www.newspapers.com Open in urlscan Pro
2606:4700::6810:fb1d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.email.ancestry.com/u/?qs=85a2ec0fe80855af79a0100402077825e50560b4906d405d557630aee0bba3e485740ce26368b48867b586a1d1...
Effective URL:
https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%...
Submission: On March 16 via manual (March 16th 2024, 4:38:04 pm UTC) from US — Scanned from DE

Summary HTTP 55 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 55 HTTP transactions. The main IP is 2606:4700::6810:fb1d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.newspapers.com. The Cisco Umbrella rank of the primary domain is 90407.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2023. Valid for: a year.

This is the only time www.newspapers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.36.125 13.111.36.125	14340 (SALESFORCE) (SALESFORCE)
1 1	172.64.148.74 172.64.148.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700::68... 2606:4700::6810:fb1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	18.66.192.25 18.66.192.25	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
6	18.173.154.44 18.173.154.44	16509 (AMAZON-02) (AMAZON-02)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
55	9

1 13.111.36.125 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.email.ancestry.com

click.email.ancestry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.148.74 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.ancestry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6810:fb1d (United States)

ASN13335 (CLOUDFLARENET, US)

www.newspapers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 18.66.192.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-25.muc50.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.173.154.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-44.muc50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	privacy-mgmt.com cdn.privacy-mgmt.com — Cisco Umbrella Rank: 3888	270 KB
14	newspapers.com www.newspapers.com — Cisco Umbrella Rank: 90407	623 KB
9	stripe.com js.stripe.com — Cisco Umbrella Rank: 1265 r.stripe.com — Cisco Umbrella Rank: 1993	436 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 253	174 KB
3	gstatic.com fonts.gstatic.com	142 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1985	364 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	301 KB
2	ancestry.com 2 redirects click.email.ancestry.com — Cisco Umbrella Rank: 197440 www.ancestry.com — Cisco Umbrella Rank: 36850	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	2 KB
55	9

	Domain	Requested by
17	cdn.privacy-mgmt.com	www.newspapers.com cdn.privacy-mgmt.com
14	www.newspapers.com	www.newspapers.com
6	js.stripe.com	www.newspapers.com js.stripe.com
5	cdnjs.cloudflare.com	www.newspapers.com
3	fonts.gstatic.com	fonts.googleapis.com
3	region1.google-analytics.com	www.googletagmanager.com
3	r.stripe.com	js.stripe.com
3	www.googletagmanager.com	www.newspapers.com www.googletagmanager.com
1	fonts.googleapis.com	client
1	www.ancestry.com	1 redirects
1	click.email.ancestry.com	1 redirects
55	11

This site contains links to these domains. Also see Links.

Domain
blog.newspapers.com
twitter.com
www.facebook.com
www.instagram.com
www.ancestry.com
www.fold3.com
www.progenealogists.com
www.findagrave.com
www.weremember.com
petdna.ancestry.com
www.archives.com
www.geneanet.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
*.privacy-mgmt.com Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2024-03-06` - `2024-06-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%25off_Feb-2024&o_xid=134547&o_lid=134547&o_sch=Email+Campaigns
Frame ID: 1F028243DCD615DE9E7ED0F3B114FB18
Requests: 33 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-5c293a300a87a5772aefa8ffe6a3021f.html
Frame ID: F6F1C5972BC5DA7898250E68203348DA
Requests: 8 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/custom/index.html?hasCsp=true&message_id=1081406&preload_message=true&version=v1
Frame ID: E21FB27D804EAB884ADCF538901FC233
Requests: 4 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1039632&consentUUID=null&preload_message=true&version=v1
Frame ID: B099CCA185E0E9FE49130EDB6888AB0A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Choose a plan - Newspapers.com

Page URL History Show full URLs

https://click.email.ancestry.com/u/?qs=85a2ec0fe80855af79a0100402077825e50560b4906d405d557630aee0bba3e485740c... HTTP 302
https://www.ancestry.com/s134547/t49081/rd.ashx HTTP 302
https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USA... Page URL

Detected technologies

D3 (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

/d3(?:\. v\d+)?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

55
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

9
IPs

2
Countries

1949 kB
Transfer

7406 kB
Size

12
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.newspapers.com/
Title: Fish Wrap—The Newspapers.com Official Blog

Search URL Search Domain Scan URL

URL: https://twitter.com/_newspapers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newspaperscom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/newspaperscom

Search URL Search Domain Scan URL

URL: https://www.ancestry.com/c/legal/renewal-cancellation-terms
Title: Renewal and Cancellation Terms

Search URL Search Domain Scan URL

URL: https://www.ancestry.com/
Title: Ancestry®

Search URL Search Domain Scan URL

URL: https://www.ancestry.com/cs/legal/termsandconditions
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.ancestry.com/cs/legal/privacystatement
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.fold3.com/
Title: Fold3®

Search URL Search Domain Scan URL

URL: https://www.progenealogists.com/free-estimate/?n1001
Title: ProGeneologists

Search URL Search Domain Scan URL

URL: https://www.findagrave.com/
Title: Find a Grave®

Search URL Search Domain Scan URL

URL: https://www.weremember.com/
Title: WeRemember®

Search URL Search Domain Scan URL

URL: https://petdna.ancestry.com/products
Title: Dog DNA test

Search URL Search Domain Scan URL

URL: https://www.archives.com/?utm_source=newspapers.com&utm_medium=link&utm_campaign=newspapers.com+footer+links
Title: Archives.com

