwpYijlKOtlNNifVnCZTEL2PszL0KHautD5pdcKj85oUHQ%2BJVVGb2zVaDjM56gaF8hjVlSohwFgNa0sJv4MPac2o26HV1y85ZpLUjrPpdLxUlXYANNqlc3SAeQNgRXf9g1nb2vpBLUtNL%2B0L4kHAhTBrno4%2FhI"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
x-cnection: close
cf-ray: 7daefef47c47926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 178ms
170ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=198df5ae-7720-431c-88ea-396b20dd8387&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1a4sCPkkbeSBHLNQ4zCWxFBnHnYImuN%2FhlHSVBwkaiI9w91p56IA5fGxlD4eEVPl6S3PSBCGFp5qYMIJ0ZHitJ%2BD9u6IbxYGkVAS6drlMkndkvK3RxBj8QowQEYu87CDGuDlH%2Fml0WUTtkuHEZOj5APh9kQYswU%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
x-cnection: close
cf-ray: 7daefef47c48926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 596ms
588ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=ed81b48c-c0e6-425d-a5e6-8f3264c98d57&SiteName=Newsmax
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMEUHMmbhT7RxxYEVA7uprNW%2Fl65r%2BkzmYsqA%2FE1bObi4dl5A7Uk%2B9mw6QeqwuRabC%2Fk2zTTYgT9IWQXuWlhL%2BIF5eUTRb%2FTqMvNvkT19OtK0pBFgDXJaoZITGiWpYXIPrEF7AAEXCJHWvqFF3DeOc7eDCbnxxA6"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
x-cnection: close
cf-ray: 7daefef47c49926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ios.png
cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/ 1 KB
2 KB 617ms
609ms Image
image/png 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/ios.png

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

500b1cb2d9aed655f5bc0eb0313a6ebf75d3613e94b2234a60f532eea7e51590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1389
x-ua-compatible: IE=edge
last-modified: Tue, 21 Dec 2021 20:46:33 GMT
server: cloudflare
etag: "db4515d7abf6d71:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8QwX%2F5m42BlAy7tLAx8AqX%2BvP5mqSZtyMAmRmSft52G6tBFcfbJ8rlpJLio9VAV4%2FVAMMetUMJWX%2FJru4S3hEJChSB%2BS0FQg32ADPe4F33Mre9w9N0ibYAhRjZFLADZq1pVy99obTPvTr3v2ew0PnPF5htPUsKE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7daefef47c4a926e-FRA

GET
H3 200 play.png
cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/ 2 KB
2 KB 183ms
175ms Image
image/png 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/play.png

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6ad0665b8b1e41b73f4232e0c7940822116c2038cd2550897549d7f8a2bff668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1749
x-ua-compatible: IE=edge
last-modified: Tue, 21 Dec 2021 20:46:32 GMT
server: cloudflare
etag: "e27585d6abf6d71:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ld2TSDvU%2BBwrFnSPIBkCZgRHYASBBir6vYTDTSwjiyF%2B4FXBGciXCCgwKvUbA5H%2Bsiiypd%2B0pJeKUDQj2zGGesgEm1RDhgaX%2BLuW10CroV%2BmTK7cE%2FyWZSa7f4%2FqI8I8pZcjx9piucaJBPKtKIezKYy7j6IncVAl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7daefef47c4b926e-FRA

GET
H3 200 newsmaxqr-80.png
cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/ 3 KB
4 KB 184ms
175ms Image
image/png 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/newsmaxqr-80.png

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

548ff995b93f8f32334747b861c74a4dc11d6624456679485d6d4a6930d39b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 3242
x-ua-compatible: IE=edge
last-modified: Tue, 21 Dec 2021 20:39:49 GMT
server: cloudflare
etag: "39c4c7e5aaf6d71:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8VK8PrbCaDjR%2FWZsDR4%2FtPb40SSgzg%2BwoDDnPy00PwPlULuIWnH%2BEdcJ81MfIvnhdrar2XO%2BPOgFNWcp5Sm9FYZSXqcdnpHROtoyNsTLCSfqNRCJTlUiA19i48P2EcNwubDSQj2xzRvzxT7hyNGdbfR%2F%2B7zBDtQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7daefef47c4c926e-FRA

GET
H3 404 GetFile.aspx
cloudflarepoc.newsmax.com/CMSPages/ 315 B
315 B 182ms
174ms Image
text/html 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=41f9a875-2a19-47e9-be7d-589d58ac75ca
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGHATqp%2FTrgIU3J%2BdqsrsFBgiscQuRAqpUznx4%2BGpbsFaFUqXA76%2FVABXgfYvD6aDSVtGNH0wvIumlTARJCSEWKm1Mpn6kV2PCIr6qHeXMRgp7sps1uihQnoii4F5QBSZAtJTO5Mqto%2B5zlhYsWuISPwyaVxhBni"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
x-cnection: close
cf-ray: 7daefef47c4e926e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.zrssfeed.min.js Show response
cloudflarepoc.newsmax.com/CMSscripts/newsmax/ 3 KB
2 KB 593ms
585ms Script
application/javascript 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/CMSscripts/newsmax/jquery.zrssfeed.min.js

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b2e91321d1b560fe1ec1aba1374e92c5dd4c33b2abc0cdc6079b5b74894acd56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Mon, 07 Oct 2019 21:06:58 GMT
server: cloudflare
etag: W/"0c5c027537dd51:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PjhzeKTpFpJ3O8bHy%2BnueU%2Fbfx7XU9gFnpmnH7uIaZboiBlYbPFgbiHqXer7oAjQNSXpmN58QiYeyeXH6YZXQm9PsuzhDBp1F5gJ%2FOu2JRB%2FIBjnoElULuObq4wDQ1um4fT%2B9jCFWCs559hecRUbUTvc3Mj%2FAOd"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 7daefef47be1926e-FRA

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 82ms
16ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:05 GMT
Content-Encoding: gzip
Age: 609
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/674D)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 65ms
10ms Script
text/javascript 2.19.224.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-115.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 20:28:05 GMT
server: Oracle API Gateway
opc-request-id: /DDD5105D547D79D14E0DCCD23BF5B551/460A59952C327CF363ACB4A31125417A
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 404 configuration.js
consentcdn.cookiebot.com/consentconfig/1a61d2ea-bd67-40f4-8385-916bd16133ed/cloudflarepoc.newsmax.com/ 0
0 611ms
586ms Script
text/plain 2a02:26f0:1700:794::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/consentconfig/1a61d2ea-bd67-40f4-8385-916bd16133ed/cloudflarepoc.newsmax.com/configuration.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:794::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
server: AkamaiNetStorage
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=570, ak_p; desc="468716_3092568069_28285995_57000_516_5_0_-";dur=1
accept-ranges: bytes
content-length: 10
expires: Thu, 22 Jun 2023 20:28:05 GMT

GET
H2 200 cc.js Show response
consent.cookiebot.com/1a61d2ea-bd67-40f4-8385-916bd16133ed/ 381 B
607 B 114ms
106ms Script
application/x-javascript 2a02:26f0:3500:18::1724:a29a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/1a61d2ea-bd67-40f4-8385-916bd16133ed/cc.js?renew=false&referer=cloudflarepoc.newsmax.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2247eb6be751f71ca6fe3f198ada0080086949e487447cb52aa652ee33ad1d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=60
cross-origin-resource-policy: cross-origin
content-length: 370
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 59ms
6ms Stylesheet
text/css 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=xgw0ani&ht=tk&f=5631&a=45884113&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/xgw0ani.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
last-modified: Fri, 21 Apr 2023 14:15:25 GMT
server: nginx
etag: "64429a7d-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H3 200 spriteVertBkg.gif
cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/ 1 KB
2 KB 140ms
139ms Image
image/gif 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/spriteVertBkg.gif

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/css/newsmax.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9555fe17a830d6dbd4a6f21ae9332590e89eff17b2dabe8ad1cae85d8b7b601e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/css/newsmax.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1220
x-ua-compatible: IE=edge
last-modified: Mon, 07 Oct 2019 21:06:52 GMT
server: cloudflare
etag: "03e2d24537dd51:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pp9TvN%2BV8c62PHL0xPsv07UA6CtZ8x%2BcIrgjHhKrxN%2BIf%2B64GHdTqXL%2FEdfuRK06OdEu0TTImQmCUes%2F%2B9Xcudc3mhu3ORlr8Q7nPp1uc37ZTmf%2BO%2BQN4oL9y1bTHQInjjx0SkjL3YjNF8UPvvDnuPmYbIUDfs1L"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7daefef4cc85926e-FRA

GET
H3 200 nmSpriteMaster.png
cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/ 55 KB
56 KB 186ms
185ms Image
image/png 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/nmSpriteMaster.png

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/css/newsmax.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f23301d839c15631082d7524748d8180a96b867de39e6a3f5df96f32f13d76c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/css/newsmax.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 56586
x-ua-compatible: IE=edge
last-modified: Mon, 25 Apr 2022 18:21:14 GMT
server: cloudflare
etag: "2f20ca3fd158d81:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c27meWxPdxX%2FaCWXSvXcjzEo%2Bve9GEv97FER%2F4yoCMyB%2FyF5I6vawWaju7l4%2FfCfJYTkVipKICAhayjoBf3bJcl9jp7RVCgyhU5A%2FvagjtSDqyJ%2F%2BETAf2ZF3kSHq55N1kdx%2FjO2FB8qOf0Yd64UDUiUuDRGtwY8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7daefef4cc87926e-FRA

GET
H3 200 newsmax_logo_new.png
cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/ 8 KB
8 KB 155ms
155ms Image
image/png 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/newsmax_logo_new.png

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/css/newsmax.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

fc5f8e1b07d49b9ad00a29debd289a89606bf67a8d23ab145ae92dc0170fe98b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/css/newsmax.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 7975
x-ua-compatible: IE=edge
last-modified: Fri, 06 Jan 2023 21:47:22 GMT
server: cloudflare
etag: "aaec9751822d91:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ljtj4GwYY83mel5MtUwfrV7plBQ5cTx%2BkflcMxMLK7r8R3dDx5nCFCn5Q36ynyQ0OrZ1x%2F38k8yPPhJULx78%2BSje6P7BdRrPw6DmdJ5D9Lyuc6l9Catsi1Ju8tzUhe25jLPK0w24UtFbmYm010eI45fTQWPP9Tqm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7daefef4cc88926e-FRA

GET
H3 200 spriteHorBkg.gif
cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/ 1 KB
2 KB 154ms
154ms Image
image/gif 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/spriteHorBkg.gif

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/css/newsmax.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

77057a038d4414aed81e3c6b51c8948aeefc3835762e96a05f4188310308a29d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/css/newsmax.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1216
x-ua-compatible: IE=edge
last-modified: Mon, 07 Oct 2019 21:06:52 GMT
server: cloudflare
etag: "03e2d24537dd51:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNqE%2F0Sdq2LrLq3R3oWp2wiedK9lbyggzMoFouKyKtCamsNgfvGIBsS6P%2FhLCZ0OvQu35AWQsTdVXJTV59QzulLCFbkgSqYVpRpmTKmJokmm7U0TCmDUtYzrx1i9JGX0nQUJkiqdpeeClyzvcg4RIl13ZjhEX8z0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7daefef4cc89926e-FRA

GET
H3 200 Newsmax_Jokes_button.png
cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/ 2 KB
3 KB 156ms
156ms Image
image/png 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/Newsmax_Jokes_button.png

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/css/newsmax.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d19416b7ab9bf9a7563bc0a9ec7e19f2ff4eb7ecf835b4b3fa1558710e1253b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/css/newsmax.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 2167
x-ua-compatible: IE=edge
last-modified: Mon, 07 Oct 2019 21:06:50 GMT
server: cloudflare
etag: "011fc22537dd51:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2QC2%2F9X1sNtctVHM%2FvlAClYt6x4QnsHkBQ9PZSXAp8cdP9v7C1WZNuUzsnjV3qZmhtHaV9RSGmgu%2F15wj3I7M3MFKh0RCCrDBbf6Gx9ddhCRHDOIvil7MpF68B0kutyAnBUfw1R3Og8YG3bMYMcuKNphmerjHKt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7daefef4dc96926e-FRA

GET
H3 200 newsmax_logo_new_footer.png
cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/ 2 KB
2 KB 162ms
162ms Image
image/png 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/newsmax_logo_new_footer.png

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/css/newsmax.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9cef7f743987479022148931132527fe1b8712ea4949cae7a5e9b1b73884f9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/css/newsmax.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1940
x-ua-compatible: IE=edge
last-modified: Thu, 13 Jan 2022 14:46:12 GMT
server: cloudflare
etag: "c9df6c4f8c8d81:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gq7v7WSsrsH6re7RwEBTmJbxOPtVmiDolEjWHOqZjA%2B%2BhdmXhU3rhVc7OBsamAI6vlzCjAxi3qw5fgC%2B57Vv4DzDgMU%2Fzd3VTAxKT%2BRwx08fpXsTZQEHUH9YDbzucGWOk5ImsuTlEpcvJwRYr5mLCB1kKBo%2F8HqH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7daefef4dc97926e-FRA

GET
H2 200 l
use.typekit.net/af/04715e/000000000000000077359a54/30/ 33 KB
33 KB 30ms
7ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/04715e/000000000000000077359a54/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/xgw0ani.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 16ad2ec6e0c0e5e69fe5b97497c8deaf42ba8825cc0d31721732d7dc02f62358

Request headers

Referer: https://use.typekit.net/xgw0ani.css
Origin: https://cloudflarepoc.newsmax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
server: nginx
etag: "718b267540cda1ef0056a79153b249fd51df534c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34008

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 39ms
22ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://cloudflarepoc.newsmax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3797156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tWXoBLa2hHuqy2c6nFJtqvoVZHcQPvs5KJzIMCvDP5HsTtmM%2F%2BhN2aTDBfnhS6vDmUZKfWri1moqz5EWP4QbAt9liDrNS8T8ded%2FN7tcMFEFlinwEAYIBrs29tn8q55gnBg%2BSmh0k0u7NUz1%2BFX379q"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7daefef4f8511994-FRA
expires: Mon, 10 Jun 2024 20:28:05 GMT

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame BECE 627 B
804 B 8ms
7ms Document
text/html 2a02:26f0:1700:794::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:794::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://cloudflarepoc.newsmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 20:28:05 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Thu, 20 Jun 2024 20:28:05 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="468716_3092568069_28286113_12_655_5_0_-";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H3 200 jquery-3.2.1.min.js Show response
cloudflarepoc.newsmax.com/js/ 85 KB
31 KB 248ms
247ms Script
application/javascript 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/js/jquery-3.2.1.min.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Mon, 07 Oct 2019 21:07:02 GMT
server: cloudflare
etag: W/"01f232a537dd51:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8F6nnAsRu4uM7K7291D%2Bg38rTzcRV%2FgNKmWyVUV%2Ff7G4ZUkgpAbupdd2rJTszC%2BZSNbVv8cRYec85mzPCdIFr7wIl9HcvLUSIBnG9wh5hyt8VYEi%2BkVv9AIA84GOQ4yZbX3E%2F9GRcFNHw7MXn0ns8wCQuPv%2B4yTP"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 7daefef85825926e-FRA

GET
H2 200 whitesearchicon.png
www.queryly.com/images/ 2 KB
3 KB 13ms
13ms Image
image/png 2606:4700:20::681a:d56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.queryly.com/images/whitesearchicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6bc30e75c37bf18ef1ab4c691fa3cb3e8733f6c33bdd18d76e7c08c6d86040ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17644
x-powered-by: ASP.NET
content-length: 2423
last-modified: Wed, 22 Apr 2020 02:43:06 GMT
server: cloudflare
etag: "d8c5c3c04f18d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSjNG%2BrxYn8ioUGgCsGKiiwetlfxQyVosMh2BV2tIY9bW0UavkMW6wbl4aqL8djam4Wc4WHsOzmgBYlj5iFwMpKdJ1Kznbr%2FUD6JPhG4Kig4mXapwzdPaa1%2Fd4wlzjjbwXE8lRc6luSjBGmWaw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7daefef85dca9012-FRA
access-control-allow-headers: *

GET
H2 200 GetFile.aspx
www.newsmax.com/CMSPages/ 6 KB
6 KB 21ms
20ms Image
image/avif 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newsmax.com/CMSPages/GetFile.aspx?guid=f6f397d9-f701-4d3d-bf33-ea95e8d551a3&SiteName=Newsmax

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e7d5a8015a42d3c6096e03cb5bd4f7f2d45f290d1feb9271561a8755fbf7ceee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
last-modified: Wed, 21 Jun 2023 19:00:56 GMT
server: Akamai Image Manager
etag: "en-us|f6f397d9-f701-4d3d-bf33-ea95e8d551a3|6/21/2023 6:59:25 PM|LiveSite"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468716_388276382_151178044_35_13360_5_0_-";dur=1
content-length: 5652
expires: Thu, 22 Jun 2023 08:28:05 GMT

GET
H2 200 GetFile.aspx
www.newsmax.com/CMSPages/ 9 KB
10 KB 21ms
21ms Image
image/avif 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newsmax.com/CMSPages/GetFile.aspx?guid=80427098-31ff-41ea-9f1b-8b285623e6d4&SiteName=Newsmax

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

5f3212d1414cea43279fc374c5b0599841772e6f03e7db0b6b2ac8b6735b61d7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:05 GMT
last-modified: Wed, 21 Jun 2023 19:17:25 GMT
server: Akamai Image Manager
etag: "en-us|80427098-31ff-41ea-9f1b-8b285623e6d4|6/21/2023 7:16:15 PM|LiveSite"
x-frame-options: SAMEORIGIN
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468716_388276382_151178045_35_13361_5_0_-";dur=1
content-length: 9670
expires: Thu, 22 Jun 2023 08:28:05 GMT

GET
H3 200 nm-common.bundle.min.js Show response
cloudflarepoc.newsmax.com/js/dist/ 358 KB
106 KB 1180ms
1180ms Script
application/javascript 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/js/dist/nm-common.bundle.min.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8c104894c3614094abfa85aee0f0292918ed5eb80c6e497b66ad14fd6ea82bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Tue, 23 May 2023 11:30:04 GMT
server: cloudflare
etag: W/"08620eb698dd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO4R14G26u4%2FxJzzm5GAB3f3qBE6VO%2BWTxW5I34uR5EnBAXgTuFuive1YKLXukDD65t0JmNgUxXeE4eNXlgmevP601QLk%2F%2BBenF%2FDl0WkrfrqjhjdelgO3215QyGQsfqzouTef19o23JT3UAO%2FUhoN%2BGlmUuOvYt"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 7daefef9f9be926e-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
26 KB 132ms
132ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34375bc45b21a43e9630374b2a625cd38ac7a04df9fe25d7541537555726e45c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26436
x-xss-protection: 0
server: cafe
etag: 138 / 19529 / 31075399 / config-hash: 13361936451535775382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 20:28:07 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/ 408 KB
126 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b70d8eb19ca32d244e29e759e816c343be893232978532c9d5943f838e60e0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:18:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29364
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129045
x-xss-protection: 0
server: cafe
etag: 16806126990728334555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 20 Jun 2024 12:18:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 786 B
373 B 152ms
73ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cloudflarepoc.newsmax.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e54d08d60bd2e0b68b10154294eb98f6f835a4597466db3fff4d5fab553e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-xss-protection: 0
expires: Wed, 21 Jun 2023 20:28:07 GMT

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 43 KB
10 KB 16ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3533483
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9564
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-ab69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtvXtVVN%2FxYHxanF8lcAzFxyok3gtJPU6xSfkju7wmAd7Z0ICA75LEV05sbED0T3TDzvH%2FpjUcHB0mBa%2FI23XgOB75KkTNNhDB4%2Fp%2FQ0bDEfqMfcRA7akldctH%2FPVdrh26GStozUhlrX87wsStPO28Gz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7daeff027c9e993f-FRA
expires: Mon, 10 Jun 2024 20:28:07 GMT

GET
H2 200 pub-2932230807573228 Show response
fundingchoicesmessages.google.com/i/ 147 KB
48 KB 74ms
73ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-2932230807573228?ers=1

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11da5385fca5f8fdabbef07fb09f43b66f7418434230bd98e3bbc0af70fe7de2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hMfRGeb7QUbX2L6IiULOAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
content-security-policy: script-src 'report-sample' 'nonce-hMfRGeb7QUbX2L6IiULOAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXLVLuJiHXzrKi3aamdAFphRFZmDgIhEA8nvAVjx8e0quBAzJxrJa6BdZhyUfYBJRPSrfPwlpoUA5LbMypKc9M= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 88ms
88ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXLVLuJiHXzrKi3aamdAFphRFZmDgIhEA8nvAVjx8e0quBAzJxrJa6BdZhyUfYBJRPSrfPwlpoUA5LbMypKc9M=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg3Mzc5Mjg3LDU2ODAwMDAwMF0sIkM5QkQ5ODY4LUIxNkEtNDNDMC04MkFGLTRDOTA5NDE1M0I0QSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vY2xvdWRmbGFyZXBvYy5uZXdzbWF4LmNvbS8iLG51bGwsW1s4LCJXb0Z0bThRSEN6ZyJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.WoFtm8QHCzg.es5.O/d=1/rs=AJlcJMz5pTQ7A3tqAabv56c4qB4SxLMQqw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0364af76965d1c7e96e36cf45fb4d780dbac613b7b23fd8d072c71bf35d76926

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KcnbS0LLxSIFVOPnCNnKPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
content-security-policy: script-src 'report-sample' 'nonce-KcnbS0LLxSIFVOPnCNnKPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lozad.min.js Show response
cdn.jsdelivr.net/npm/lozad/dist/ 3 KB
3 KB 7ms
7ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 20:28:07 GMT
x-content-type-options: nosniff
age: 26805
x-jsd-version: 1.16.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3095
x-served-by: cache-fra-eddf8230124-FRA
x-jsd-version-type: version
etag: W/"c17-/CtD5WDEW7iHrdmPF7CEBoqSMss"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 analytics.js Show response
cloudflarepoc.newsmax.com/js/ 4 KB
2 KB 153ms
153ms Script
application/javascript 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/js/analytics.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

aca9e5a67f06ff68ac7ced2031ef234afd2f20010451a904f25b8d4fcbfb04f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Mon, 07 Oct 2019 21:07:02 GMT
server: cloudflare
etag: W/"01f232a537dd51:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKST7rFX65u5pjszk%2Bnz6j5JQKq3dEj3UgXeeiK5zcwhxM2mA1bjy6mdzGrMxXnUsyGU0Cn7ieLsvrV2ySeJGl2xvLmZt8RP1r9rtyDN2urp6OA0HE7dDne4ebqvzCaL%2BScf3sTmFLY%2F7B0Yytx1V7nv%2FH9UALLk"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 7daeff038ac6926e-FRA

GET
H2 200 hb_745361_17782.js Show response
player.yieldlift.io/prebidlink/443715814980/ 917 B
776 B 154ms
96ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.yieldlift.io/prebidlink/443715814980/hb_745361_17782.js
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 700c9a7b8e315449ee1b71a9731f232530d2ec494334d3a853e8a46d694d82f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 16:36:18 GMT
server: nginx
etag: W/"6491d582-395"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Fri, 23 Jun 2023 20:28:07 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b86cfbdc7929da0a826dfe2aeb0e6401f4f2ed16d2e7d866871e6b8117ee60d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26436
x-xss-protection: 0
server: cafe
etag: 76 / 19529 / m202306140101 / config-hash: 13361936451535775382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 20:28:07 GMT

GET
H2 200 wrapper_hb_745361_17782.js Show response
player.yieldlift.io/prebidlink/443715814980/ 2 KB
1 KB 150ms
92ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.yieldlift.io/prebidlink/443715814980/wrapper_hb_745361_17782.js
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6e17037f9c718754eadb80aa05fa7f2c15f6a2b90ab67216cee93d903a9ffea9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 16:36:18 GMT
server: nginx
etag: W/"6491d582-6fe"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Fri, 23 Jun 2023 20:28:07 GMT

GET
H3 200 WebResource.axd Show response
cloudflarepoc.newsmax.com/ 23 KB
5 KB 141ms
141ms Script
application/x-javascript 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/WebResource.axd?d=ajj-54hEFw_9s8vUhC7aqiqIMz0pNh5t4_SU2ofVsVwummsDI5FJiI5GycwOyKPz2gszbuHXhWsBOxBmW8C9TcQBcJ41&t=637811549229275428

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Wed, 23 Feb 2022 00:28:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLtfPslAsyX5DPbikmhmmEUlYuGFPlEk8U4WsOyPiGSzHXSb58XsBhDBzulrPmquoSqmqDVBujOyQZ%2FJywTPN9VmJwRJmJwHEoiG2u8yDQJIqoujaIVh7TRMFxg6HQBfNNtiqnOlP3HsAHK1UYuJNXl%2B0MwTVCja"}],"group":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 7daeff048bab926e-FRA
expires: Thu, 20 Jun 2024 12:13:16 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
796 B 7ms
7ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 20:28:07 GMT
x-content-type-options: nosniff
content-encoding: br
age: 32905
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230099-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 100 KB
25 KB 46ms
22ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

550fe5bd35e84ba0cb2e6b6976dd1aedf1fdf8aad2a39e6d56335353323881f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Jun 2023 10:02:22 GMT
server: cloudflare
x-amz-request-id: E4835C5Z8HF0MR4M
age: 867
etag: W/"295a568e597a23f4ff6d1ad7d6f218f6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7daeff04c8bc2c55-FRA
x-amz-id-2: xixgHxeVH8rbYJqqacvrDoRyq5cmUymjcbEsD60j39g44wTD7f5dm/MJlEB06RXbtV6LIMWm24Y=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 66ms
14ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:43:20 GMT
via: 1.1 google
age: 2687
x-guploader-uploadid: ADPycduVqx7H-kT5N5zq99GuSFSN7mlE2zF8wHXumzvYigMqPl4kcW_wwPnG3anJKJ8-_dDtMCYXba6FlQt2IAlzy0f86g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Wed, 21 Jun 2023 20:43:20 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 53ms
15ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 18:31:28 GMT
content-encoding: gzip
age: 1302999
x-guploader-uploadid: ADPycds8ri57jG06FqJQVS93vq63RBNttIETm3uuifqgsa1zSgB0LsABj4kuUqmLGN87MF4xhUFxy1i-d0jETveDj8fBGdUaqWWK
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 05 Jun 2024 18:31:28 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 74ms
19ms Script
text/javascript 13.32.110.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 05:20:10 GMT
content-encoding: gzip
via: 1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 54478
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: D0RdKg9reyc1XFuxzZZAqfBcnVmjGFNW8jZnGi1-hnISSrUsERhb-A==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 34ms
7ms Script
text/javascript 2600:9000:2250:9800:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9800:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
Date: Wed, 21 Jun 2023 05:58:55 GMT
Via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 52153
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: 4ABFrrluOKC7a8-cXQBnFml_lFA81IKw0gN0yMHNWTjlcUGC-S0Tiw==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 64ms
30ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 22 Jun 2023 20:28:07 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
334 B 98ms
30ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cloudflarepoc.newsmax.com
date: Wed, 21 Jun 2023 20:28:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&rid=esp&cc=1

85 B
203 B

115ms
114ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 6b34d11d33052e88aae4d6604dfae68e92bbb63333397cab8c15e5125d9aca20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-PQDy/SMxAMqFfT027g0uIMdYSzk"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cloudflarepoc.newsmax.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 21 Jun 2023 20:28:07 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://cloudflarepoc.newsmax.com
location: /esp?url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 30ms
29ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 70e960e46a5dfdc50d48635c26a18a1e5e894b1e74a796436edbf386d0b2bc3c

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 1b39b6ff24886a79a0d25c6e242ba418
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 92ms
34ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cloudflarepoc.newsmax.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://cloudflarepoc.newsmax.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 21 Jun 2023 20:28:07 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 0eddec28f1b1bd61ec3072be4677b1d4

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4EE4 15 KB
6 KB 52ms
18ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cloudflarepoc.newsmax.com&us_privacy=1YNY

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cloudflarepoc.newsmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 20:28:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 291985
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
342 B 98ms
27ms XHR
application/json 34.255.231.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.231.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-231-185.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 499a095318b948fc3681730570823fb90157a6fea46ca82132f3742e79adadd3

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cloudflarepoc.newsmax.com
cache-control: no-cache
x-server: 10.45.23.106
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4EE4
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=newsmax.com&sn=ChromeSyncframe&so=0&topUrl=cloudflarepoc.newsmax.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=6RrVpnwrS2hrTUVoZGFQSkhFSHNEell0Mkl1aXZaSUV1RUhqNzJudXdYMnMzR29jRndPWW1GczcxT0RUSEJuUG00aE5HU1FNb0xGTG84dndnR3E5eHFsUkVCeDlMWEpkN1V2QTF6alVPRjdHTWtNclRQY3IzZm9yNnFuTF...

441 B
659 B

62ms
16ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=6RrVpnwrS2hrTUVoZGFQSkhFSHNEell0Mkl1aXZaSUV1RUhqNzJudXdYMnMzR29jRndPWW1GczcxT0RUSEJuUG00aE5HU1FNb0xGTG84dndnR3E5eHFsUkVCeDlMWEpkN1V2QTF6alVPRjdHTWtNclRQY3IzZm9yNnFuTFAxTmxST01FSGMySFM5MEdQZHF6STVYaVh5YnR4TXlNZGdobkxxeEJiRVcxTTd3clFxaHZsb0U4Ny9oRFFSN3pkUVVHN1ZjTGNMVit3RTczNDZpU3VNQXgrVWVsbW52ZHU3YTM1WGJFc2lPUGtYRjhnZzk1cExidVp5Ynk3V1g4dkhlbS9VazNaK29vWUgrU2tJd2NiYVdUY1dNcGpMUT09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2f6831200b76fd6142e52682fbfbae67a0b0e0ed69caa26691d1d362bcc06d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1351386
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=6RrVpnwrS2hrTUVoZGFQSkhFSHNEell0Mkl1aXZaSUV1RUhqNzJudXdYMnMzR29jRndPWW1GczcxT0RUSEJuUG00aE5HU1FNb0xGTG84dndnR3E5eHFsUkVCeDlMWEpkN1V2QTF6alVPRjdHTWtNclRQY3IzZm9yNnFuTFAxTmxST01FSGMySFM5MEdQZHF6STVYaVh5YnR4TXlNZGdobkxxeEJiRVcxTTd3clFxaHZsb0U4Ny9oRFFSN3pkUVVHN1ZjTGNMVit3RTczNDZpU3VNQXgrVWVsbW52ZHU3YTM1WGJFc2lPUGtYRjhnZzk1cExidVp5Ynk3V1g4dkhlbS9VazNaK29vWUgrU2tJd2NiYVdUY1dNcGpMUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 292877
content-length: 0
expires: 0

GET
H3 200 ScriptResource.axd Show response
cloudflarepoc.newsmax.com/ 100 KB
27 KB 138ms
138ms Script
application/x-javascript 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Wed, 21 Jun 2023 12:16:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2Jcwa6teuC%2FhRIT48nr47cLWKQk0cQfS3EmK5%2FBsgaboz0w2KfQP4iqhD22X2UZld%2FmZx9tal5tA1Vu7wu3PSZRIOa02y67W4cwwKbrCrIxuAEXrGtCVZtU%2Fnt6c8J%2FvYUeb6PtjqLKcVlnoxCwGv27wUrjvRVo"}],"group":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 7daeff057c7c926e-FRA
expires: Thu, 20 Jun 2024 12:16:19 GMT

GET
H2 200 hbw_master_745361_17782.js Show response
player.yieldlift.io/prebidlink/xSLH6/ 107 KB
35 KB 9ms
9ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.yieldlift.io/prebidlink/xSLH6/hbw_master_745361_17782.js
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/443715814980/wrapper_hb_745361_17782.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5250ded34e7769fd9dfdaaaac2cd73a20df5a049137660e8653a06f66c0ddc13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 16:36:18 GMT
server: nginx
etag: W/"6491d582-1aac2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Fri, 23 Jun 2023 20:28:07 GMT

GET
H2 200 hbp_master_745361_17782.js Show response
player.yieldlift.io/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 491 KB
154 KB 13ms
11ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.yieldlift.io/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_745361_17782.js
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/443715814980/hb_745361_17782.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b0cffc49a075c0426b5fcf5ba106f443c878a7d2a243a95c033e2cd8fc8ec286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:07 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 16:36:18 GMT
server: nginx
etag: W/"6491d582-7ad5c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Fri, 23 Jun 2023 20:28:07 GMT

GET
H/1.1 200
OK / Show response
ghb.yieldlift.io/geo/ 149 B
430 B 569ms
21ms XHR
application/json 185.239.173.210
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.yieldlift.io/geo/
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/xSLH6/hbw_master_745361_17782.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 79c72cf89fc8b1b8451a4529f9ecf01f7974c362dfa724a8ae21e2cc858bd5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:07 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://cloudflarepoc.newsmax.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 149

GET
H/1.1 200
OK tracking Show response
ghb.yieldlift.io/adunit/ 43 B
439 B 615ms
20ms XHR
image/gif 185.239.173.210
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.yieldlift.io/adunit/tracking?event=11&type=0&client_id=745361&site_id=17782&full_page_url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&adid=6627b4.12&features=81952&vpbv=N152&tte=177&lifecycle_tte=3242
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/xSLH6/hbw_master_745361_17782.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:07 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://cloudflarepoc.newsmax.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/501024/ 2 KB
1 KB 37ms
6ms XHR
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/501024/config.json?cb=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_745361_17782.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 53c8738c08f77f6b785849e21c4631d58407971f05fdda7a38596e85bd8d936f