Search URL Search Domain Scan URL

URL: https://www.geneanet.org/
Title: Geneanet.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.email.ancestry.com/u/?qs=85a2ec0fe80855af79a0100402077825e50560b4906d405d557630aee0bba3e485740ce26368b48867b586a1d1baf29900359c5c802554dc69c9c4d15c98066a HTTP 302
https://www.ancestry.com/s134547/t49081/rd.ashx HTTP 302
https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%25off_Feb-2024&o_xid=134547&o_lid=134547&o_sch=Email+Campaigns Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request choose-a-plan Show response
www.newspapers.com/
Redirect Chain

https://click.email.ancestry.com/u/?qs=85a2ec0fe80855af79a0100402077825e50560b4906d405d557630aee0bba3e485740ce26368b48867b586a1d1baf29900359c5c802554dc69c9c4d15c98066a
https://www.ancestry.com/s134547/t49081/rd.ashx
https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%25off_Feb-2024&o_xid=134547&o_lid=134547&o_sch=Email+Campaigns

20 KB
7 KB

571ms
464ms

Document
text/html

2606:4700::6810:fb1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%25off_Feb-2024&o_xid=134547&o_lid=134547&o_sch=Email+Campaigns

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fb1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9170a1a89c64f413c2901f61a153a3c2cc1dd93751ac27056780dd74509e1919

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86562bc49e579741-FRA
content-encoding: br
content-language: de-DE
content-security-policy: frame-ancestors 'none';
content-type: text/html; charset=utf-8
date: Sat, 16 Mar 2024 16:37:59 GMT
etag: W/"5076-dJjsx/qQtX1kbLROPtKGtDHVXHs"
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Accept-Encoding

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 86562bc209d66a73-TXL
content-encoding: gzip
date: Sat, 16 Mar 2024 16:37:58 GMT
location: https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%25off_Feb-2024&o_xid=134547&o_lid=134547&o_sch=Email+Campaigns
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DFUUabusf4zhltNswRbu4fheuWO2sN26%2FqcPM3OqcHD6rvTA2hJCIxqbIIxmJc%2BC1T6fmpHu7c6PNWIsu07iNvg%2FhFsl7qW%2BOV7hex7O9o6G4CxgObU119E%2BAzVwnQljxEs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-response-time: 60.522822999999995
x-xss-protection: 1; mode=block

GET
H2 200 newspapers-theme-redwood.20e269ed984698fa38dd132a7ada6a65.css
www.newspapers.com/static/scss/hash/ 218 KB
40 KB 77ms
74ms Stylesheet
text/css 2606:4700::6810:fb1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newspapers.com/static/scss/hash/newspapers-theme-redwood.20e269ed984698fa38dd132a7ada6a65.css

Requested by

Host: www.newspapers.com
URL: https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%25off_Feb-2024&o_xid=134547&o_lid=134547&o_sch=Email+Campaigns

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fb1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c297a3d8446e110b7662f718e08cec39ffe0407df127ac8549dd8a7e3ec6d89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%25off_Feb-2024&o_xid=134547&o_lid=134547&o_sch=Email+Campaigns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:59 GMT
content-security-policy: frame-ancestors 'none';
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 81440
cf-polished: origSize=418449
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Mar 2024 16:41:08 GMT
server: cloudflare
etag: W/"66291-18e1ef098a0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400, immutable
cf-ray: 86562bc78ad69741-FRA

GET
H2 200 commerce.bundle.77c252ea3878cff94b7fd9da1a4373aa.css
www.newspapers.com/static/scss/hash/ 8 KB
2 KB 71ms
69ms Stylesheet
text/css 2606:4700::6810:fb1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newspapers.com/static/scss/hash/commerce.bundle.77c252ea3878cff94b7fd9da1a4373aa.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fb1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bca6d09b8ca54865810034f7ed380e4354945dce252d046f29b43ffd92522b96

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%25off_Feb-2024&o_xid=134547&o_lid=134547&o_sch=Email+Campaigns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:59 GMT
content-security-policy: frame-ancestors 'none';
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
age: 76142
cf-polished: origSize=14732
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Mar 2024 16:41:08 GMT
server: cloudflare
etag: W/"398c-18e1ef098a0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400, immutable
cf-ray: 86562bc78add9741-FRA

GET
H2 200 react.production.min.js Show response
cdnjs.cloudflare.com/ajax/libs/react/18.1.0/umd/ 10 KB
4 KB 139ms
51ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/react/18.1.0/umd/react.production.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d9ed11080ad8f77c16c19899d56a20b959f6012ea876c87adc4461b7dee6908

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 254216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3749
last-modified: Tue, 26 Apr 2022 22:39:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6268748d-ea5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zT%2FTS0VsV%2FR0ceH%2B1PJfg1yvcf%2Byq8Nlu%2BImHRbfB8dr4gR5wUf5WBhnEaxaN2Zb1ORrWkmw00RbJVKVoVox%2FdBk2xO0WaUPi%2FqwOkbIIb%2B1bUaOXqgIAL7pfw0r80hL7Yk13F%2BUkRFW48gq%2Bnd9duJk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86562bc818b9926d-FRA
expires: Thu, 06 Mar 2025 16:37:59 GMT

GET
H2 200 react-dom.production.min.js Show response
cdnjs.cloudflare.com/ajax/libs/react-dom/18.1.0/umd/ 129 KB
37 KB 178ms
90ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/react-dom/18.1.0/umd/react-dom.production.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05e96d5d177d834a1cad34c74c79352f0df883f5b2f32aca33443219c3547e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 249074
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37151
last-modified: Wed, 27 Apr 2022 04:04:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6268c0d0-911f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J8zJzvsQAkvK%2BkgyV7XJEWYMAe%2FgSGRR6NVaieGy2SYkr8GekL6FiPf674m1ClSMVEIvrX6KJlA2MoAXvnUrjgX8MoEjwclj52pZumNsnOiA%2FTAIMgqyWy08GD%2F0oCZlxmB9Sht1eAWKVJ30DmaaMidA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86562bc818bb926d-FRA
expires: Thu, 06 Mar 2025 16:37:59 GMT

GET
H2 200 d3.min.js Show response
cdnjs.cloudflare.com/ajax/libs/d3/5.15.1/ 242 KB
67 KB 139ms
52ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/d3/5.15.1/d3.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49027f9c260f5c53eeaa84b9e847e77ac0c13cd8a2b6774e21f37659d3d18bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 263054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 68309
last-modified: Mon, 04 May 2020 16:09:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2f-3c825"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KYXsy6b4n8TMnUmjeI%2FSZYC9Sbp1a381%2F2xwVvH9f1uhlfa14LxPigMlFtZmMD6bwCtp%2Fbeoj%2B6MYST2l6d1MHq43jsaaAeap2SyRBFmS1VXXZSmvdqo%2FRa2bt3VqqqnrhVrt%2BMmc1etPqS504jpOPs%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86562bc818b3926d-FRA
expires: Thu, 06 Mar 2025 16:37:59 GMT

GET
H2 200 reactstrap.full.min.js Show response
cdnjs.cloudflare.com/ajax/libs/reactstrap/8.4.1/ 143 KB
33 KB 135ms
48ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/reactstrap/8.4.1/reactstrap.full.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22802ac9172bd389d500747636924daead69f96f057b24e84bf525c7a9f1320d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 254216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33532
last-modified: Mon, 04 May 2020 16:15:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fbe-23ca4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6MAWKaAjb3rr%2Bf7CXthssRpfmB97wdgLvYF7Vqn6annlZ6RM8UcO2%2BpF%2BRo2LQ%2BzeUI%2BF9O0A8HJ2uRYnnrZ2QBhdOdBHC0Sx9jkuhS6dTiqCmwVqvIoZyxJGRY6LHk4HoKCN%2FKDQeNwITksav8wGbq9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86562bc818b5926d-FRA
expires: Thu, 06 Mar 2025 16:37:59 GMT

GET
H2 200 mobx.umd.js Show response
cdnjs.cloudflare.com/ajax/libs/mobx/4.15.4/ 198 KB
33 KB 177ms
90ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mobx/4.15.4/mobx.umd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d9471a13b288e7a31b5fdd228558ca4d5377594e50becce9ffaa0bd4d59e32a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 254216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33694
last-modified: Mon, 29 Jun 2020 22:35:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5efa6cce-316b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ebbdjJjvwnDXZH%2Fxdj8wCHcKBZRKoe%2FCYrTP%2FAyAqr2OmuYFJ1MzXonxDFGSasnCn5YUMGkQSuW7l4%2BrQH34Kgoej9c6lECB5Js5QVob4JzMjI%2B4Vq82wfk6C42dfNhekuquCF0ae3Vspvz1%2FtMc2jiw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86562bc818b8926d-FRA
expires: Thu, 06 Mar 2025 16:37:59 GMT

GET
H2 200 vendors.bundle.fa20a0ab6d633cdb7041.js Show response
www.newspapers.com/static/js/ 2 MB
493 KB 116ms
115ms Script
application/javascript 2606:4700::6810:fb1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newspapers.com/static/js/vendors.bundle.fa20a0ab6d633cdb7041.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fb1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a7c2034afdde4e7fa4849918a81ea9a30ada7cbcff80d3f3744b63a8d0bc6e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%25off_Feb-2024&o_xid=134547&o_lid=134547&o_sch=Email+Campaigns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'none';
last-modified: Fri, 08 Mar 2024 16:42:46 GMT
server: cloudflare
cf-cache-status: HIT
age: 81440
etag: W/"208b3b-18e1ef21770"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400, immutable
cf-ray: 86562bc78ae49741-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 commerce.bundle.c1f73bbea86590655225.js Show response
www.newspapers.com/static/js/ 153 KB
32 KB 82ms
81ms Script
application/javascript 2606:4700::6810:fb1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newspapers.com/static/js/commerce.bundle.c1f73bbea86590655225.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fb1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6527376efb6bd7e8cf76e917a67fc608da4627ae1cfc75fae39f9e46e5a9349

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%25off_Feb-2024&o_xid=134547&o_lid=134547&o_sch=Email+Campaigns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'none';
last-modified: Fri, 08 Mar 2024 16:42:46 GMT
server: cloudflare
cf-cache-status: HIT
age: 79869
etag: W/"262c1-18e1ef21770"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400, immutable
cf-ray: 86562bc78ae89741-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sourcepoint.js Show response
www.newspapers.com/static/js/consent/ 6 KB
2 KB 68ms
67ms Script
application/javascript 2606:4700::6810:fb1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newspapers.com/static/js/consent/sourcepoint.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fb1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f496ef87585b30dea6ec3340959d43352de9a367aedb2d274b46c949d168123