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

expires: Fri, 23 Jun 2023 20:28:08 GMT
date: Wed, 21 Jun 2023 20:28:08 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 12:02:25 GMT
server: nginx
etag: W/"64919551-845"
content-type: application/json
access-control-allow-origin: https://cloudflarepoc.newsmax.com
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H3 200 ScriptResource.axd Show response
cloudflarepoc.newsmax.com/ 39 KB
11 KB 135ms
135ms Script
application/x-javascript 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Wed, 21 Jun 2023 13:40:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnpheJLOVFxmOK3R%2B5Y1RwKyk1LVoBlE3lrspvCg%2BPEgo0FmoUrP7aScxUenKlIIZKrUICv2vEo7Vu1XJ18h34qqaQZcVmBd%2Bv4q3yNtZXpcwnlRtEpQ53BbrteZhqq1gzWVvVCNxez9jV8qreDRQsvYukYZ0sIh"}],"group":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 7daeff066d47926e-FRA
expires: Thu, 20 Jun 2024 13:40:28 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 895F 0
176 B 65ms
27ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloudflarepoc.newsmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 21 Jun 2023 20:28:08 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 318 KB
96 KB 148ms
64ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WL644C

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1ce12242591018054cf37daa50fb9edaf4482e83185318fe74cbfdc30866ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97484
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 20:28:08 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/9248945/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

27ms
27ms

Script
application/javascript

54.192.111.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Server: 54.192.111.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-111-20.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:09:51 GMT
content-encoding: gzip
via: 1.1 84ca4da5a7ceb4bccfe9632e4992597c.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 10:02:11 GMT
server: AmazonS3
x-amz-cf-pop: MRS52-P2
age: 1100
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: DJMnrIdxUVrRBEaRaoaI1kS01b3OJR7MtWy40FZ0G5TuFS01tryslg==

Redirect headers

date: Wed, 21 Jun 2023 20:28:08 GMT
via: 1.1 84ca4da5a7ceb4bccfe9632e4992597c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MRS52-P2
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: aJjO8cBdHuL9IX4BdQI7altP0qy1a6CSErdrRBVISykXHCuGh-4w3g==

GET
H2 200 queryly.v4.js Show response
www.queryly.com/js/ 46 KB
10 KB 14ms
14ms Script
application/x-javascript 2606:4700:20::681a:d56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.queryly.com/js/queryly.v4.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f4cff2a345300085e749e83fdd2d293cd11ffbbdf676bb85e138562086a06802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17684
x-powered-by: ASP.NET
last-modified: Mon, 06 Feb 2023 15:55:16 GMT
server: cloudflare
etag: W/"08aa167433ad91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shVLhDShai%2Fc4UCFgu0p0X7yRhddLLbRb0Xc%2Bh1y0HGJmOJI%2BAU%2BXw3v3Kgb13JwZY7PNiZPAKerQfwUJa6jLSv1V1xjjd0EwSxvitSUOkiylNN%2F4kHbq5s5CoZkZQCSm4yb5NAY%2Bi5LsFxyEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7daeff074c319012-FRA
access-control-allow-headers: *

GET
H3 200 TVScheduleHandler.ashx Show response
cloudflarepoc.newsmax.com/CMSPages/NewsMax/Handlers/ 73 KB
74 KB 147ms
147ms XHR
text/json 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/CMSPages/NewsMax/Handlers/TVScheduleHandler.ashx

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/js/jquery-3.2.1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

37de472028055dd144d691b4baf5be4ca20d99e95e17f2a21872e1bb26c5dc05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cloudflarepoc.newsmax.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Wed, 21 Jun 2023 20:28:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZ0kYTIkKSC0lkqp93JJvonzBiTSzlsOdDrzeugFGXLVLtWU4CZ9k%2FW3dvIHidwD6k0GtpWRK3HAAv8Oy9te%2FU1fxGrWw9Jg%2FBLndS26IYuesM4uYgMmYbrsc%2FQ6StDM6MtIZbMuEGFbqGS%2FzSjVxthejBBHGnKI"}],"group":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 7daeff076e1e926e-FRA
expires: Wed, 21 Jun 2023 20:33:08 GMT

GET
H/1.1 200
OK player.esi Show response
amp.akamaized.net/hosted/1.1/ 281 KB
67 KB 500ms
449ms Script
application/x-javascript 2a02:26f0:7100::1720:eeeb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.20&_=1687379286069
Requested by: Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/js/jquery-3.2.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eeeb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8bfa3c4705ea723f5dbeb0ba6bc3efccb25b6fbbb24ff04999df04140ba7d3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:08 GMT
Content-Encoding: gzip
PROTO: https
Server: AkamaiNetStorage
ETag: "22c8e983ad99cc0570d21c8e586cb8e9:1597899815"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3
Connection: keep-alive, Transfer-Encoding

GET
H3 200 jquery.zrssfeed.min.js Show response
cloudflarepoc.newsmax.com/CMSscripts/newsmax/ 3 KB
2 KB 15ms
15ms Script
application/javascript 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/CMSscripts/newsmax/jquery.zrssfeed.min.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b2e91321d1b560fe1ec1aba1374e92c5dd4c33b2abc0cdc6079b5b74894acd56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge
last-modified: Mon, 07 Oct 2019 21:06:58 GMT
server: cloudflare
etag: W/"0c5c027537dd51:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FuPCMvauo6Wt%2BbfNorgFc9X9A%2FAckOdKYTPQcNV9uX9aBageodN53679TtbQPy2zb05T1ulBDlRYQMxS3dicbcp8%2Bhyigcv%2FsVlCd7t4McxesQK8OrpufkRMWDbsJZ0Tnp32P8LyZx42QnXIOaa5Z691TEKmzjD"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 7daeff079e45926e-FRA

GET
H2 200 whitecloseicon.png
www.queryly.com/images/ 816 B
1 KB 13ms
13ms Image
image/png 2606:4700:20::681a:d56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.queryly.com/images/whitecloseicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17684
x-powered-by: ASP.NET
content-length: 816
last-modified: Thu, 11 Jun 2020 23:20:57 GMT
server: cloudflare
etag: "d7046f64640d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FYcqHzrZde9c8uvrlyxcc55VkicNXZZhnoSmvvkeifNOv1784L4rYWQDSljBypbolUjl1YASfgm7AKBjBd24nNL16rBHsqrrIQJHjORXXKsrjzDCqICVYlocZBkgFY65n0LrYWDMLxaScmcog%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7daeff079c7a9012-FRA
access-control-allow-headers: *

GET
H3 200 full.gif
cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/ 97 B
667 B 142ms
142ms Image
image/gif 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudflarepoc.newsmax.com/App_Themes/NewsmaxNew/images/full.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4d587885f84d5f0b3287ee5a85401c1fd06b7a79bb62fbec528ce26585f85852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 97
x-ua-compatible: IE=edge
last-modified: Mon, 08 Feb 2021 16:51:07 GMT
server: cloudflare
etag: "e346b7983afed61:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDzj1Cnahla4l9pVxXCzMUvRh3%2BtDeHiuAqgdl4QcyjZ6p3RTSn1Xnf%2F7WXmDm%2FmkItJLvQuOzCs6jecLVeRrsEJint46V0Oz3qvSzxGFFcMmKzmQlnbXA1jHwQUT%2F5cd9J3UGk085%2FkPil1FOaonJQfmrMfGa%2Bf"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7daeff079e47926e-FRA

GET
H2 200 delivery.js Show response
assets.netizen.co/master/ 160 KB
51 KB 16ms
16ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.netizen.co/master/delivery.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4bf4b3ba6f93adaa0aad39f0b22b65fd8e42f244c67be4c11f3324cec0c01aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 16:08:11 GMT
server: AmazonS3
x-amz-request-id: 0V2SV2P38DTG136E
etag: "91de284f2de507091d4f0122ffd493a7"
x-amz-server-side-encryption: AES256
x-hw: 1687379288.cds262.am5.hn,1687379288.cds250.am5.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 51832
x-amz-id-2: t1De4DY3bqsDHEuxF/usNNCqa7IQ1sKgjT4QOa/RIj+xNCBJxNlmJP0fn8/VkBiyXXv7sYETMaQ=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 222 KB
67 KB 39ms
7ms Script
application/javascript 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:25:40 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=169080
accept-ranges: bytes
content-length: 68444
expires: Fri, 23 Jun 2023 19:26:08 GMT

GET
H2 200 delivery.js Show response
assets.netizen.co/master/ 160 KB
51 KB 17ms
17ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.netizen.co/master/delivery.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4bf4b3ba6f93adaa0aad39f0b22b65fd8e42f244c67be4c11f3324cec0c01aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 16:08:11 GMT
server: AmazonS3
x-amz-request-id: 0V2SV2P38DTG136E
etag: "91de284f2de507091d4f0122ffd493a7"
x-amz-server-side-encryption: AES256
x-hw: 1687379288.cds262.am5.hn,1687379288.cds250.am5.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 51832
x-amz-id-2: t1De4DY3bqsDHEuxF/usNNCqa7IQ1sKgjT4QOa/RIj+xNCBJxNlmJP0fn8/VkBiyXXv7sYETMaQ=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 18:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6766
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 21 Jun 2023 20:35:22 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/971560661/ 3 KB
2 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971560661/?random=1687379288455&cv=11&fst=1687379288455&bg=ffffff&guid=ON&async=1&gtm=45He36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&hn=www.googleadservices.com&frm=0&tiba=Newsmax%20%E2%80%93%20Breaking%20News%20%7C%20News%20Videos%20%7C%20Politics%2C%20Health%2C%20Finance&us_privacy=1YNY&auid=1212329898.1687379288&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4109d6bca212d30be4b2b79072bdf8d24b17af50cc5bb1997bf211eb3a75909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 39ms
8ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 28 Jun 2023 20:28:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 112 KB
29 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9d9c248d1c87f59c7f19b198c5ed7310a4bfd0f57759dd87d649b00ec9fdb5b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Jun 2023 20:28:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28296
x-xss-protection: 0
pragma: public
x-fb-debug: vqjclUz6HLBKEPtjq2iZb7ld+rx5CycrW0C08Ppo68m0gpP8ZEKlxVCb1C8ApgQ9ZRLfgSlqG6pUz0SigCqfOg==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 a-026z.min.js Show response
b-code.liadm.com/ 42 KB
14 KB 145ms
22ms Script
application/javascript 2600:9000:2022:7000:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-026z.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2022:7000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8b2442d4d51ef5ff6e14f53e15cce7e04f4ee5a9eaf8a348babaa8efd5b058a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 05:07:16 GMT
content-encoding: gzip
via: 1.1 929253488b9a08a69ca6fa33a6fabaee.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-C1
age: 55252
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: iks0JpSsap45JYvMQHtOzSNTzVxd2_UAEwWm07LPeBtFWEok_1d5wg==

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 41ms
18ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74475967bdd27d1efa3e20fd636afe5bb0c391494f9fa5768856bb25af4690d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1696
etag: W/"2ae26a107abd543e72c24128b019bed7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7daeff090f14364b-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sat, 24 Jun 2023 20:28:08 GMT

GET
H/1.1 200
OK ma.js Show response
s3.us-west-2.amazonaws.com/jsma/fLr415N/ 24 KB
25 KB 552ms
197ms Script
application/javascript 52.218.232.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-west-2.amazonaws.com/jsma/fLr415N/ma.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.232.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: d6d9bef928c632a076a92886d782b3a0096f19454f140e5039326004c38e0d01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:09 GMT
Last-Modified: Wed, 31 May 2023 16:37:45 GMT
Server: AmazonS3
x-amz-request-id: 46FSNFPQQVJDDZ7N
ETag: "87bda4b795def0c3a61cb9ac8aebc040"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 24862
x-amz-id-2: h9F7VJH0aZrGoTh+j82zjpq2dGdGT9vOkTOzD2NJbzkMQHMf+buaIbY7i8jFtaumDiOC8GWhp+Q=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
90 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2FX1NRF0GB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb3eaa866d678149dc531dc97a20187777bff8e12ef4ba07fc74c45a8e24a927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92496
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Jun 2023 20:28:08 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 45ms
45ms Image
text/plain 54.192.111.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=9248945&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1687379288471&ns_c=UTF-8&c7=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&c8=Newsmax%20%E2%80%93%20Breaking%20News%20%7C%20News%20Videos%20%7C%20Politics%2C%20Health%2C%20Finance&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.111.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-111-20.mrs52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
via: 1.1 84ca4da5a7ceb4bccfe9632e4992597c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MRS52-P2
x-amz-cf-id: LpS7snBtgCjDJo1-3Efb0NcpnWPQWjPWwVlkW0h7STM3Q6RkhrnLnw==
x-cache: Miss from cloudfront

GET
H2 200 2353704501325948 Show response
connect.facebook.net/signals/config/ 377 KB
109 KB 66ms
65ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2353704501325948?v=2.9.108&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

019d693563633bc359cfd5bad2828450783e1487bf61e7b3592c42785eb3b519

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Jun 2023 20:28:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: GUwdfreUebotiw5qNlkZy+8sCi9E3qrjfnB5jpwhHQ74mXVfcgN46vPV2thwESfgcFFottKFX0PEdiITXhRYeg==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rules-p-St___PnJ1vDs5.js Show response
rules.quantcount.com/ 160 B
642 B 78ms
17ms Script
application/javascript 2600:9000:219c:6000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-St___PnJ1vDs5.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:6000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ee24fbe8d5fe30f76c09dbc99e3066bc179869fa0c1f515880b4a054976dd94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:42:59 GMT
via: 1.1 f46632dd252c85fed57bcf18d61d8544.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 3017
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:04:11 GMT
server: AmazonS3
etag: "186085c856a246ee05ea55ea9df93746"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: ZLWGuFVQ5pPthNWGsZOYuqfYgPANef_ilkG4xraxCUWIOtqKilQX_A==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 46ms
46ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1204779524&t=pageview&_s=1&dl=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&ul=en-us&de=UTF-8&dt=Newsmax%20%E2%80%93%20Breaking%20News%20%7C%20News%20Videos%20%7C%20Politics%2C%20Health%2C%20Finance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABAAAAAC~&jid=1047417890&gjid=1181164031&cid=1392805056.1687379289&tid=UA-31221-1&_gid=380252096.1687379289&_slc=1&gtm=45He36e2n71WL644C&z=844957379

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cloudflarepoc.newsmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
356 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-31221-1&cid=1392805056.1687379289&jid=1047417890&gjid=1181164031&_gid=380252096.1687379289&_u=YGBAgAABAAAAAG~&z=697243811

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Jun 2023 20:28:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cloudflarepoc.newsmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 150ms
46ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cloudflarepoc.newsmax.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK csyncs Show response
ghb.yieldlift.io/ 705 B
709 B 22ms
22ms XHR
application/json 185.239.173.210
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.yieldlift.io/csyncs?aid1=824655
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/xSLH6/hbw_master_745361_17782.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: c5bc1dd26f79572ec27e1b0254b10f41d11704af7713c0c9288cde53cf809e45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:07 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://cloudflarepoc.newsmax.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 389

GET
H2 200 /
www.google.com/pagead/1p-user-list/971560661/ 42 B
455 B 136ms
50ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/971560661/?random=1687379288455&cv=11&fst=1687377600000&bg=ffffff&guid=ON&async=1&gtm=45He36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&frm=0&tiba=Newsmax%20%E2%80%93%20Breaking%20News%20%7C%20News%20Videos%20%7C%20Politics%2C%20Health%2C%20Finance&fmt=3&is_vtc=1&random=4132771431&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/971560661/ 42 B
455 B 139ms
50ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/971560661/?random=1687379288455&cv=11&fst=1687377600000&bg=ffffff&guid=ON&async=1&gtm=45He36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&frm=0&tiba=Newsmax%20%E2%80%93%20Breaking%20News%20%7C%20News%20Videos%20%7C%20Politics%2C%20Health%2C%20Finance&fmt=3&is_vtc=1&random=4132771431&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 59 KB
22 KB 413ms
413ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1229513361517429&correlator=2340735258905245&eid=31075399&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=6305169%2CNewsmax%2CHomepage&enc_prev_ius=%2F0%2F1%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3993101987&sfv=1-0-40&prev_scp=pos%3DTopRight%26page_type%3Dsection_front%26refresh%3D45%26res%3Ddesktop%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=promo_code%3D1034014qqur4%26PubYear%3D2023%26PubMonth%3D6%26signedup%3Dfalse&ppid=c519935c-4c75-4900-b03e-7bfc70ddb058&sc=1&cookie_enabled=1&abxe=1&dt=1687379288575&lmt=1687379288&dlt=1687379284966&idt=2612&adxs=948&adys=1253&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=1392805056.1687379289&ga_sid=1687379289&ga_hid=1204779524&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4L2S_Y0xSABSAghkEhkKCnB1YmNpZC5vcmcY672S_Y0xSABSAghqEsIBCghydGJob3VzZRKsAWpSTkcxc09YSUZlWVBQMlBXM2YycmY2SFRRNjNiWjZZVkhsWUlMVmtTRzdpTVE2enpJNGp5UU01c3QwZERsVDNPeVFPR0RoTHhJWmFzMlc3VHdFTHF6Z2VrM1NXL3U0SXZwZTdINVNFblZHa3RQdENrVWdXUVVsalJTaVdXWW90SGNua2NKOWtSTk1oS0xCenk1emIydEJNSDA1WGxldGRpdDJaSFVnU29IZz0YuL-S_Y0xSAASHQoOZXNwLmNyaXRlby5jb20Y4b2S_Y0xSABSAghkEj4KBW9wZW54EixleUpwSWpvaVZrVlZVVGh1U0ZwUmFEWndRM2RtTTFZelNWVkVVVDA5SW4wPRi6wJL9jTFIABIZCgp1aWRhcGkuY29tGOG9kv2NMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_b6S_Y0xSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d21d91db54cd6973d6068d98f348baf74743efe00ca0e5d761ffc705386c81f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22963
x-xss-protection: 0
google-lineitem-id: 5562622793
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138338680944
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cloudflarepoc.newsmax.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 179ms
86ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306140101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23bd810b02e54407c75fd98b4d2a3f93ba076eead81f9e736de911bb365e2634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11222
x-xss-protection: 0