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%25off_Feb-2024&o_xid=134547&o_lid=134547&o_sch=Email+Campaigns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'none';
last-modified: Fri, 08 Mar 2024 16:37:15 GMT
server: cloudflare
cf-cache-status: HIT
age: 134
etag: W/"1906-18e1eed0a78"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=900
cf-ray: 86562bc78aee9741-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cdn.privacy-mgmt.com/unified/ 125 KB
38 KB 308ms
61ms Script
text/javascript 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by: Host: www.newspapers.com
URL: https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%25off_Feb-2024&o_xid=134547&o_lid=134547&o_sch=Email+Campaigns
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-25.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de717fb14f0ec63d600e4795bf8c043c2255e22b7bf3b8a028f99e930bd5bd2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:12:03 GMT
content-encoding: gzip
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified: Thu, 07 Mar 2024 19:22:23 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 1557
x-amz-server-side-encryption: AES256
etag: W/"2506e0de6c35f7b0b834a46ce9de584b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: I3_HGVbeiTL12pmmU8zJOKtX8OKdIuHHh89cIDpOFuAIGlivgQoEKw==

GET
H3 200 logo-lg.png
www.newspapers.com/i/ 8 KB
8 KB 57ms
56ms Image
image/png 2606:4700::6810:fb1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newspapers.com/i/logo-lg.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:fb1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c01e9574f456527c085343f708d3472b8341a0eaf5c0d9d032bb932012c1e523

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%25off_Feb-2024&o_xid=134547&o_lid=134547&o_sch=Email+Campaigns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
last-modified: Fri, 15 Mar 2024 17:36:57 GMT
server: cloudflare
age: 81582
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 86562bc82e0c37eb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7941

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 415 KB
112 KB 283ms
197ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N6D6HQR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4f131fc08809b2ad2ed0977c75bb0e4883a974774458febc45435f0f2539d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114619
x-xss-protection: 0
last-modified: Sat, 16 Mar 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 16 Mar 2024 16:37:59 GMT

GET
H3 200 logo-endorsed.svg
www.newspapers.com/static/i/ 8 KB
4 KB 221ms
221ms Image
image/svg+xml 2606:4700::6810:fb1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newspapers.com/static/i/logo-endorsed.svg

Requested by

Host: www.newspapers.com
URL: https://www.newspapers.com/static/scss/hash/newspapers-theme-redwood.20e269ed984698fa38dd132a7ada6a65.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:fb1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbd272d23bb18786ecacff1953875fe4be5d08f328ba1d9659b4a7c528d8a3a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/static/scss/hash/newspapers-theme-redwood.20e269ed984698fa38dd132a7ada6a65.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'none';
last-modified: Fri, 08 Mar 2024 16:37:15 GMT
server: cloudflare
cf-cache-status: HIT
age: 81440
etag: W/"21de-18e1eed0a78"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 86562bc82e1137eb-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 global-sprite.png
www.newspapers.com/i/ 7 KB
8 KB 224ms
224ms Image
image/png 2606:4700::6810:fb1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newspapers.com/i/global-sprite.png

Requested by

Host: www.newspapers.com
URL: https://www.newspapers.com/static/scss/hash/newspapers-theme-redwood.20e269ed984698fa38dd132a7ada6a65.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:fb1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b73d664affb760285b268273d2b89319bd46de24c3b902fd97b07bc2c675a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/static/scss/hash/newspapers-theme-redwood.20e269ed984698fa38dd132a7ada6a65.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
last-modified: Fri, 15 Mar 2024 17:36:57 GMT
server: cloudflare
age: 81440
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 86562bc82e1237eb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7630

GET
H3 200 newsicons-regular.woff
www.newspapers.com/i/ 9 KB
9 KB 57ms
57ms Font
font/woff 2606:4700::6810:fb1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newspapers.com/i/newsicons-regular.woff

Requested by

Host: www.newspapers.com
URL: https://www.newspapers.com/static/scss/hash/newspapers-theme-redwood.20e269ed984698fa38dd132a7ada6a65.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:fb1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edf427faf06b0f84a991d77d44610d9c72702d0fe73f57e9a117a39c622a980

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.newspapers.com/static/scss/hash/newspapers-theme-redwood.20e269ed984698fa38dd132a7ada6a65.css
Origin: https://www.newspapers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
last-modified: Fri, 15 Mar 2024 17:36:57 GMT
server: cloudflare
age: 1831
etag: "2438-613b674558040"
vary: Origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.newspapers.com
accept-ranges: bytes
cf-ray: 86562bc82e1337eb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9272

GET
H2 200 v3 Show response
js.stripe.com/ 607 KB
149 KB 157ms
47ms Script
text/javascript 18.173.154.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3?advancedFraudSignals=false

Requested by

Host: www.newspapers.com
URL: https://www.newspapers.com/static/js/vendors.bundle.fa20a0ab6d633cdb7041.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-44.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ac2c4bbfdc4d97a96933a2ce6f70595647dd14c3bb0d615d1eca584ee94eff89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:37:20 GMT
content-encoding: br
via: 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 41
x-amz-cf-pop: MUC50-P3
x-cache: Hit from cloudfront
last-modified: Fri, 15 Mar 2024 20:44:22 GMT
server: Cloudfront
etag: W/"e8391a90a0fef1030cf17b46eef28b61"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: o4EaUqSL05QIgWtSAmdIXYYIVApWHgBpMeELo6ePk0sPjeveovgCLA==

GET
H3 200 aj_getUserProps Show response
www.newspapers.com/userops/ 35 B
280 B 441ms
441ms XHR
application/json 2606:4700::6810:fb1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newspapers.com/userops/aj_getUserProps?props=payment-processor

Requested by

Host: www.newspapers.com
URL: https://www.newspapers.com/static/js/vendors.bundle.fa20a0ab6d633cdb7041.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:fb1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a979f2ad131a73e7208e211e3f2e6aca84591b79c7675aaa659b5ca717102b3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%25off_Feb-2024&o_xid=134547&o_lid=134547&o_sch=Email+Campaigns
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:38:00 GMT
content-security-policy: frame-ancestors 'none';
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json
cf-ray: 86562bca58c937eb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 35

GET
H3 200 offer Show response
www.newspapers.com/api/subscription/ 1 KB
539 B 448ms
448ms XHR
application/json 2606:4700::6810:fb1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newspapers.com/api/subscription/offer?productId=1

Requested by

Host: www.newspapers.com
URL: https://www.newspapers.com/static/js/vendors.bundle.fa20a0ab6d633cdb7041.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:fb1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0037d786830066fce1690ea1cdb4b90458edabacc1491d74c25e4c8a0f3aefe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.newspapers.com/choose-a-plan?xid=5989&utm_source=ancestry&utm_medium=email&utm_campaign=USAncestryCrossSell_30%25off_Feb-2024&o_xid=134547&o_lid=134547&o_sch=Email+Campaigns
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:38:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"572-oPNJkX4hFfyp2/Wq8gy2LM/5Ve4"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 86562bcaa91f37eb-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 custom.86001075327c606ce2ee.bundle.js Show response
cdn.privacy-mgmt.com/unified/4.18.0/ 8 KB
3 KB 40ms
40ms Script
text/javascript 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/4.18.0/custom.86001075327c606ce2ee.bundle.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-25.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6af5c50fda024dcf9bdbc2c4ce1af27432795195bcd4241c809c288c79f1bc95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 15:27:07 GMT
content-encoding: br
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified: Tue, 27 Feb 2024 20:35:10 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 1386654
etag: W/"1695f9f39b9250b71a3f43dbf6a2644e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: ERsaH9XBc27pTLLKge6i-EUzDr6bb_7DvoKQh7V9qzldlDcb14Cecw==

GET
H2 200 gdpr-tcf.d303699d85882226ea37.bundle.js Show response
cdn.privacy-mgmt.com/unified/4.18.0/ 135 KB
22 KB 49ms
49ms Script
text/javascript 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/4.18.0/gdpr-tcf.d303699d85882226ea37.bundle.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-25.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9cf689f854a05cb7268843a7baed22d60b004cb943fcb8e3070b75811338a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 15:25:45 GMT
content-encoding: br
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified: Tue, 27 Feb 2024 20:35:10 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 1386736
etag: W/"aa2e5e758a2dbf86afc3db0d4f67fc3c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: kqV8X__ZmipqZYHwvtdO92-03_6EAL8nlJKa4tP9koymIocz2zEUVQ==

GET
H2 200 usnat.ca3821c13a088437c734.bundle.js Show response
cdn.privacy-mgmt.com/unified/4.18.0/ 183 KB
23 KB 64ms
63ms Script
text/javascript 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/4.18.0/usnat.ca3821c13a088437c734.bundle.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-25.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7db48b336c3b55636834c1b901ee03f6fd7d991f4467e34d32a9cf4b30218c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 15:27:10 GMT
content-encoding: br
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified: Tue, 27 Feb 2024 20:35:10 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 1386651
etag: W/"f56e1c0b94e372e9915a5e89e9c1e71a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: FihSTV47yiIPEqsVWcO7TN0h6Pjs5SQS_D-QDs9Fs65mDDS10jMCSA==

GET
H2 200 get_site_data Show response
cdn.privacy-mgmt.com/mms/v2/ 205 B
621 B 129ms
50ms XHR
application/javascript 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.newspapers.com&account_id=1726

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-25.muc50.r.cloudfront.net

Software

Resource Hash

36d306717e99f4b309cd761a4d880839680efc3c77215857afa991423b184e82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:58:27 GMT
strict-transport-security: max-age=15552000; includeSubdomains
x-sp-mms-node: ip-10-128-37-103
via: 1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 67173
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=3600, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: Q_oy-Ei-prXMpNYXWbKZAWiBDCtIuF4HvhKSXsIdeQDXzTp1Z0oNPA==

GET
H2 200 meta-data Show response
cdn.privacy-mgmt.com/wrapper/v2/ 449 B
978 B 166ms
166ms XHR
application/json 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=1726&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%2C%22usnat%22%3A%7B%7D%7D&propertyId=21926&ch=null&scriptVersion=4.18.0&scriptType=unified

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-25.muc50.r.cloudfront.net

Software

/ Express

Resource Hash

9ea8c9c20b53594652705408edd7c521840012efc0ebc67ac806ac2b75213587

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:38:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=3600, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length: 449
x-amz-cf-id: ogcFiRbm0jy49YzNUb55TPGO1W0t2XW6Xw9JbIlATH55XsYZzxnKpQ==

GET
H2 200 controller-5c293a300a87a5772aefa8ffe6a3021f.html Show response
js.stripe.com/v3/ Frame F6F1 325 B
1 KB 42ms
42ms Document
text/html 18.173.154.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-5c293a300a87a5772aefa8ffe6a3021f.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3?advancedFraudSignals=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-44.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7b051da0285550b76e92c54525f4e18ebb090d5174eccd4451612e9f864b0bed