GET
H2 200 container.html Show response
4db7952b25c252efb9e2f8a08616b3b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C05C 6 KB
3 KB 199ms
73ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4db7952b25c252efb9e2f8a08616b3b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudflarepoc.newsmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 20:28:08 GMT
expires: Thu, 20 Jun 2024 20:28:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 120ms
62ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-31221-1&cid=1392805056.1687379289&jid=1047417890&_u=YGBAgAABAAAAAG~&z=879916215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 123ms
62ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-31221-1&cid=1392805056.1687379289&jid=1047417890&_u=YGBAgAABAAAAAG~&z=879916215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 61ms
14ms Image
text/plain 216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 20:28:08 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1

200
OK

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=f12fc764df547371

35 B
351 B

74ms
15ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=f12fc764df547371
Protocol: HTTP/1.1
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 21 Jun 2023 20:28:08 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=f12fc764df547371
Date: Wed, 21 Jun 2023 20:28:08 GMT
Server: Adtelligent
Etag: f12fc764df547371
Content-Length: 0

GET
H2 200 sync
cookies.nextmillmedia.com/ 0
0 360ms
109ms Image
text/html 52.3.28.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cookies.nextmillmedia.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D722242%26extuid%3D%5BNMUID%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.28.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-28-117.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=a0a5aa89-647b-426a-ba3e-02df1d1be5bb

43 B
473 B

264ms
88ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=a0a5aa89-647b-426a-ba3e-02df1d1be5bb
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:08 GMT
Server: Adtelligent
Etag: f12fc764df547371
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=a0a5aa89-647b-426a-ba3e-02df1d1be5bb
date: Wed, 21 Jun 2023 20:28:08 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

POST
H2 204 collect
region1.analytics.google.com/g/ 0
261 B 53ms
20ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2FX1NRF0GB&gtm=45je36e2&_p=1204779524&_gaz=1&gdid=dMWZhNz&cid=1392805056.1687379289&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687379288&sct=1&seg=0&dl=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&dt=Newsmax%20%E2%80%93%20Breaking%20News%20%7C%20News%20Videos%20%7C%20Politics%2C%20Health%2C%20Finance&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2FX1NRF0GB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cloudflarepoc.newsmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 19ms
18ms Ping
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2FX1NRF0GB&cid=1392805056.1687379289&gtm=45je36e2&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2FX1NRF0GB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cloudflarepoc.newsmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 63ms
63ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2FX1NRF0GB&cid=1392805056.1687379289&gtm=45je36e2&aip=1&z=1772359995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1760159331;source=gtm;rf=0;a=p-St___PnJ1vDs5;url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F;uht=2;fpan=1;fpa=P0-2032044670-1687379288503;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;...
pixel.quantserve.com/ 35 B
372 B 16ms
8ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1760159331;source=gtm;rf=0;a=p-St___PnJ1vDs5;url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F;uht=2;fpan=1;fpa=P0-2032044670-1687379288503;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;us_privacy=1YNY;ref=;d=newsmax.com;dst=0;et=1687379288641;tzo=0;ogl=title.Newsmax%252Ecom%20-%20Breaking%20news%20from%20around%20the%20globe%2Curl.https%3A%2F%2Fwww%252Enewsmax%252Ecom%2F%2Ctype.website%2Cimage.https%3A%2F%2Fwww%252Enewsmax%252Ecom%2FApp_Themes%2FNewsmaxNew%2Fimages%2FNM01%252Epng%2Cdescription.Newsmax%252Ecom%20reports%20today%E2%80%99s%20news%20headlines%252C%20live%20news%20stream%252C%20news%20videos%20from%20A%2Csite_name.Newsmax;ses=fc9ea669-d066-49f8-8f49-f47cabee9eb3;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 2755677304707901 Show response
connect.facebook.net/signals/config/ 376 KB
107 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2755677304707901?v=2.9.108&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

944fac3cacc7788d66a1a3f30250a0bf475530e29bf9d270ae7be201f98d43be

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Jun 2023 20:28:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 109915
x-xss-protection: 0
pragma: public
x-fb-debug: 6VE9/XvsQb+cKjCsxBfGakDzU9SnYbQaoeiCejV21Ox2AhSHuE/iNU0+B0FJLzOVjLXIAnjSsLC8atPSo4KCSg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 45ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2353704501325948&ev=PageView&dl=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&rl=&if=false&ts=1687379288655&sw=1600&sh=1200&v=2.9.108&r=stable&ec=0&o=30&fbp=fb.1.1687379288652.1526253604&cs_est=true&it=1687379288498&coo=false&exp=a0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 21 Jun 2023 20:28:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 22ms
22ms Script
application/javascript 2600:9000:2022:7000:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-026z.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2022:7000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 30 May 2023 00:36:38 GMT
x-amz-version-id: WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
content-encoding: gzip
last-modified: Tue, 10 May 2022 11:48:07 GMT
server: AmazonS3
via: 1.1 929253488b9a08a69ca6fa33a6fabaee.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-C1
etag: W/"ae5e94de938b0387eda6df8f20da811a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=2592000
age: 1972291
x-amz-cf-id: SGlwanXfXTuikH__vMr87m42s5nvvOPI0kHxuKd9RnI6S9ihhgDvnw==

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 23ms
22ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151602

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed7f43d675c0d203d845162c122fd2a7ec79093655370e9ce24e9408c80227a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1696
etag: W/"153f1c4acb6a72d6e5def93aaa717bee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7daeff0a3857364b-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sat, 24 Jun 2023 20:28:08 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 57ms
54ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=2.0497123640004844

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-8GH_CGNG6NB7InMQbeqymQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-8GH_CGNG6NB7InMQbeqymQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 61ms
58ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=4.792263625946781

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YxyJkgXVjYvXZHKBUs8Ndw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-YxyJkgXVjYvXZHKBUs8Ndw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 50ms
47ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4906330d05bd9db6a1e6f9e2349bc8aa07d782e6c453f7089d20af23ef16a8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41331
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 20:28:08 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 17ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2755677304707901&ev=PageView&dl=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&rl=&if=false&ts=1687379288690&sw=1600&sh=1200&v=2.9.108&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1687379288652.1526253604&cs_est=true&it=1687379288498&coo=false&exp=a0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 21 Jun 2023 20:28:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 web Show response
onesignal.com/api/v1/sync/d4a15f2f-7ca8-48ca-aa1f-0bea58100a1c/ 3 KB
2 KB 37ms
20ms Script
text/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/d4a15f2f-7ca8-48ca-aa1f-0bea58100a1c/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9277b9df3a6c67516d0e50fe6cf6776db061180761389be53feff45aa5973f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 2622
cf-polished: origSize=3398
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: dec64937-7e13-4eaf-86a8-e81314fce7f9
x-runtime: 0.039972
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"b3fc19baa9c621dd44072b845b500e8d"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7daeff0a9929364b-FRA
access-control-allow-headers: SDK-Version
expires: Wed, 21 Jun 2023 21:28:08 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 136ms
51ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 20:28:08 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 33ms
33ms Stylesheet
text/css 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151602

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1696
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7daeff0aef0f30cc-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jul 2023 20:28:08 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1687379288788&aid=a-026z&se=e30&duid=cd49d5059397--01h3ft98jrs1r65kvn67qrwrf0&tna=v2.7.2&pu=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&us_privacy=1YNY&wpn=lc-bundle&c=...
https://rp4.liadm.com/j?dtstmp=1687379288788&aid=a-026z&se=e30&duid=cd49d5059397--01h3ft98jrs1r65kvn67qrwrf0&tna=v2.7.2&pu=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&us_privacy=1YNY&wpn=lc-bundle&c...

13 B
552 B

489ms
110ms

XHR
application/json

3.233.112.95

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1687379288788&aid=a-026z&se=e30&duid=cd49d5059397--01h3ft98jrs1r65kvn67qrwrf0&tna=v2.7.2&pu=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&us_privacy=1YNY&wpn=lc-bundle&c=PHRpdGxlPgoJTmV3c21heCDigJMgQnJlYWtpbmcgTmV3cyB8IE5ld3MgVmlkZW9zIHwgUG9saXRpY3MsIEhlYWx0aCwgRmluYW5jZQo8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJUb3AgbmV3cyBoZWFkbGluZXMsIHZpZGVvcyBhbmQgY29tbWVudHMgZnJvbSBOZXdzbWF4LmNvbSBjb3ZlcmluZyBwb2xpdGljcywgdGhlIFdoaXRlIEhvdXNlLCBDb25ncmVzcywgSG9sbHl3b29kLiBVLlMuIG5ld3MgeW91IGNhbiB0cnVzdCBvbiBoZWFsdGgsIHBlcnNvbmFsIGZpbmFuY2UsIGZhaXRoLCBmcmVlZG9tIGlzc3VlcyBhbmQgbW9yZS4iPg&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NWU%3D&n3pc=true

Protocol

Server

3.233.112.95 -, , ASN (),

Reverse DNS

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
x-pixel-event-id: e7734d90-2660-46af-98ff-18e4b4d3537e
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 4db39d49582f3080
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Wed, 21 Jun 2023 20:28:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1687379288788&aid=a-026z&se=e30&duid=cd49d5059397--01h3ft98jrs1r65kvn67qrwrf0&tna=v2.7.2&pu=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&us_privacy=1YNY&wpn=lc-bundle&c=PHRpdGxlPgoJTmV3c21heCDigJMgQnJlYWtpbmcgTmV3cyB8IE5ld3MgVmlkZW9zIHwgUG9saXRpY3MsIEhlYWx0aCwgRmluYW5jZQo8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJUb3AgbmV3cyBoZWFkbGluZXMsIHZpZGVvcyBhbmQgY29tbWVudHMgZnJvbSBOZXdzbWF4LmNvbSBjb3ZlcmluZyBwb2xpdGljcywgdGhlIFdoaXRlIEhvdXNlLCBDb25ncmVzcywgSG9sbHl3b29kLiBVLlMuIG5ld3MgeW91IGNhbiB0cnVzdCBvbiBoZWFsdGgsIHBlcnNvbmFsIGZpbmFuY2UsIGZhaXRoLCBmcmVlZG9tIGlzc3VlcyBhbmQgbW9yZS4iPg&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NWU%3D&n3pc=true
access-control-allow-origin: https://cloudflarepoc.newsmax.com
request-time: 0
access-control-allow-credentials: true
trace-id: 44db5e9ce46799c8
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
trends.netizen.co/api/demand/ 54 B
322 B 132ms
33ms Fetch
application/json 52.213.207.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.netizen.co/api/demand/?w=184989&us_privacy=1YNY&wlw=netizen.co

Requested by

Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.213.207.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-207-136.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Wed, 21 Jun 2023 20:28:08 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cloudflarepoc.newsmax.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 54

GET
H2 204 sync
trends.netizen.co/ 0
0 132ms
34ms Fetch 52.213.207.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.netizen.co/sync?us_privacy=1YNY
Requested by: Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.213.207.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-207-136.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://cloudflarepoc.newsmax.com
date: Wed, 21 Jun 2023 20:28:08 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H2 200 / Show response
trends.netizen.co/api/demand/ 54 B
322 B 210ms
118ms Fetch
application/json 52.213.207.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.netizen.co/api/demand/?w=173062&us_privacy=1YNY&wlw=netizen.co

Requested by

Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.213.207.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-207-136.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Wed, 21 Jun 2023 20:28:09 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cloudflarepoc.newsmax.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 87
content-length: 54

GET
H2 204 sync
trends.netizen.co/ 0
0 125ms
33ms Fetch 52.213.207.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.netizen.co/sync?us_privacy=1YNY
Requested by: Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.213.207.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-207-136.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://cloudflarepoc.newsmax.com
date: Wed, 21 Jun 2023 20:28:08 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
47 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31221-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a07b0bed8ffbd2c98bbdb26498dab19f7439913489c946acb54bb677170ca65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47615
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 20:28:08 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2CCB 13 KB
5 KB 36ms
35ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudflarepoc.newsmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 27001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 12:58:07 GMT
expires: Thu, 20 Jun 2024 12:58:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FE55 783 B
951 B 51ms
51ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f19da8e29b3dab4a867261c45a630d4647aac57eddcb08709d207c2bafbe1f4c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ipYexoL2sZ7gLMRi5qBQmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cloudflarepoc.newsmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-ipYexoL2sZ7gLMRi5qBQmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 20:28:08 GMT
expires: Wed, 21 Jun 2023 20:28:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31221-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 18:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6766
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 21 Jun 2023 20:35:22 GMT

GET
H2 200 / Show response
trends.netizen.co/api/delivery/ 7 KB
4 KB 91ms
91ms Fetch
application/json 52.213.207.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.netizen.co/api/delivery/?is_blocked=undefined&w=184989&width=1600&us_privacy=1YNY&rev_allow_cookies=0&site_url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&icr_url=&va=0&time=1687379288971&up=pc&bn=chrome&bv=114&widget_width=600&style_id=0&an=false

Requested by

Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.213.207.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-207-136.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

9c542c5bc7f589644de6f356d382ae220cf157fc7deba5b6f4fc14f4b1ab6d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Wed, 21 Jun 2023 20:28:09 GMT
strict-transport-security: max-age=931536000; includeSubDomains
content-encoding: gzip
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cloudflarepoc.newsmax.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 63

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FE55 0
0 151ms
73ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306140101&jk=1229513361517429&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 53AA 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusnkhXan5hAFOOsohefKjJVFb-QdSI0mo0tGGRhHDCPDeCfms5KEKjoknZjqY8wRyNiII6xXYmejdxKZA_ZRwMhx2HP5kRuunWU2FdnJtBo4cH_YSS5cMbR9Wuo-gRAyJABUr3K-6MuTIreh60uXVlt7O1p7jnYEk0VwTULNrHtT9UU8oqjP8nad4qKO87HdO_zn0mQt8IhJaAW-CFsITpdh9JoQA7diQV-ubcSq3yInaJOs0Dq5u_AkrRHeZC139WV1WYHH_CD4c8tTwmK9iKOUf6hyO7reAY1p0FcP44NEFlenkQFmPdTN6zcptfQg2hAnrdmNtq_vXx9WceROJZvYUflCjVhoBUSg&sai=AMfl-YQ6M4T_5CaaLNs0QA31kifwso74AfqEQFoIz4m61PzbQ7GXNXw62tSYgpO4ExGyM-Pbx_9fO1Nw9OvBU03um_CQcNpeyC9xeBx8qHX_iI6zadgCDr4C-aAXzxPuk7gPB4KLsYHjp0fRTc4C_Lzik10&sig=Cg0ArKJSzBScoF52eyMeEAE&uach_m=[UACH]&adurl=

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 53AA 22 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 53AA 3 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 53AA 178 KB
56 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 20:28:09 GMT

GET
H3 200 8976024956751630740
tpc.googlesyndication.com/simgad/ Frame 53AA 33 KB
33 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8976024956751630740

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18cad16bdc6b1b1f38c31388ba565f7d423cf5e30808dd996df81d9351e11652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:32:29 GMT
x-content-type-options: nosniff
age: 528940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34107
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 21:37:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jun 2024 17:32:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 53AA 0
0 46ms
46ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVU8Hnqtk3AyuVRWMngwnFslyQpyWxBE3n7PG3OTIotCAdKd-TOHpS3OJ8k8xp6lghQldh
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075399
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 53AA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 007a3140ed7b0ae6d971c13f2528ddcf0090d965f84120bcd8739ec71fc924d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
trends.netizen.co/api/delivery/ 8 KB
4 KB 87ms
87ms Fetch
application/json 52.213.207.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.netizen.co/api/delivery/?is_blocked=undefined&w=173062&width=1600&us_privacy=1YNY&rev_allow_cookies=0&site_url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&icr_url=&va=0&time=1687379289053&up=pc&bn=chrome&bv=114&widget_width=600&style_id=0&an=false

Requested by

Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.213.207.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-207-136.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

eb25d7a15959d5fbd256700357f889f1875ef3942145b95c849164116e3a86d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Wed, 21 Jun 2023 20:28:09 GMT
strict-transport-security: max-age=931536000; includeSubDomains
content-encoding: gzip
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cloudflarepoc.newsmax.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 58

POST
H2 204 impression
trends.netizen.co/event/ 0
0 99ms
35ms Fetch 52.213.207.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.netizen.co/event/impression