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newspapers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 39
cache-control: max-age=60, stale-while-revalidate=900
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 16 Mar 2024 16:38:00 GMT
etag: "5c293a300a87a5772aefa8ffe6a3021f"
last-modified: Fri, 15 Mar 2024 20:04:52 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront)
x-amz-cf-id: vHWRqEDyX5YiwP2lfhwTu_YNu-21yXy9-TpObNA5SvTTmzuysZW3rg==
x-amz-cf-pop: MUC50-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 shared-0df839a82322161cb8c3200c5b2f353b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F6F1 537 KB
118 KB 74ms
74ms Script
text/javascript 18.173.154.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-0df839a82322161cb8c3200c5b2f353b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-5c293a300a87a5772aefa8ffe6a3021f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-44.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c52d29cf9b43eec4fb9f3871c2dbd8c1ddd2609f8f2ccc9c497d6578aceddcdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-5c293a300a87a5772aefa8ffe6a3021f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:07:24 GMT
content-encoding: br
via: 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1880
x-amz-cf-pop: MUC50-P3
x-cache: Hit from cloudfront
last-modified: Fri, 15 Mar 2024 20:05:06 GMT
server: Cloudfront
etag: W/"23a5a9719c87c307e6c6a67ed8989a20"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: A3TK6FpJE0eGMcZcmniEghlfiSoawdm-uxY-b1VsDIEnsNtu6amKGA==

GET
H2 200 controller-6b2e460fa0ab794d74135ee18a8a0a3d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F6F1 706 KB
166 KB 44ms
44ms Script
text/javascript 18.173.154.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-6b2e460fa0ab794d74135ee18a8a0a3d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-5c293a300a87a5772aefa8ffe6a3021f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-44.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0d99cc60b0e046aa0fb9aa6229148a687fc2cbe5cd9012f9900ad18f81043e97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-5c293a300a87a5772aefa8ffe6a3021f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:07:24 GMT
content-encoding: br
via: 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1880
x-amz-cf-pop: MUC50-P3
x-cache: Hit from cloudfront
last-modified: Fri, 15 Mar 2024 20:05:03 GMT
server: Cloudfront
etag: W/"426005bb37222ff2de00052259ab8688"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BE5fjsbMGjK5ggI6TJryE8I7MqWvsdPHpHYqFR1l72RqMFhYb4gc0w==

GET
H2 200 messages Show response
cdn.privacy-mgmt.com/wrapper/v2/ 28 KB
7 KB 195ms
195ms XHR
application/json 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1726%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22custom%22%3A%7B%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%2C%22usnat%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.newspapers.com%22%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%2C%22usnat%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=439997896442146896af514442970011660&scriptVersion=4.18.0&scriptType=unified

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-25.muc50.r.cloudfront.net

Software

/ Express

Resource Hash

0c4bb86021bbc4596098072deea2d27bb8861b70382958582af6b60f61111cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:38:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=1200
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: GemrgOJdmUCYSNG8rdwkGrdYTUKHXMbvFP3u58xwnL96JnJyNtaV7Q==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame F6F1 474 B
918 B 126ms
43ms Fetch
application/json 18.173.154.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0df839a82322161cb8c3200c5b2f353b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-44.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e161acf399045c017dd5b7dfdf175bba0fad329efb693926d4685578f7e2f5c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-5c293a300a87a5772aefa8ffe6a3021f.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 16 Mar 2024 16:38:00 GMT
via: 1.1 fe6d656eba9969a63bb94889f81e9bf8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 17
x-amz-cf-pop: MUC50-P3
x-cache: Hit from cloudfront
content-length: 474
last-modified: Fri, 15 Mar 2024 20:44:23 GMT
server: Cloudfront
etag: "e7015b66977a1d113a6ea1705cfad9cc"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: mWHv5wyw9lWwJkzm-ksv8OILorfW-wMovJLv3-3g8_rQyPTK-9NJoQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame F6F1 474 B
918 B 117ms
42ms Fetch
application/json 18.173.154.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0df839a82322161cb8c3200c5b2f353b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-44.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e161acf399045c017dd5b7dfdf175bba0fad329efb693926d4685578f7e2f5c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-5c293a300a87a5772aefa8ffe6a3021f.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 16 Mar 2024 16:38:00 GMT
via: 1.1 fe6d656eba9969a63bb94889f81e9bf8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 17
x-amz-cf-pop: MUC50-P3
x-cache: Hit from cloudfront
content-length: 474
last-modified: Fri, 15 Mar 2024 20:44:23 GMT
server: Cloudfront
etag: "e7015b66977a1d113a6ea1705cfad9cc"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: qnOXoStCr67L6_DHm-y34P9PJhiKJCO9v1szlpdpTXkZ52QrQSO7eQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
93 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4QT8FMEX30&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6D6HQR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

237d88f081dcae964e24766ec5295e1d562ee4edd0e2967d72a3e875085e152c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:38:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95575
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 16 Mar 2024 16:38:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
96 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7T5H12SHSY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6D6HQR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

091cd5db0726bc9b7700202aa77fc7a54b3f7f74367e8684f338dc39f494eab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:38:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97744
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 16 Mar 2024 16:38:00 GMT

GET
H3 200 newsboys.jpg
www.newspapers.com/i/ 15 KB
15 KB 433ms
433ms Image
image/jpeg 2606:4700::6810:fb1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newspapers.com/i/newsboys.jpg

Requested by

Host: www.newspapers.com
URL: https://www.newspapers.com/static/scss/hash/commerce.bundle.77c252ea3878cff94b7fd9da1a4373aa.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:fb1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9e6f6b216914d262d7308f66cf9f3c15c8df51ff8cf9e12aedbc74b2c7a17aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/static/scss/hash/commerce.bundle.77c252ea3878cff94b7fd9da1a4373aa.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:38:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Fri, 15 Mar 2024 17:36:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 86562bcd9d6237eb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15497

GET
H3 200 pfray.png
www.newspapers.com/i/ 1 KB
1 KB 59ms
59ms Image
image/png 2606:4700::6810:fb1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newspapers.com/i/pfray.png