Requested by

Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.213.207.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-207-136.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region: eu-west-1c
date: Wed, 21 Jun 2023 20:28:09 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
access-control-allow-origin: https://cloudflarepoc.newsmax.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 28 KB
8 KB 73ms
18ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: cef0f742aa3b68b32ec2d14309f4cdbf582e8b19131386e4d1ecc975bad29a25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 16:08:11 GMT
server: AmazonS3
x-amz-request-id: K8DHTTQ5ZJWQ6ZF8
etag: "b42848287bbadff786d3b2d707b9dd77"
x-amz-server-side-encryption: AES256
x-hw: 1687379289.cds291.am5.hn,1687379289.cds153.am5.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 7985
x-amz-id-2: r4PEUiKbDaqiQSDrWpASot3dKVcUrtjH0pcLQnlaBs05TDES8qCXV14Y64Xd9nVuenBWxGUpmCLM4jsYkocC1TVcF6l06Z178yMhyRZUEFQ=

GET
H2 200 defaultWidget.delivery.js Show response
assets.revcontent.com/master/ 18 KB
6 KB 76ms
20ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by: Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 41b351513d9cf9cb68c17f0b9e3e5183d9612f3b689a81810c22ca47c7eb7a7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 16:08:11 GMT
server: AmazonS3
x-amz-request-id: K8DJGFFKCKA80H9Z
etag: "f3cef55ede2f715258c3cbcb3b146ffd"
x-amz-server-side-encryption: AES256
x-hw: 1687379289.cds291.am5.hn,1687379289.cds125.am5.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 6418
x-amz-id-2: pe6sQLhPNLbWO/bgGmJl/fAGs1NUyrJyVg2yjcAPCnrS7CvVsP4CWbci4G9GhKla4/KivfLPL2M=

POST
H2 204 impression
trends.netizen.co/event/ 0
0 83ms
83ms Fetch 52.213.207.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.netizen.co/event/impression

Requested by

Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.213.207.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-207-136.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region: eu-west-1c
date: Wed, 21 Jun 2023 20:28:09 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
access-control-allow-origin: https://cloudflarepoc.newsmax.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 48

GET
H2 200 moatad.js Show response
z.moatads.com/revcontentdisplay556968265165/ 309 KB
106 KB 56ms
16ms Script
application/x-javascript 72.246.169.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/revcontentdisplay556968265165/moatad.js
Requested by: Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-146.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a436f9ac9629e5564f935e41fd86e01bf5228e18aa0491aec7cfd200a0a44a5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 16:52:38 GMT
server: AmazonS3
x-amz-request-id: 07X5NS644RV23MPD
etag: "55374ac9339b51ba3a11c6964d599c32"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=29200
accept-ranges: bytes
content-length: 108252
x-amz-id-2: ZtSdGbarBWrshfYF0OGB+40mu2Fq4s+vP8axVmWaTLetw9EHp7jtKlJSQV7niGP0qjs7OBrd/7Q=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 53AA 0
0 78ms
76ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstD1-Nr7WB59Lrk5fZtzvUSjBU_4m0cacxFCIvf3pCf8l2XcaF_Wsp68JoAJsw4PQBlZdWCfua1kMkVOKUtLPi7jcJuodkvxzSC0FhvnAGw7vXbMIKULQzo1yPI5rT0SnFcWw5_PMh7t0990Gu1qVPHJ_OgzWeNI0cbYBtHnC_mu-kEZ_A9Zdg2TUEEelogCLb8eVvxWByHJIKqyVBCIQ1zkQbqMWp5FNjnGtrlEkSX-tRb5aoubZ0zIfZHikzSAWlIo1pr3Di3YsSUM6V4fMTECrC2z3-6eN9xq1h4LpMoG19kkugJ-aEqObPgdtQVNsDdD2snA2Eukx8t6cUq17k6Jg11XcI6nWk7FNZH&sai=AMfl-YSnXwiOie9YXAV5ese4862KAUNb1Fnm61t1sR1J0hBfC0cHhHQbwOi_Y_K8IjHN2G-V9Rik0W_uAXN45lgVuu-Izdhkm9VarC-wquL4-iFZ6gXgf6iMwFfqf9bH9GxdeyuqNS-jYqpjBZ6os9OQRJQ&sig=Cg0ArKJSzNUdFZkr5NiVEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 20:28:09 GMT

GET
H2 200 64901ece27cf74-71116469.jpg
images.netizen.co/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.netizen.co/content/images/ 13 KB
14 KB 106ms
17ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.netizen.co/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.netizen.co/content/images/64901ece27cf74-71116469.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

cloudflare /

Resource Hash

c607a0c62c39afe964c982a6b2bed52acf0b6f47679da4a9a6f117896114cdcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=130;start=2023-06-19T13:04:59.387Z;desc=miss,rtt;dur=6;cloudinary;dur=18;start=2023-06-19T13:04:59.449Z
content-length: 13780
last-modified: Mon, 19 Jun 2023 12:41:12 GMT
server: cloudflare
etag: "2740437bcb423f4a7c25a80a6b2e8248"
x-hw: 1687379289.cds276.am5.hn,1687379289.cds258.am5.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 7d9bfb232bd918d7-FRA
timing-allow-origin: *

GET
H2 200 f36efba8929e0f9ce79399b9e4f7e539.jpg
images.netizen.co/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.netizen.co/content/images/ 11 KB
11 KB 107ms
22ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.netizen.co/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.netizen.co/content/images/f36efba8929e0f9ce79399b9e4f7e539.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

a19d95f41247d77be8cb63951e8d7bd22d20c08b5bb76ebff2effd72b9ab17d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 08 Jun 2023 15:28:50 GMT
server: Cloudinary
etag: "0a1690782a9d972b6b3895b0618aaa5e"
x-hw: 1687379289.cds276.am5.hn,1687379289.cds010.am5.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: cld-fastly;mitm=po;dur=148;cpu=0;start=2023-06-09T08:44:33.937Z;desc=miss,rtt;dur=0,cloudinary;dur=58;start=2023-06-09T08:44:33.979Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 11280

GET
H2 200 m.gif
p.sitemana.com/p/ 35 B
670 B 651ms
176ms Image
image/gif 52.39.80.159

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p.sitemana.com/p/m.gif?label=Z2h2ygovLp1D1wr8h0AVotf31BlrxKXIxQVdzSznqefd4Ivgxt

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.39.80.159 -, , ASN (),

Reverse DNS

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 35
x-xss-protection: 0
referrer-policy: no-referrer
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
x-download-options: noopen
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 22ms
15ms Image
image/gif 72.246.169.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REVCONTENT_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1687379289242&de=608600513213&m=0&ar=43a6e6e8aee-clean&iw=1d177cd&q=2&cb=0&ym=0&cu=1687379289242&ll=2&lm=0&ln=0&em=0&en=0&d=144903%3A173062%3A10246184%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=revcontentdisplay556968265165&fd=1&it=500&ti=0&ih=2&pe=1%3A609%3A609%3A1113%3A586&fs=204326&na=1872335709&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-146.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 21 Jun 2023 20:28:09 GMT

GET
H3 200 sponsoredheadline.ashx Show response
cloudflarepoc.newsmax.com/cmspages/newsmax/handlers/ 22 B
640 B 146ms
145ms XHR
application/json 2606:4700:3108::ac42:2bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflarepoc.newsmax.com/cmspages/newsmax/handlers/sponsoredheadline.ashx?&Url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F

Requested by

Host: cloudflarepoc.newsmax.com
URL: https://cloudflarepoc.newsmax.com/js/jquery-3.2.1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2bac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f53392704cf02f02579a8025ab504ccb8e4839c41d46d26ae2e4af2470025388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://cloudflarepoc.newsmax.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 22
x-ua-compatible: IE=edge
last-modified: Wed, 21 Jun 2023 20:28:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9I5B2O8uQX2bFDrfqn1geIADbM1BzMBKJ2gEA49pQTG7js5ZP6GHvrcj8o0y8AGgrqPbpQ1exazfB6yVCtxoQzC1tq4ibQLv9lRwlRWlHAk5LFqMYctk5oZG1ixTfuEoIfKxyd8NOKwKy4QT7ND2Y9VmiQNQjRTH"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=300
cf-ray: 7daeff0e7c7c926e-FRA
expires: Wed, 21 Jun 2023 20:33:09 GMT

GET
H/1.1 200
OK amp.min.css
amp.akamaized.net/players/9.1.20+premier/akamai/amp/core/ 3 KB
1 KB 258ms
258ms Stylesheet
text/css 2a02:26f0:7100::1720:eeeb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.akamaized.net/players/9.1.20+premier/akamai/amp/core/amp.min.css
Requested by: Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.20&_=1687379286069
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eeeb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4b3defb86a7f8790f0fb813fd319891772271c05839085a7e3abe27366b690f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Dec 2022 23:10:56 GMT
Server: AkamaiNetStorage
ETag: "74b74a9e579b8e19b338d84329e235a1:1672355456.20412"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 975

POST
H3 204 AGSKWxXKFG_TZBQUP8jvZXo6cPXte8iS__3bsanBV1U-0cOflDTfQutNDuQ0TGttTX5hCM-Z3xE2jj_Uy584ODLAj1huBGn2UevqXGWHXlcSBXi4ul7vExjN0Fvitz3dfx4VwUK9r6tILg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 126ms
53ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXKFG_TZBQUP8jvZXo6cPXte8iS__3bsanBV1U-0cOflDTfQutNDuQ0TGttTX5hCM-Z3xE2jj_Uy584ODLAj1huBGn2UevqXGWHXlcSBXi4ul7vExjN0Fvitz3dfx4VwUK9r6tILg==?pvid=C9BD9868-B16A-43C0-82AF-4C9094153B4A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gaHrgZjco-mtlLBKdvwXXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-gaHrgZjco-mtlLBKdvwXXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://cloudflarepoc.newsmax.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
121 KB 160ms
73ms Script
text/javascript 2a00:1450:4001:802::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.20&_=1687379286069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Wed, 21 Jun 2023 20:28:09 GMT

GET
H/1.1 200
OK Ima.min.js Show response
amp.akamaized.net/players/9.1.20+premier/akamai/amp/ima/ 27 KB
7 KB 276ms
262ms Script
application/x-javascript 2a02:26f0:7100::1720:eeeb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.akamaized.net/players/9.1.20+premier/akamai/amp/ima/Ima.min.js
Requested by: Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.20&_=1687379286069
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eeeb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a6c563629879d807d40f59562419f2ea67fe505990657ea55eedf045b3e070a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Dec 2022 23:11:34 GMT
Server: AkamaiNetStorage
ETag: "b32ccc3f2a41d4ff9d0a7d084f04551e:1672355494.406362"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 6565

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
87 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MDSEMR3DWD

Requested by

Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.20&_=1687379286069

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c742c8de47f7bb7f3e6fc86d6deac32e4f87a5b444014ee6165501cf6a0151ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88696
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Jun 2023 20:28:09 GMT

GET
H/1.1 200
OK Googleanalytics.js Show response
amp.akamaized.net/players/9.1.20+premier/akamai/amp/googleanalytics/ 9 KB
3 KB 360ms
347ms Script
application/x-javascript 2a02:26f0:7100::1720:eeeb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.akamaized.net/players/9.1.20+premier/akamai/amp/googleanalytics/Googleanalytics.js
Requested by: Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.20&_=1687379286069
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eeeb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 520bea0d3e4faa620553262770ffbec71e6e829a44a2766ae13f730e9367bb58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Dec 2022 23:11:44 GMT
Server: AkamaiNetStorage
ETag: "98ef21d6c660426d7244e9abbbd3d339:1672355504.889175"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 2114

GET
H/1.1 200
OK javascript_malibrary.js Show response
79423.analytics.edgekey.net/ma_library/javascript/ 306 KB
307 KB 90ms
18ms Script
application/x-javascript 23.36.209.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://79423.analytics.edgekey.net/ma_library/javascript/javascript_malibrary.js
Requested by: Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.20&_=1687379286069
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.36.209.167 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-209-167.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7f4f75fb519a433c4dc8dcd6ba9749cfb7c4a21e4cda5d9daea541bacdc76d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 20:28:09 GMT
Last-Modified: Thu, 24 Oct 2019 14:43:03 GMT
Server: AkamaiNetStorage
ETag: "d83076051245dae673088590db1aca3f:1571928183"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 313515
Expires: Wed, 21 Jun 2023 20:28:09 GMT

GET
H/1.1 200
OK Mediaanalytics.min.js Show response
amp.akamaized.net/players/9.1.20+premier/akamai/amp/mediaanalytics/ 6 KB
2 KB 384ms
361ms Script
application/x-javascript 2a02:26f0:7100::1720:eeeb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.akamaized.net/players/9.1.20+premier/akamai/amp/mediaanalytics/Mediaanalytics.min.js
Requested by: Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.20&_=1687379286069
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eeeb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1d0cb525db1d96aeb176ff1f95275446dc1fcc4235d7e650764127a172b7d634

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Dec 2022 23:11:07 GMT
Server: AkamaiNetStorage
ETag: "7ed59a74ca32791479330b9b37362779:1672355467.60041"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1729

GET
H/1.1 200
OK react.min.js Show response
amp.akamaized.net/players/9.1.20+premier/akamai/amp/react/libs/ 28 KB
11 KB 392ms
368ms Script
application/x-javascript 2a02:26f0:7100::1720:eeeb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.akamaized.net/players/9.1.20+premier/akamai/amp/react/libs/react.min.js
Requested by: Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.20&_=1687379286069
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eeeb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ce2354c8da66afc7b22e18fb2b53520933885683ca9730e9d448add8c680cd08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Dec 2022 23:12:42 GMT
Server: AkamaiNetStorage
ETag: "3693edf5246b14e782bf0ad16b386214:1672355561.904579"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 10242

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 46EE 0
79 B 8ms
7ms Document
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://cloudflarepoc.newsmax.com
Referer: https://cloudflarepoc.newsmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://cloudflarepoc.newsmax.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 20:28:09 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 2335 0
31 B 8ms
7ms Document
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://cloudflarepoc.newsmax.com
Referer: https://cloudflarepoc.newsmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://cloudflarepoc.newsmax.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 20:28:09 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 8ms
8ms Image
image/gif 72.246.169.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REVCONTENT_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1687379289327&de=927348382765&m=0&ar=43a6e6e8aee-clean&iw=1d177cd&q=5&cb=0&ym=0&cu=1687379289327&ll=2&lm=0&ln=0&em=0&en=0&d=144903%3A184989%3A10293260%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=revcontentdisplay556968265165&fd=1&it=500&ti=0&ih=2&pe=1%3A609%3A609%3A1113%3A586&fs=204326&na=698116052&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-146.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 21 Jun 2023 20:28:09 GMT

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2CCB 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:32:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 12:32:46 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2CCB 0
10 B 38ms
37ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ywmpsw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 204
No Content multitracking Show response
ghb.yieldlift.io/adunit/ 0
236 B 21ms
21ms XHR
text/plain 185.239.173.210
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.yieldlift.io/adunit/multitracking
Requested by: Host: player.yieldlift.io
URL: https://player.yieldlift.io/prebidlink/xSLH6/hbw_master_745361_17782.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://cloudflarepoc.newsmax.com
Date: Wed, 21 Jun 2023 20:28:08 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

POST
H2 204 page-view
yeet.revcontent.com/yeet/events/ 0
0 32ms
31ms Fetch 52.213.207.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Requested by: Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.213.207.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-207-136.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://cloudflarepoc.newsmax.com
date: Wed, 21 Jun 2023 20:28:09 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: Origin

POST
H2 204 widget-loaded
yeet.revcontent.com/yeet/events/ 0
0 32ms
32ms Fetch 52.213.207.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.213.207.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-207-136.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://cloudflarepoc.newsmax.com
date: Wed, 21 Jun 2023 20:28:09 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
server: envoy
vary: Origin

POST
H2 204 widget-loaded
yeet.revcontent.com/yeet/events/ 0
0 47ms
47ms Fetch 52.213.207.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.213.207.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-207-136.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://cloudflarepoc.newsmax.com
date: Wed, 21 Jun 2023 20:28:09 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 18
server: envoy
vary: Origin

OPTIONS
H2 200 page-view
yeet.revcontent.com/yeet/events/ Frame 0
0 179ms
44ms Preflight 52.213.207.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.213.207.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-207-136.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cloudflarepoc.newsmax.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://cloudflarepoc.newsmax.com
content-length: 0
date: Wed, 21 Jun 2023 20:28:09 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 14
x-rc-region: eu-west-1c

OPTIONS
H2 200 widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 245ms
110ms Preflight 52.213.207.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.213.207.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-207-136.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cloudflarepoc.newsmax.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://cloudflarepoc.newsmax.com
content-length: 0
date: Wed, 21 Jun 2023 20:28:09 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 81
x-rc-region: eu-west-1c

OPTIONS
H2 200 widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 85ms
31ms Preflight 52.213.207.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.213.207.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-207-136.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cloudflarepoc.newsmax.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://cloudflarepoc.newsmax.com
content-length: 0
date: Wed, 21 Jun 2023 20:28:09 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
x-rc-region: eu-west-1c

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MDSEMR3DWD&gtm=45je36e2&_p=1204779524&gdid=dMWZhNz&cid=1392805056.1687379289&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687379289&sct=1&seg=0&dl=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&dt=Newsmax%20%E2%80%93%20Breaking%20News%20%7C%20News%20Videos%20%7C%20Politics%2C%20Health%2C%20Finance&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MDSEMR3DWD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cloudflarepoc.newsmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK beacon-31098.xml Show response
ma1540-r.analytics.edgekey.net/config/ 12 KB
12 KB 532ms
469ms XHR
application/xml 2a02:26f0:3500:58f::aa5

General

Check archive.org

Show headers Download Go to

Full URL: https://ma1540-r.analytics.edgekey.net/config/beacon-31098.xml
Requested by: Host: 79423.analytics.edgekey.net
URL: https://79423.analytics.edgekey.net/ma_library/javascript/javascript_malibrary.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:58f::aa5 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9e69f834d41d6286b7a5e97be78f9bfce63f3de2fa5bd5d46d03a1b86492878

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 20:28:10 GMT
Last-Modified: Mon, 16 May 2022 08:20:57 GMT
Server: AkamaiNetStorage
ETag: "d3a874ff71d6fee84e71665b1ff23d9f:1652689257.04881"
Content-Type: application/xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12174
Expires: Wed, 21 Jun 2023 20:28:10 GMT

GET
H/1.1 200
OK React.min.css
amp.akamaized.net/players/9.1.20+premier/akamai/amp/react/ 24 KB
6 KB 359ms
359ms Stylesheet
text/css 2a02:26f0:7100::1720:eeeb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.akamaized.net/players/9.1.20+premier/akamai/amp/react/React.min.css
Requested by: Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.20&_=1687379286069
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eeeb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8d158c96ea62a845f629ed76551287372e1da7a910e29e4e6796a6d2c1870e60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Dec 2022 23:12:02 GMT
Server: AkamaiNetStorage
ETag: "05572f80a34b6a2bbee8d5c9388562a9:1672355522.620591"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5411

GET
H/1.1 200
OK React.min.js Show response
amp.akamaized.net/players/9.1.20+premier/akamai/amp/react/ 101 KB
19 KB 17ms
17ms Script
application/x-javascript 2a02:26f0:7100::1720:eeeb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.akamaized.net/players/9.1.20+premier/akamai/amp/react/React.min.js
Requested by: Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.20&_=1687379286069
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eeeb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: adfd5b76a01d8f7d5251b61af3938c1af50f677ef092cb298f1d4061c7ca5259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Dec 2022 23:12:01 GMT
Server: AkamaiNetStorage
ETag: "b5fb06cdfd644129bd506f280911afcf:1672355521.05657"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 19427

GET
H/1.1 200
OK amp.gif Show response
amp.akamaized.net/ 0
319 B 30ms
8ms XHR
image/gif 2a02:26f0:7100::1720:eeeb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.akamaized.net/amp.gif?prod=premier&prodver=9.1.20&platform=web&os=Windows&osver=10&browser=Chrome&browserver=114.0&url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&event=create&&lic=newsmax
Requested by: Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.20&_=1687379286069
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eeeb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 20:28:09 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK hls.min.js Show response
amp.akamaized.net/players/9.1.20+premier/akamai/amp/core/libs/ 315 KB
91 KB 438ms
437ms Script
application/x-javascript 2a02:26f0:7100::1720:eeeb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.akamaized.net/players/9.1.20+premier/akamai/amp/core/libs/hls.min.js
Requested by: Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.20&_=1687379286069
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eeeb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0224fb2109bd94d1df164cfc48f776f5ed760fc77b2598c36f451b620a4d8606

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Dec 2022 23:12:26 GMT
Server: AkamaiNetStorage
ETag: "7bc73febf18b398a5e8b5cc3338b8ac0:1672355545.869582"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK a-026z Show response
i.liadm.com/s/c/ Frame 4516 1 KB
1 KB 471ms
129ms Document
text/html 44.210.5.53

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01h3ft98jrs1r65kvn67qrwrf0&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YNY&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.210.5.53 -, , ASN (),

Reverse DNS

Software

Resource Hash

2f7764912c995fc698ed98306e791e25e13bfa56c685826a957885cdd34a6791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cloudflarepoc.newsmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 696
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Jun 2023 20:28:10 GMT
Request-Time: 23
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 7ms
7ms Image
image/gif 72.246.169.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fimages.netizen.co%2Fimage%2Ffetch%2Ff_jpg%2Cq_50%2Ch_315%2Cw_420%2Cc_fill%2Cg_faces%3Aauto%2Fpg_1%2Fhttps%3A%2F%2Fmedia.netizen.co%2Fcontent%2Fimages%2Ff36efba8929e0f9ce79399b9e4f7e539.jpg&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YHLM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-lw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=95&w=114&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=336&gp=6936&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&id=1&ii=4&f=0&j=&t=1687379289242&de=608600513213&cu=1687379289242&m=601&ar=43a6e6e8aee-clean&iw=1d177cd&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=6936&lb=8181&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A609%3A609%3A1113%3A586&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=180&cd=0&ah=180&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144903%3A173062%3A10246184%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204326&na=2138579824&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-146.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 21 Jun 2023 20:28:09 GMT

GET
H2 200 bridge3.578.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 14D5 709 KB
226 KB 39ms
38ms Document
text/html 2a00:1450:4001:802::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudflarepoc.newsmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 136325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231472
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 06:36:04 GMT
expires: Wed, 19 Jun 2024 06:36:04 GMT
last-modified: Wed, 07 Jun 2023 16:35:26 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 151ms
46ms Script
text/javascript 2a00:1450:4001:830::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 20:28:09 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 45ms
44ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1204779524&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&ul=en-us&de=UTF-8&dt=Newsmax%20%E2%80%93%20Breaking%20News%20%7C%20News%20Videos%20%7C%20Politics%2C%20Health%2C%20Finance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20Video&ea=player%20loaded&el=Advertisement&_u=aGHAAUABAAAAAGAAI~&jid=198594360&gjid=125678819&cid=1392805056.1687379289&tid=UA-31221-1&_gid=380252096.1687379289&_r=1&gtm=457e36e2&did=dMWZhNz&gdid=dMWZhNz&jsscut=1&z=645898494

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cloudflarepoc.newsmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1204779524&t=event&ni=1&_s=2&dl=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&ul=en-us&de=UTF-8&dt=Newsmax%20%E2%80%93%20Breaking%20News%20%7C%20News%20Videos%20%7C%20Politics%2C%20Health%2C%20Finance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20Video&ea=player%20loaded&el=Advertisement&_u=aGHAAUABAAAAAGAAI~&jid=&gjid=&cid=1392805056.1687379289&tid=UA-31221-1&_gid=380252096.1687379289&gtm=457e36e2&did=dMWZhNz&gdid=dMWZhNz&jsscut=1&z=1260070199

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:01:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5182
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1204779524&t=event&ni=1&_s=3&dl=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&ul=en-us&de=UTF-8&dt=Newsmax%20%E2%80%93%20Breaking%20News%20%7C%20News%20Videos%20%7C%20Politics%2C%20Health%2C%20Finance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20Video&ea=player%20loaded&el=&_u=aGHAAUABAAAAAGAAI~&jid=&gjid=&cid=1392805056.1687379289&tid=UA-31221-1&_gid=380252096.1687379289&gtm=457e36e2&did=dMWZhNz&gdid=dMWZhNz&jsscut=1&z=1181841680

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:01:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5182
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 8ms
7ms Image
image/gif 72.246.169.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=6&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fimages.netizen.co%2Fimage%2Ffetch%2Ff_jpg%2Cq_50%2Ch_315%2Cw_420%2Cc_fill%2Cg_faces%3Aauto%2Fpg_1%2Fhttps%3A%2F%2Fmedia.netizen.co%2Fcontent%2Fimages%2F64901ece27cf74-71116469.jpg&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YHLM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-lw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=95&w=114&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=336&gp=4604&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&id=1&ii=4&f=0&j=&t=1687379289327&de=927348382765&cu=1687379289327&m=541&ar=43a6e6e8aee-clean&iw=1d177cd&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=4604&lb=8181&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A609%3A609%3A1113%3A586&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=113&cd=0&ah=113&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144903%3A184989%3A10293260%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204326&na=292510614&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-146.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 21 Jun 2023 20:28:09 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-31221-1&cid=1392805056.1687379289&jid=198594360&gjid=125678819&_gid=380252096.1687379289&_u=aGHAAUABAAAAAGAAI~&z=1773777865

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Jun 2023 20:28:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cloudflarepoc.newsmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 64ms
64ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-31221-1&cid=1392805056.1687379289&jid=198594360&_u=aGHAAUABAAAAAGAAI~&z=385449968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 65ms
64ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-31221-1&cid=1392805056.1687379289&jid=198594360&_u=aGHAAUABAAAAAGAAI~&z=385449968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 20:28:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 __468x100_-article-ad-_730x60_-adsscript._topad. Show response
fundingchoicesmessages.google.com/f/AGSKWxWOegPdRrwOT7L17IZtPDDkaQZRTBeJN4Lb62xMZnYBSFwAUNKYT0LW7kQV7wnEVpFybrKBekb1pW5E9F2v5lcA9ruAYlUw-8e60Re9wQQcbZ4XHsSq2kysHbyIkmjWQILNjtSOkXhmOl61Wh2pZsddSgSQt... 54 B
109 B 62ms
62ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWOegPdRrwOT7L17IZtPDDkaQZRTBeJN4Lb62xMZnYBSFwAUNKYT0LW7kQV7wnEVpFybrKBekb1pW5E9F2v5lcA9ruAYlUw-8e60Re9wQQcbZ4XHsSq2kysHbyIkmjWQILNjtSOkXhmOl61Wh2pZsddSgSQtM9Xwg87FhsG5M5goaauecoaUuLdYb64/__468x100_-article-ad-_730x60_-adsscript._topad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.WoFtm8QHCzg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMz5pTQ7A3tqAabv56c4qB4SxLMQqw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0655302965c355e03161fca5f8a2da7c632c773bbec13cb53dc00cdc0675b00c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-P7nj0Q6Ho8FR91u87S8C_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:10 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-P7nj0Q6Ho8FR91u87S8C_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 12:30:24 GMT

POST
H3 204 AGSKWxXKFG_TZBQUP8jvZXo6cPXte8iS__3bsanBV1U-0cOflDTfQutNDuQ0TGttTX5hCM-Z3xE2jj_Uy584ODLAj1huBGn2UevqXGWHXlcSBXi4ul7vExjN0Fvitz3dfx4VwUK9r6tILg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 52ms
51ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXKFG_TZBQUP8jvZXo6cPXte8iS__3bsanBV1U-0cOflDTfQutNDuQ0TGttTX5hCM-Z3xE2jj_Uy584ODLAj1huBGn2UevqXGWHXlcSBXi4ul7vExjN0Fvitz3dfx4VwUK9r6tILg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q-CcykGOdn2sBaLPqT5vjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Jun 2023 20:28:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-q-CcykGOdn2sBaLPqT5vjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://cloudflarepoc.newsmax.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXKFG_TZBQUP8jvZXo6cPXte8iS__3bsanBV1U-0cOflDTfQutNDuQ0TGttTX5hCM-Z3xE2jj_Uy584ODLAj1huBGn2UevqXGWHXlcSBXi4ul7vExjN0Fvitz3dfx4VwUK9r6tILg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
47ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXKFG_TZBQUP8jvZXo6cPXte8iS__3bsanBV1U-0cOflDTfQutNDuQ0TGttTX5hCM-Z3xE2jj_Uy584ODLAj1huBGn2UevqXGWHXlcSBXi4ul7vExjN0Fvitz3dfx4VwUK9r6tILg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6VdU40wAD9SdQXv-rZANhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Jun 2023 20:28:10 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6VdU40wAD9SdQXv-rZANhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://cloudflarepoc.newsmax.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXKFG_TZBQUP8jvZXo6cPXte8iS__3bsanBV1U-0cOflDTfQutNDuQ0TGttTX5hCM-Z3xE2jj_Uy584ODLAj1huBGn2UevqXGWHXlcSBXi4ul7vExjN0Fvitz3dfx4VwUK9r6tILg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 52ms
51ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXKFG_TZBQUP8jvZXo6cPXte8iS__3bsanBV1U-0cOflDTfQutNDuQ0TGttTX5hCM-Z3xE2jj_Uy584ODLAj1huBGn2UevqXGWHXlcSBXi4ul7vExjN0Fvitz3dfx4VwUK9r6tILg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JrClQb3KFWkg01TyenPrpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Jun 2023 20:28:10 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JrClQb3KFWkg01TyenPrpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cloudflarepoc.newsmax.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXKFG_TZBQUP8jvZXo6cPXte8iS__3bsanBV1U-0cOflDTfQutNDuQ0TGttTX5hCM-Z3xE2jj_Uy584ODLAj1huBGn2UevqXGWHXlcSBXi4ul7vExjN0Fvitz3dfx4VwUK9r6tILg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 56ms
56ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXKFG_TZBQUP8jvZXo6cPXte8iS__3bsanBV1U-0cOflDTfQutNDuQ0TGttTX5hCM-Z3xE2jj_Uy584ODLAj1huBGn2UevqXGWHXlcSBXi4ul7vExjN0Fvitz3dfx4VwUK9r6tILg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Bb1f9AfPUj3n6syEtAMnZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Jun 2023 20:28:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-Bb1f9AfPUj3n6syEtAMnZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://cloudflarepoc.newsmax.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXrTYYJ9uB3Ceg1m3tc8eUKYMVOqA6eKp1BbUKzjU6Si6DypRgA8ImgkjnbDIMf72UC_inZITpjfbm-enG9GHqC-SL78NBRXIq_AGNRVeC-_Bp-9a1admVgvQsUtNaSuxHiF6A3Dw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 74ms
74ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXrTYYJ9uB3Ceg1m3tc8eUKYMVOqA6eKp1BbUKzjU6Si6DypRgA8ImgkjnbDIMf72UC_inZITpjfbm-enG9GHqC-SL78NBRXIq_AGNRVeC-_Bp-9a1admVgvQsUtNaSuxHiF6A3Dw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg3Mzc5MjkwLDY2MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9jbG91ZGZsYXJlcG9jLm5ld3NtYXguY29tLyIsbnVsbCxbWzgsIldvRnRtOFFIQ3pnIl0sWzksImRlIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7dafeaf55a261044e52d3684565e12a5c4659079829f28d23136871b4e0ae338

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-05Kj27Uf7p0Z1l7skJYbCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-05Kj27Uf7p0Z1l7skJYbCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
74ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306140101&jk=1229513361517429&bg=!rq2lrfnNAAaGYqkwpmI7ADkAdvg8WpxPfw6byVPvJhALE0Qrv5PZDhhtGdz4mLXNKO6QGg4FHw0JIVFTi4EZUak3tu9YQjNcbeQCAAAAeFIAAAADaAEHmQLbinf6gDrVRgRXZypxR1GSubgmpUCm7jBLUq_xxwiUrPd9oaLWcRBtih9e-e1cu6PGITv77MomFW8Nx8ZoBshO74rGb6gID6S4jBWIUEPnSNUjj3zmQQxIXAsmKBDNSXqZNHtuYhyWIIXf396vPF6zW6toW5UP2QGvvr-ipy3ZVPpkRk3kLLjwupv0fjy-IsXNBjeDxVKmpTkLa6MJg9y9zbFqG0A4fnj_F_pjhj4Nm02iCkSjD-YJ2Nh1daA8amxBGFdx1D8FKqk7hzzpjOFdCjAD1_z8XISnaQ5TIDbWkxQIjNh065WYSh6zKu8hKjiCo3Uoe_JcqaVk3-p-h353KBAN9mw9--ggh7xS_bpNPU2AcJvSQAvSEgEnC0i00Va0uCOfpVYwxqLYvSzI75UYQC6iSEV4vvAajcuV4EA0NJz-Re5fzlEKxj7CAPTfGnZE0f20bhZUlH5-i8DCgfivy8R_GoOTOLhWZLWKzfljAv9DxpqBfBCUwLNLyilMFhVZ58Hbe3YPM1E53_1-2-hhawBYAxw35NhSGlz0yBfJymEVpCeMA7EQ0LSmHWTKL6fipzjH5hcyKL9KsU-rPxpEinBoIz-_44TqveXR_-MyQKDgUQoatxZa50jfbkr1VSO-ZuXr2X0JhfZJDKXlaylhKFenb97STmdJ7Nt9t7LDJOipbDTMqxAFfRpE9_Vyh69C92eGhHtTi_evlAfOv8bICuAW1E2n826Qr1Kxg03zEKsOYmc7heoV0F18KJuoxNlSBbjBEy_zlREO1d4Tri04Fw5SYzdau8G9Js8J5ipBAKmOEdbHxcDLFzQ8c1LDpSjDe0Xe1JefJQbcgrpnmOjTuRlz46bIqmCsrFmA1YHtX-QIpDFIVpw3FPnfK--LI67QhjyPO7HZukajd_xB-qRGU84Mymn986WtekZgrcxHKPn_hlepJB-IgYay7jltSIOfDFFYXxaflpEny38
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H/1.1 200
OK fontawesome-webfont.woff
amp.akamaized.net/players/9.1.20+premier/akamai/amp/react/ 30 KB
31 KB 374ms
374ms Font
font/woff 2a02:26f0:7100::1720:eeeb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.akamaized.net/players/9.1.20+premier/akamai/amp/react/fontawesome-webfont.woff
Requested by: Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.20+premier/akamai/amp/react/React.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eeeb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2a536619d5ea5e13d08259acd4e46d5e829f8e2e3935b0d9003b9b36d1589725