Requested by

Host: www.newspapers.com
URL: https://www.newspapers.com/static/scss/hash/newspapers-theme-redwood.20e269ed984698fa38dd132a7ada6a65.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:fb1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aad7f3010486df22824c28328374e631865d82bb1d963b056a3c3001755ed3f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/static/scss/hash/newspapers-theme-redwood.20e269ed984698fa38dd132a7ada6a65.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:38:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
last-modified: Fri, 15 Mar 2024 17:36:57 GMT
server: cloudflare
age: 81440
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 86562bcd9d6437eb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1286

POST
H2 200 b Show response
r.stripe.com/ Frame F6F1 0
272 B 664ms
215ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0df839a82322161cb8c3200c5b2f353b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 16 Mar 2024 16:38:01 GMT
x-stripe-server-envoy-start-time-us: 1710607081155173
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1710607081154918
access-control-allow-credentials: true
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 146ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7T5H12SHSY&gtm=45je43d0v9117606710z8831879219za200&_p=1710607079679&gcs=G100&gcd=13q3p3m2m5&npa=1&dma_cps=-&dma=1&tcfd=1064b&cid=19394647.1710607081&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&_s=1&uid=not%20logged-in&sid=1710607080&sct=1&seg=0&dl=https%3A%2F%2Fwww.newspapers.com%2Fchoose-a-plan%3Fxid%3D5989%26utm_source%3Dancestry%26utm_medium%3Demail%26utm_campaign%3DUSAncestryCrossSell_30%2525off_Feb-2024%26o_xid%3D134547%26o_lid%3D134547%26o_sch%3DEmail%2BCampaigns&dt=Choose%20a%20plan%20-%20Newspapers.com&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_name=choose%20a%20plan%20%3A%20choose%20a%20plan%20-%20newspapers.com&ep.country_code=de&ep.page_name_tier_2=&ep.page_name_tier_3=&ep.page_type=&ep.subscription_status=non-subscribed&ep.subscription_tenure=non-subscribed&ep.subscription_type=non-subscribed&ep.subdomain_id=1&up.user_status=guest&tfd=2721
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7T5H12SHSY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Mar 2024 16:38:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newspapers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
cdn.privacy-mgmt.com/custom/ Frame E21F 5 KB
2 KB 41ms
41ms Document
text/html 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/custom/index.html?hasCsp=true&message_id=1081406&preload_message=true&version=v1
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-25.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85f9aa47569f756989d76c071795d42c4c95b01298185c6a08fdbb49f1e53382

Request headers

Referer: https://www.newspapers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2029
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html
date: Sat, 16 Mar 2024 16:04:14 GMT
etag: W/"9117f48e5c94666301f0c53182c0922b"
last-modified: Thu, 08 Feb 2024 15:59:41 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
x-amz-cf-id: jKipcvArxk4auTaQd6MNa96t93OXXVSJGUyRCsb9DJaIVn2x8vQ6ig==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 index.html Show response
cdn.privacy-mgmt.com/ Frame B099 5 KB
2 KB 39ms
39ms Document
text/html 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1039632&consentUUID=null&preload_message=true&version=v1
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-25.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 598c62ec0d4a4b800c2a2ce698931f524171cf10d31e3aa351fb771adb9b6811

Request headers

Referer: https://www.newspapers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2171
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html
date: Sat, 16 Mar 2024 16:01:50 GMT
etag: W/"eac55f63ed5eaccbb9a8ab361225ec7b"
last-modified: Thu, 08 Feb 2024 15:59:41 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
x-amz-cf-id: zsJnURilvpNd8rKLHWXVAJqy1d450KSUL4BQVHNDtPvrSKMyx_rFSA==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 Notice.c6498.css
cdn.privacy-mgmt.com/ Frame B099 34 KB
6 KB 42ms
41ms Stylesheet
text/css 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Notice.c6498.css
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1039632&consentUUID=null&preload_message=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-25.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78b435cd47263da5359608172fe71c285cc5e11e012148eb6126ce32ab36137c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1039632&consentUUID=null&preload_message=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:02:18 GMT
content-encoding: gzip
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2024 15:59:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2143
x-amz-server-side-encryption: AES256
etag: W/"449822fce3259c38744ce3adb53a8d44"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
x-amz-cf-id: DJrOIp1PdUSJDSTnRl4BSQ6lEzT0hvaKSiTI8pOYSnJkQ_oXEUwGaQ==

GET
H2 200 polyfills.b0798.js Show response
cdn.privacy-mgmt.com/ Frame B099 5 KB
2 KB 43ms
42ms Script
text/javascript 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/polyfills.b0798.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1039632&consentUUID=null&preload_message=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-25.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1039632&consentUUID=null&preload_message=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 15:47:39 GMT
content-encoding: gzip
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2024 15:59:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 3022
x-amz-server-side-encryption: AES256
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: f44IWfF3JOjWMIDQMP454aG9T-WUhlrk1yxnNoPENHrvHLhE20A8Tw==

GET
H2 200 Notice.cd634.js Show response
cdn.privacy-mgmt.com/ Frame B099 291 KB
76 KB 51ms
50ms Script
text/javascript 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Notice.cd634.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1039632&consentUUID=null&preload_message=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-25.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1b0dcf1415a4eba4b21af3df4f1371f97daea7a418169504300cb877aa37983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1039632&consentUUID=null&preload_message=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:36:24 GMT
content-encoding: gzip
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2024 15:59:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 97
x-amz-server-side-encryption: AES256
etag: W/"a0f110214ff2fcbc3617a9fac4cd2d66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: AJxz4T-V9VEOdhrgjL9iLkIqo4WDqNKpTRQqFSztJYdTpjn7eKzTVA==