Request headers

Referer: https://amp.akamaized.net/players/9.1.20+premier/akamai/amp/react/React.min.css
Origin: https://cloudflarepoc.newsmax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:10 GMT
Last-Modified: Thu, 29 Dec 2022 23:12:02 GMT
Server: AkamaiNetStorage
ETag: "849abfea7388faeeb4edbc0b89288b85:1672355522.077892"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: font/woff
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 31156

POST
H3 204 AGSKWxXewN34gu8qXJQjsPaudQTt-8Q6WJcTAeTNV3m7OChx-wr3TSxYAJZb4AsYRZlfrbu0ASeTUuk-clFNHCA228YWM3UPqvuKDC4Vcb9C3oBD1GbUtc5M75zDcbd91vkgLJGkN9I_6g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 49ms
49ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXewN34gu8qXJQjsPaudQTt-8Q6WJcTAeTNV3m7OChx-wr3TSxYAJZb4AsYRZlfrbu0ASeTUuk-clFNHCA228YWM3UPqvuKDC4Vcb9C3oBD1GbUtc5M75zDcbd91vkgLJGkN9I_6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c1L67pAEpYgG-JEg3aNiHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cloudflarepoc.newsmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Jun 2023 20:28:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-c1L67pAEpYgG-JEg3aNiHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://cloudflarepoc.newsmax.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1204779524&t=event&ni=0&_s=4&dl=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&ul=en-us&de=UTF-8&dt=Newsmax%20%E2%80%93%20Breaking%20News%20%7C%20News%20Videos%20%7C%20Politics%2C%20Health%2C%20Finance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20Video&ea=mute&el=&_u=aGHAAUABAAAAAGAAI~&jid=&gjid=&cid=1392805056.1687379289&tid=UA-31221-1&_gid=380252096.1687379289&gtm=457e36e2&did=dMWZhNz&gdid=dMWZhNz&jsscut=1&z=411909617

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:01:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5183
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK amp.gif Show response
amp.akamaized.net/ 0
319 B 21ms
7ms XHR
image/gif 2a02:26f0:7100::1720:eeeb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.akamaized.net/amp.gif?prod=premier&prodver=9.1.20&platform=web&os=Windows&osver=10&browser=Chrome&browserver=114.0&url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&event=start&&lic=newsmax
Requested by: Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.20&_=1687379286069
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eeeb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 20:28:10 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK 9.gif Show response
ma1540-r.analytics.edgekey.net/ 10 B
294 B 7ms
7ms XHR
text/plain 2a02:26f0:3500:58f::aa5

General

Check archive.org

Show headers Download Go to

Full URL: https://ma1540-r.analytics.edgekey.net/9.gif?a=I~b=b38bfa202e63631098~c=6f2035b2-9145-403e-bdd3-4101394ff5fc~d=3eb5f934-6ae8-4707-8d75-80ead43317d4~e=0~g=0~w=3~ag=cloudflarepoc.newsmax.com~ah=-~al=Windows~at=Chrome%20114~ax=O~ay=CoreLibrary-4.20.28:JSLoader-1.6.8~cm=~dx=0.003~en=Newsmax%20TV%20Live~os=Windows-10~pd=Newsmax.com%20-%20AMP%20v9.1.20+premier~sa=Desktop~tt=Newsmax%20TV%20Live~ai=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/114.0.5735.133%20Safari/537.36~az=1.0~pr=-~pu=https://cloudflarepoc.newsmax.com/
Requested by: Host: 79423.analytics.edgekey.net
URL: https://79423.analytics.edgekey.net/ma_library/javascript/javascript_malibrary.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:58f::aa5 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 20:28:10 GMT
Server: AkamaiNetStorage
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10
Expires: Wed, 21 Jun 2023 20:28:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 48ms
47ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cloudflarepoc.newsmax.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloudflarepoc.newsmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET

usersync.aspx
dis.criteo.com/dis/ Frame 4516
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D&us_privacy=1YNY
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2484576212589273180&us_privacy=1YNY
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1YNY

0
0

GET

cm
p.rfihub.com/ Frame 4516
Redirect Chain

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=cf637065-cd6f-4240-a918-753c4e8357c3&us_privacy=1YNY
https://p.rfihub.com/cm?pub=39342&in=1&userid=b61fcbf5-5947-4d4f-a907-1adfcdd5bef2%3A1687379290.4563146&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db61fcbf5-5947-4d4f-a907-1adfcdd...

0
0

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 4516
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=cf637065-cd6f-4240-a918-753c4e8357c3&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1YNY
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=cf637065-cd6f-4240-a918-753c4e8357c3&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1YNY
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=4f7a3e63-649c-44ea-9c09-ff99ed0c6060
https://x.bidswitch.net/sync?ssp=liveintent&user_id=cf637065-cd6f-4240-a918-753c4e8357c3
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4f7a3e63-649c-44ea-9c09-ff99ed0c6060&ssp=liveintent&gdpr=&gdpr_consent=

42 B
213 B

63ms
20ms

Image
image/gif

34.160.236.64

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4f7a3e63-649c-44ea-9c09-ff99ed0c6060&ssp=liveintent&gdpr=&gdpr_consent=
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01h3ft98jrs1r65kvn67qrwrf0&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YNY&
Protocol: H2
Server: 34.160.236.64 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 20:28:10 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4f7a3e63-649c-44ea-9c09-ff99ed0c6060&ssp=liveintent&gdpr=&gdpr_consent=
date: Wed, 21 Jun 2023 20:28:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 4516 43 B
443 B 53ms
17ms Image
image/gif 185.29.134.248

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=36&cf637065-cd6f-4240-a918-753c4e8357c3&us_privacy=1YNY
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01h3ft98jrs1r65kvn67qrwrf0&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YNY&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 -, , ASN (),
Reverse DNS
Software: MT3 1031 59fd23a master cdg cdg-pixel-x35 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 20:28:10 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x35 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Wed, 21 Jun 2023 20:28:09 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4516 70 B
265 B 98ms
31ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1YNY
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01h3ft98jrs1r65kvn67qrwrf0&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YNY&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Jun 2023 20:28:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET

live_intent_sync
x.dlx.addthis.com/e/ Frame 4516
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=cf637065-cd6f-4240-a918-753c4e8357c3&us_privacy=1YNY
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=cf637065-cd6f-4240-a918-753c4e8357c3&us_privacy=1YNY&rd=Y

0
0

GET /
b1sync.zemanta.com/usersync/liveintent/ Frame 4516 0
0

GET ads
pubads.g.doubleclick.net/gampad/live/ Frame 14D5 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.queryly.com
URL: https://www.queryly.com/images/whitesearchicon.png

Domain: www.newsmax.com
URL: https://www.newsmax.com/CMSPages/GetFile.aspx?guid=f6f397d9-f701-4d3d-bf33-ea95e8d551a3&SiteName=Newsmax

Domain: www.newsmax.com
URL: https://www.newsmax.com/CMSPages/GetFile.aspx?guid=80427098-31ff-41ea-9f1b-8b285623e6d4&SiteName=Newsmax

Domain: dis.criteo.com
URL: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1YNY

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?pub=39342&in=1&userid=b61fcbf5-5947-4d4f-a907-1adfcdd5bef2%3A1687379290.4563146&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db61fcbf5-5947-4d4f-a907-1adfcdd5bef2%253A1687379290.4563146%26_%3D1687379290.460949&cb=1687379290.4609838

Domain: x.dlx.addthis.com
URL: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=cf637065-cd6f-4240-a918-753c4e8357c3&us_privacy=1YNY&rd=Y

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__&us_privacy=1YNY

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F6305169%2FNewsmax%2FVideo%2Flivestream&description_url=http%3A%2F%2Fwww.newsmax.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&vpos=preroll&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1705651870109210&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1YNY&sdki=445&ptt=20&adk=1432275222&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=2F9DD91F-2112-4A87-91DD-45A44B37E403&a3p=EhwKDWNyd2RjbnRybC5uZXQY4L2S_Y0xSABSAghkEhkKCnB1YmNpZC5vcmcY672S_Y0xSABSAghqEsIBCghydGJob3VzZRKsAWpSTkcxc09YSUZlWVBQMlBXM2YycmY2SFRRNjNiWjZZVkhsWUlMVmtTRzdpTVE2enpJNGp5UU01c3QwZERsVDNPeVFPR0RoTHhJWmFzMlc3VHdFTHF6Z2VrM1NXL3U0SXZwZTdINVNFblZHa3RQdENrVWdXUVVsalJTaVdXWW90SGNua2NKOWtSTk1oS0xCenk1emIydEJNSDA1WGxldGRpdDJaSFVnU29IZz0YuL-S_Y0xSAASHQoOZXNwLmNyaXRlby5jb20Y4b2S_Y0xSABSAghkEj4KBW9wZW54EixleUpwSWpvaVZrVlZVVGh1U0ZwUmFEWndRM2RtTTFZelNWVkVVVDA5SW4wPRi6wJL9jTFIABIZCgp1aWRhcGkuY29tGOG9kv2NMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_b6S_Y0xSABSAghq&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&url=https%3A%2F%2Fcloudflarepoc.newsmax.com%2F&dlt=1687379284966&idt=5032&dt=1687379290367&cookie=ID%3D9ae25c68481218dc%3AT%3D1687379288%3ART%3D1687379288%3AS%3DALNI_Mb_5_vgXyVLM2fyz9TQ7g33-szWLQ&gpic=UID%3D00000c4ca2c46bc1%3AT%3D1687379288%3ART%3D1687379288%3AS%3DALNI_MY8wgpvlUdzt19rfnQ_UpwiNCL_Nw&scor=3389817035573453&ged=ve4_td5_tt0_pd5_la5000_er669.959.822.1259_vi0.0.1200.1600_vp100_eb24171

Verdicts & Comments Add Verdict or Comment

426 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cloudflarepoc.newsmax.com/	1970-01-20 21:30:01	Name: CMSPreferredCulture Value: en-US
cloudflarepoc.newsmax.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: yiczo4qiwplmsocnpminqsbh
cloudflarepoc.newsmax.com/	1970-01-20 12:44:25	Name: CMSCurrentTheme Value: Empty
cloudflarepoc.newsmax.com/	1970-01-20 13:47:47	Name: promo_code Value: 1034014qqur4
cloudflarepoc.newsmax.com/	1969-12-31 23:59:59	Name: BIGipServernewsmax_v11_s1_pool Value: 1930406080.47873.0000
cloudflarepoc.newsmax.com/	1969-12-31 23:59:59	Name: BIGipServernewsmax_443.app~newsmax_443_pool Value: 1980737728.47873.0000
.newsmax.com/	1970-01-20 12:42:59	Name: lotame_domain_check Value: newsmax.com
.criteo.com/	1970-01-20 22:04:35	Name: uid Value: ef523a5a-6c9b-4fd5-a5e5-d3c1bbcadd1a
cloudflarepoc.newsmax.com/	1970-01-20 13:26:11	Name: _pbjs_userid_consent_data Value: 3524755945110770
.newsmax.com/	1970-01-20 22:04:35	Name: cto_bundle Value: gZXQXF95ViUyRjE5MGdxaEhVYVJVV0JKZVptWW9Qa1p4NXN4T0VzZiUyRnFUUm5vQ0QlMkZlUXM0bDViQk43bWlKc0cwRFFxaXl4SGNQbFl1V3J2YTZzdTYlMkY2SHFzMiUyQklGMU5ac0lVeGptR1h5V3N3YkF6MEptczRxcWZEV2tXQUxrNk84NVpPN0klMkJwVGtwVVo0UmNNZ3dHYzkzJTJGeWU3USUzRCUzRA
.openx.net/	1970-01-20 21:28:35	Name: i Value: 544510f2-71d9-421e-a90b-07f75772140d\|1687379287
.newsmax.com/	1970-01-20 14:52:35	Name: _gcl_au Value: 1.1.1212329898.1687379288
.cloudflarepoc.newsmax.com/	1970-01-20 13:26:11	Name: view_cnt Value: 1
.cloudflarepoc.newsmax.com/	1970-01-20 13:26:11	Name: ppid Value: c519935c-4c75-4900-b03e-7bfc70ddb058
.onesignal.com/	1970-01-20 12:43:01	Name: __cf_bm Value: b49lD4wda9fcwSs.ExLrQdrYaPKiIjrhqJt1LTlbwts-1687379288-0-ASSRab8bVUtLdLZhKAL/wNnEmP51fWTaKxpRwebmSTFgxAOREGESCVqi6Yv2OeKHhs9Vkcn3kWIkfXZXmwxc75I=
.cloudflarepoc.newsmax.com/	1970-01-20 22:18:59	Name: _ga Value: GA1.3.1392805056.1687379289
.cloudflarepoc.newsmax.com/	1970-01-20 12:44:25	Name: _gid Value: GA1.3.380252096.1687379289
.cloudflarepoc.newsmax.com/	1970-01-20 12:42:59	Name: _dc_gtm_UA-31221-1 Value: 1
.newsmax.com/	1970-01-20 14:52:35	Name: _fbp Value: fb.1.1687379288652.1526253604
.newsmax.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .newsmax.com
.newsmax.com/	1970-01-20 22:18:59	Name: _lc2_fpi Value: cd49d5059397--01h3ft98jrs1r65kvn67qrwrf0
.quantserve.com/	1970-01-20 22:13:13	Name: mc Value: 64935d58-a3183-95b68-d7762
.newsmax.com/	1970-01-20 22:07:28	Name: __qca Value: P0-2032044670-1687379288503
a4p.adpartner.pro/	1970-01-20 14:09:23	Name: apuid Value: a0a5aa89-647b-426a-ba3e-02df1d1be5bb
.adtelligent.com/	1970-01-20 14:12:16	Name: vmuid Value: f12fc764df547371
.newsmax.com/	1970-01-20 22:18:59	Name: _ga Value: GA1.2.1392805056.1687379289
.newsmax.com/	1970-01-20 12:44:25	Name: _gid Value: GA1.2.380252096.1687379289
cookies.nextmillmedia.com/	1970-01-20 12:53:04	Name: NMUID Value: csuid_eb6db527-a53a-49c3-8263-dfa413b00a25
.adtelligent.com/	1970-01-20 14:12:16	Name: a307558 Value: a0a5aa89-647b-426a-ba3e-02df1d1be5bb
.doubleclick.net/	1970-01-20 22:04:35	Name: IDE Value: AHWqTUn4o2de92umCSvMQ9K6z3gGwZ51VvMDYJT6p0yXu3yShLzaOsBGy7FEibEEvkU
.newsmax.com/	1970-01-20 22:04:35	Name: __gads Value: ID=9ae25c68481218dc:T=1687379288:RT=1687379288:S=ALNI_Mb_5_vgXyVLM2fyz9TQ7g33-szWLQ
.newsmax.com/	1970-01-20 22:04:35	Name: __gpi Value: UID=00000c4ca2c46bc1:T=1687379288:RT=1687379288:S=ALNI_MY8wgpvlUdzt19rfnQ_UpwiNCL_Nw
.newsmax.com/	1970-01-20 22:18:59	Name: _ga_2FX1NRF0GB Value: GS1.1.1687379288.1.0.1687379289.59.0.0
.liadm.com/	1970-01-20 22:18:59	Name: lidid Value: cf637065-cd6f-4240-a918-753c4e8357c3
cloudflarepoc.newsmax.com/	1969-12-31 23:59:59	Name: NMSeg Value: PR

60 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=6288893f-953d-4745-86d1-92f687ef7f72&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=1b8d4fc9-0aa4-45c0-a1a0-dbc449740d6b&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=d152f1b7-73da-4b7b-ad6d-93c2dc97c0c2&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=0c633c5c-fb2d-4642-a7ce-73b0786fa706&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=aae609fd-e813-4a00-b5bc-70f5dff4d159&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=f00a0799-ede2-461f-b68c-e9f327abde0c&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=32124640-5cb7-4dab-83ab-f1b38de26b27&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=4aba6cce-5f59-4637-85ff-2d7bd75f8c32&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=b89fe51a-88c1-4fad-b553-4527c395ae1a&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=5184fd72-b440-4d28-9f9d-8f5f1099321d&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=320a16ac-14b9-4f2e-a6ed-cfa956c471e5&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=e42e3cba-19d6-4dda-8f4a-7573c970b96e&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=40a363d8-1218-4f30-8ebd-789ea6b00605&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=f3c97aa4-a403-4602-8f65-8aa453051f4d&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=f858e17b-b6b6-4c7c-aaa0-e316241bd823&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=e64fe0f4-d258-4c09-8946-bfc2234cfd5f&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=18b206c6-820f-461d-905a-870e5d5fe089&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=5e3d2d04-eb34-4d9a-b6fa-cbf242091a3d&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=fb096847-5d85-4383-9d4f-7ee91a228b47&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=79d52ddf-0e67-4362-8974-cdc61982dc51&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=a6e79320-848d-4be1-8c51-b9de3d3ace1d&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=f47e6071-a389-4aa3-ac8e-b917394e4b13&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=a3f6d4ad-2ef6-4852-af15-4059c787a30d&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=3f1f0604-b8d9-4262-890b-1599641bbcd3&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=fb250523-112f-47aa-b3b3-1fb1c6f7ad82&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=1d6e794d-8bfb-437d-94cd-2a0b748ba373&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=9f3586c9-8b2b-4246-9b25-861c989e4d05&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=a01dbfa7-f677-4330-b639-ece12e4f2793&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=08cde0b4-3b0a-495c-aa73-60efc939877e&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=fb2ebf5c-c5e4-436f-a742-39fa2261af9a&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=954814ba-8890-4b3d-9396-5028268f2666&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=37c9f3c3-b313-4b1a-b365-72f66d34f461&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=b0cc96d3-4b6b-4c2e-9fd8-9aaa948569fd&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=42ece4f1-6ed5-444f-a787-d568ccb5be11&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=c75de1bb-4ab9-42cb-af19-4f966240bfb1&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=e6359a12-512c-41b5-b1b1-bc586fb57a23&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=3871d1ad-c7c6-445f-b684-602cd877df85&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=94f2ebe8-83f0-4433-b28d-595f73239a05&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=b0b35ec8-661c-4289-b6b5-97b1444a3f56&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=d01fead2-f451-40fb-82d9-7d8fabdb9234&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=bd9784cc-76bf-4da8-a267-c457b998174c&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=17c1704a-51cf-494b-a70e-289274046de4&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=d4b3e540-c994-4a68-9d42-f80c50e849bd&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=725cf6be-6928-405b-9f65-a3e12c55d0a4&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=80a57a33-da27-4519-af96-6a3758a88712&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=198df5ae-7720-431c-88ea-396b20dd8387&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=5216e892-bfe2-40c3-8f3e-e4ce69323016&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=12864f3d-2813-4fcd-abc5-f6afd5bf8dd3&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=4ea2199a-c164-4bc0-ab0d-25a35936c928&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=733c52b0-345c-43ce-88a1-eca236422284&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=ff9e6626-1a4a-4585-a713-12d209f5df00&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=b13c6a37-7efc-45d9-a7c9-3642f7c5d5e1&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=41f9a875-2a19-47e9-be7d-589d58ac75ca Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=1278f973-b1a0-4822-adfc-611bb135e86a&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=751e7a05-9682-4646-be31-66994a842248&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=ed81b48c-c0e6-425d-a5e6-8f3264c98d57&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloudflarepoc.newsmax.com/CMSPages/GetFile.aspx?guid=7ee1f94f-a219-4682-a492-301f0cf4d452&SiteName=Newsmax Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://consentcdn.cookiebot.com/consentconfig/1a61d2ea-bd67-40f4-8385-916bd16133ed/cloudflarepoc.newsmax.com/configuration.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.20&_=1687379286069(Line 18) Message: It is recommended that a robustness level be specified. Not specifying the robustness level could result in unexpected behavior.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 468) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4db7952b25c252efb9e2f8a08616b3b8.safeframe.googlesyndication.com
79423.analytics.edgekey.net
a4p.adpartner.pro
ads.pubmatic.com
adservice.google.com
amp.akamaized.net
ap.lijit.com
assets.netizen.co
assets.revcontent.com
b-code.liadm.com
b1sync.zemanta.com
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cloudflarepoc.newsmax.com
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
cookies.nextmillmedia.com
dis.criteo.com
esp.rtbhouse.com
fundingchoicesmessages.google.com
ghb.yieldlift.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
id5-sync.com
images.netizen.co
imasdk.googleapis.com
invstatic101.creativecdn.com
ma1540-r.analytics.edgekey.net
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
onesignal.com
p.rfihub.com
p.sitemana.com
p.typekit.net
pagead2.googlesyndication.com
pixel.quantserve.com
platform-api.sharethis.com
platform.twitter.com
player.adtelligent.com
player.yieldlift.io
pubads.g.doubleclick.net
px.moatads.com
region1.analytics.google.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s0.2mdn.net
s3.us-west-2.amazonaws.com
s7.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
sync.mathtag.com
t.trafmag.com
tags.crwdcntrl.net
tpc.googlesyndication.com
trends.netizen.co
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.newsmax.com
www.queryly.com
x.bidswitch.net
x.dlx.addthis.com
yeet.revcontent.com
z.moatads.com
b1sync.zemanta.com
dis.criteo.com
p.rfihub.com
pubads.g.doubleclick.net
www.newsmax.com
www.queryly.com
x.dlx.addthis.com
13.32.110.70
137.74.6.209
141.95.98.65
151.139.128.10
178.250.1.11
185.239.173.210
185.29.134.248
193.200.65.5
2.19.224.115
2001:4860:4802:32::36
216.52.2.16
23.227.139.243
23.36.209.167
2600:1f18:730:b120:94f1:b451:8dad:7124
2600:9000:2022:7000:8:8845:1500:93a1
2600:9000:219c:6000:6:44e3:f8c0:93a1
2600:9000:2250:9800:a:e047:753:be1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:266a
2606:4700:20::681a:d56
2606:4700:3108::ac42:2bac
2606:4700::6811:180e
2606:4700::6812:d63b
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:800::2008
2a00:1450:4001:802::2001
2a00:1450:4001:802::200a
2a00:1450:4001:806::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2006
2a00:1450:400c:c0d::9c
2a02:2638:d::2
2a02:2638:d::d
2a02:26f0:1700:794::f09
2a02:26f0:3500:18::1724:a29a
2a02:26f0:3500:18::1724:a29e
2a02:26f0:3500:58f::aa5
2a02:26f0:480:f::213:7ed3
2a02:26f0:480:f::213:7ee1
2a02:26f0:7100::1720:eeeb
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:600::485
3.124.114.18
3.233.112.95
34.102.146.192
34.120.135.53
34.160.236.64
34.255.231.185
34.96.70.87
34.98.64.218
35.190.39.111
35.71.131.137
44.210.5.53
45.133.44.3
45.133.44.4
52.213.207.136
52.218.232.152
52.222.169.46
52.3.28.117
52.39.80.159
54.192.111.20
72.246.169.146
88.221.168.201
007a3140ed7b0ae6d971c13f2528ddcf0090d965f84120bcd8739ec71fc924d1
019d693563633bc359cfd5bad2828450783e1487bf61e7b3592c42785eb3b519
0224fb2109bd94d1df164cfc48f776f5ed760fc77b2598c36f451b620a4d8606
0364af76965d1c7e96e36cf45fb4d780dbac613b7b23fd8d072c71bf35d76926
0655302965c355e03161fca5f8a2da7c632c773bbec13cb53dc00cdc0675b00c
0a2ed126dc370334f4e70b5ccdd2ac816f7bb2018b402e85934af96aad7821b5
11da5385fca5f8fdabbef07fb09f43b66f7418434230bd98e3bbc0af70fe7de2
16ad2ec6e0c0e5e69fe5b97497c8deaf42ba8825cc0d31721732d7dc02f62358
18cad16bdc6b1b1f38c31388ba565f7d423cf5e30808dd996df81d9351e11652
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d0cb525db1d96aeb176ff1f95275446dc1fcc4235d7e650764127a172b7d634
1ed7f43d675c0d203d845162c122fd2a7ec79093655370e9ce24e9408c80227a
1ee24fbe8d5fe30f76c09dbc99e3066bc179869fa0c1f515880b4a054976dd94
2074d239d8626098f43625c48639c95393a87d1326e2e8c9ce09964f9e597f2e
2247eb6be751f71ca6fe3f198ada0080086949e487447cb52aa652ee33ad1d04
23bd810b02e54407c75fd98b4d2a3f93ba076eead81f9e736de911bb365e2634
2a536619d5ea5e13d08259acd4e46d5e829f8e2e3935b0d9003b9b36d1589725
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f6831200b76fd6142e52682fbfbae67a0b0e0ed69caa26691d1d362bcc06d3b
2f7764912c995fc698ed98306e791e25e13bfa56c685826a957885cdd34a6791
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34375bc45b21a43e9630374b2a625cd38ac7a04df9fe25d7541537555726e45c
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
37de472028055dd144d691b4baf5be4ca20d99e95e17f2a21872e1bb26c5dc05
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
41b351513d9cf9cb68c17f0b9e3e5183d9612f3b689a81810c22ca47c7eb7a7e
445a40338fb4c488b9b8432ec3014e6fda1e95370e87f33fdc527c06d04dbaa5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1
4906330d05bd9db6a1e6f9e2349bc8aa07d782e6c453f7089d20af23ef16a8e6
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b
499a095318b948fc3681730570823fb90157a6fea46ca82132f3742e79adadd3
4b3defb86a7f8790f0fb813fd319891772271c05839085a7e3abe27366b690f9
4bf4b3ba6f93adaa0aad39f0b22b65fd8e42f244c67be4c11f3324cec0c01aac
4d587885f84d5f0b3287ee5a85401c1fd06b7a79bb62fbec528ce26585f85852
4d609cb1430ec19af108e46e3ba2ce81d5fc5355de5f2d4447ff25b856fd7340
500b1cb2d9aed655f5bc0eb0313a6ebf75d3613e94b2234a60f532eea7e51590
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
520bea0d3e4faa620553262770ffbec71e6e829a44a2766ae13f730e9367bb58
5250ded34e7769fd9dfdaaaac2cd73a20df5a049137660e8653a06f66c0ddc13
53c8738c08f77f6b785849e21c4631d58407971f05fdda7a38596e85bd8d936f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548ff995b93f8f32334747b861c74a4dc11d6624456679485d6d4a6930d39b67
550fe5bd35e84ba0cb2e6b6976dd1aedf1fdf8aad2a39e6d56335353323881f4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
5b70d8eb19ca32d244e29e759e816c343be893232978532c9d5943f838e60e0b
5f3212d1414cea43279fc374c5b0599841772e6f03e7db0b6b2ac8b6735b61d7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
6ad0665b8b1e41b73f4232e0c7940822116c2038cd2550897549d7f8a2bff668
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6b34d11d33052e88aae4d6604dfae68e92bbb63333397cab8c15e5125d9aca20
6bc30e75c37bf18ef1ab4c691fa3cb3e8733f6c33bdd18d76e7c08c6d86040ee
6e17037f9c718754eadb80aa05fa7f2c15f6a2b90ab67216cee93d903a9ffea9
700c9a7b8e315449ee1b71a9731f232530d2ec494334d3a853e8a46d694d82f1
70e960e46a5dfdc50d48635c26a18a1e5e894b1e74a796436edbf386d0b2bc3c
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
74475967bdd27d1efa3e20fd636afe5bb0c391494f9fa5768856bb25af4690d0
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
77057a038d4414aed81e3c6b51c8948aeefc3835762e96a05f4188310308a29d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c72cf89fc8b1b8451a4529f9ecf01f7974c362dfa724a8ae21e2cc858bd5a0
7dafeaf55a261044e52d3684565e12a5c4659079829f28d23136871b4e0ae338
7f4f75fb519a433c4dc8dcd6ba9749cfb7c4a21e4cda5d9daea541bacdc76d71
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
85e54d08d60bd2e0b68b10154294eb98f6f835a4597466db3fff4d5fab553e12
8a07b0bed8ffbd2c98bbdb26498dab19f7439913489c946acb54bb677170ca65
8b2442d4d51ef5ff6e14f53e15cce7e04f4ee5a9eaf8a348babaa8efd5b058a7
8bfa3c4705ea723f5dbeb0ba6bc3efccb25b6fbbb24ff04999df04140ba7d3c1
8c104894c3614094abfa85aee0f0292918ed5eb80c6e497b66ad14fd6ea82bf5
8d158c96ea62a845f629ed76551287372e1da7a910e29e4e6796a6d2c1870e60
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7
91f0e3fd56b066715625bef36e3c3d23559c416bd7f69c38e504a904313576b7
944fac3cacc7788d66a1a3f30250a0bf475530e29bf9d270ae7be201f98d43be
9555fe17a830d6dbd4a6f21ae9332590e89eff17b2dabe8ad1cae85d8b7b601e
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c542c5bc7f589644de6f356d382ae220cf157fc7deba5b6f4fc14f4b1ab6d82
9cef7f743987479022148931132527fe1b8712ea4949cae7a5e9b1b73884f9fb
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a19d95f41247d77be8cb63951e8d7bd22d20c08b5bb76ebff2effd72b9ab17d1
a1ce12242591018054cf37daa50fb9edaf4482e83185318fe74cbfdc30866ef1
a436f9ac9629e5564f935e41fd86e01bf5228e18aa0491aec7cfd200a0a44a5d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6c563629879d807d40f59562419f2ea67fe505990657ea55eedf045b3e070a1
a9e69f834d41d6286b7a5e97be78f9bfce63f3de2fa5bd5d46d03a1b86492878
aca9e5a67f06ff68ac7ced2031ef234afd2f20010451a904f25b8d4fcbfb04f8
adfd5b76a01d8f7d5251b61af3938c1af50f677ef092cb298f1d4061c7ca5259
b0cffc49a075c0426b5fcf5ba106f443c878a7d2a243a95c033e2cd8fc8ec286
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e91321d1b560fe1ec1aba1374e92c5dd4c33b2abc0cdc6079b5b74894acd56
b3dc49d94ba659f483e6bcfa6efbf827ee367681fe729a88a72acd36f01f3c5f
b3f6d5a058b098bff36e4e53acb9e9e6d18cf7cc48e115f67c5d93da5d3cde36
b86cfbdc7929da0a826dfe2aeb0e6401f4f2ed16d2e7d866871e6b8117ee60d6
b9d9c248d1c87f59c7f19b198c5ed7310a4bfd0f57759dd87d649b00ec9fdb5b
bfed6e0df9443581048fab45ae451481f56c4155985d8dcf8bc13ed268af4824
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c5bc1dd26f79572ec27e1b0254b10f41d11704af7713c0c9288cde53cf809e45
c607a0c62c39afe964c982a6b2bed52acf0b6f47679da4a9a6f117896114cdcf
c742c8de47f7bb7f3e6fc86d6deac32e4f87a5b444014ee6165501cf6a0151ea
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce2354c8da66afc7b22e18fb2b53520933885683ca9730e9d448add8c680cd08
ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0
cef0f742aa3b68b32ec2d14309f4cdbf582e8b19131386e4d1ecc975bad29a25
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d19416b7ab9bf9a7563bc0a9ec7e19f2ff4eb7ecf835b4b3fa1558710e1253b8
d21d91db54cd6973d6068d98f348baf74743efe00ca0e5d761ffc705386c81f3
d319bdf140fe2cdd1d0923db42f5b400d486cba4dee2ef348c56589bda2e2464
d6d9bef928c632a076a92886d782b3a0096f19454f140e5039326004c38e0d01
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d5a8015a42d3c6096e03cb5bd4f7f2d45f290d1feb9271561a8755fbf7ceee
e9b6e5d6207dea3753f55720cef88d4c6a60758ffacb7808ec6081b2a63bbc5e
eb25d7a15959d5fbd256700357f889f1875ef3942145b95c849164116e3a86d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6058292ccc26a22da224e9bc33514fd4feb09c90da968d56d07854f2a2475b
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f19da8e29b3dab4a867261c45a630d4647aac57eddcb08709d207c2bafbe1f4c
f23301d839c15631082d7524748d8180a96b867de39e6a3f5df96f32f13d76c3
f4109d6bca212d30be4b2b79072bdf8d24b17af50cc5bb1997bf211eb3a75909
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f4cff2a345300085e749e83fdd2d293cd11ffbbdf676bb85e138562086a06802
f53392704cf02f02579a8025ab504ccb8e4839c41d46d26ae2e4af2470025388
f9277b9df3a6c67516d0e50fe6cf6776db061180761389be53feff45aa5973f2
fb3eaa866d678149dc531dc97a20187777bff8e12ef4ba07fc74c45a8e24a927
fc5f8e1b07d49b9ad00a29debd289a89606bf67a8d23ab145ae92dc0170fe98b

cloudflarepoc.newsmax.com Open in urlscan Pro 2606:4700:3108::ac42:2bac Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

283 Requests

95 %HTTPS

53 %IPv6

54 Domains

84 Subdomains

68 IPs

9 Countries

3807 kBTransfer

10874 kBSize

35 Cookies

29 Outgoing links

Redirected requests

283 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cloudflarepoc.newsmax.com Open in urlscan Pro
2606:4700:3108::ac42:2bac Public Scan

Screenshot
Live screenshot

Full Image

283
Requests

95 %
HTTPS

53 %
IPv6

54
Domains

84
Subdomains

68
IPs

9
Countries

3807 kB
Transfer

10874 kB
Size

35
Cookies

283 HTTP transactions
1 data transactions