GET
H2 200 Custom.318f9.css
cdn.privacy-mgmt.com/ Frame E21F 34 KB
6 KB 92ms
91ms Stylesheet
text/css 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Custom.318f9.css
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/custom/index.html?hasCsp=true&message_id=1081406&preload_message=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-25.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1d557bf697c5628a51521eadb53c02f59b6a31d837e7bed1c3ef67ea92c7c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/custom/index.html?hasCsp=true&message_id=1081406&preload_message=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:03:33 GMT
content-encoding: gzip
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2024 15:59:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2072
x-amz-server-side-encryption: AES256
etag: W/"acd3f3600cf8fd3be81db7ffc4e9b88c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
x-amz-cf-id: UZ4uDXAHWb0Mea_vn1O7gGYM6Q66DCjMrOPaN-s4TReC4f8IVmTqHQ==

GET
H2 200 polyfills.b0798.js Show response
cdn.privacy-mgmt.com/ Frame E21F 5 KB
2 KB 77ms
77ms Script
text/javascript 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/polyfills.b0798.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/custom/index.html?hasCsp=true&message_id=1081406&preload_message=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-25.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/custom/index.html?hasCsp=true&message_id=1081406&preload_message=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 15:47:39 GMT
content-encoding: gzip
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2024 15:59:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 3022
x-amz-server-side-encryption: AES256
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: Z5PWOO1oxFMUeodE3N9_VJ6RcevvVYNSz_L7uP4iuGkF_aCb17EiPw==

GET
H2 200 Custom.8a1d3.js Show response
cdn.privacy-mgmt.com/ Frame E21F 289 KB
76 KB 83ms
83ms Script
text/javascript 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Custom.8a1d3.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/custom/index.html?hasCsp=true&message_id=1081406&preload_message=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-25.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 705ad97c21908c9cb54de43dffcd5e088b7aa538a6eaa6af8e3c841dc7291e73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/custom/index.html?hasCsp=true&message_id=1081406&preload_message=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 15:56:12 GMT
content-encoding: gzip
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2024 15:59:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2516
x-amz-server-side-encryption: AES256
etag: W/"9e00effea26098d9d5c318e866afef96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: c8ByoPnEV2N5JUlBjFNY377ELs1TnzKsDhq1yNMS8Y_YsarwAIkJjA==

GET
H2 200 categories Show response
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame B099 3 KB
2 KB 72ms
72ms Fetch
application/json 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=21926

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/Notice.cd634.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-25.muc50.r.cloudfront.net

Software

Resource Hash

f8c350ba501d916cb2ae8f2a6af53cb64a11c530598d1f9051e680ccc979c5bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1039632&consentUUID=null&preload_message=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:38:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: sjowPB98bZbTye8KMbMb4JJRdYAL-H8VhoJZiwsbGWOqY7PTbbMkSw==

GET
H2 200 css
fonts.googleapis.com/ Frame B099 17 KB
2 KB 136ms
49ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 16 Mar 2024 16:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 16 Mar 2024 15:22:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Mar 2024 16:38:00 GMT

GET
H2 200 categories Show response
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame B099 3 KB
2 KB 54ms
54ms Fetch
application/json 18.66.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=21926&consentLanguage=en

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/Notice.cd634.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-25.muc50.r.cloudfront.net

Software

Resource Hash

f8c350ba501d916cb2ae8f2a6af53cb64a11c530598d1f9051e680ccc979c5bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1039632&consentUUID=null&preload_message=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 16:38:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: v5Sjv5BdGhgALQWHI3JndEwpSyRXi4SxvgpQxaYxj9kSjxfxoEClHA==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame B099 47 KB
48 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cdn.privacy-mgmt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 402428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 00:50:53 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame B099 47 KB
47 KB 170ms
83ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cdn.privacy-mgmt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 402428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 00:50:53 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame B099 47 KB
47 KB 195ms
110ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cdn.privacy-mgmt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 402428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 00:50:53 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 47ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4QT8FMEX30&gtm=45je43d0v883683272z8831879219za200&_p=1710607079679&gcs=G100&gcd=13q3p3m2m5&npa=1&dma_cps=-&dma=1&tcfd=1064b&cid=19394647.1710607081&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&_s=1&uid=not%20logged-in&sid=1710607081&sct=1&seg=0&dl=https%3A%2F%2Fwww.newspapers.com%2Fchoose-a-plan%3Fxid%3D5989%26utm_source%3Dancestry%26utm_medium%3Demail%26utm_campaign%3DUSAncestryCrossSell_30%2525off_Feb-2024%26o_xid%3D134547%26o_lid%3D134547%26o_sch%3DEmail%2BCampaigns&dt=Choose%20a%20plan%20-%20Newspapers.com&en=view_item_list&_fv=1&_ss=1&pr1=lp0~id5~nmPublisher%20Extra~af~k0currency~v0usd~ds0~brnewspaper~camonthly~li5~lnPublisher%20Extra~pr19.90~qt1&pr2=lp1~id5~nmPublisher%20Extra~af~k0currency~v0usd~ds0~brnewspaper~casemiannual~li5~lnPublisher%20Extra~pr74.90~qt1&ep.page_name=choose%20a%20plan%20%3A%20choose%20a%20plan%20-%20newspapers.com&ep.country_code=de&ep.page_name_tier_2=&ep.page_name_tier_3=&ep.page_type=&ep.subscription_status=non-subscribed&ep.subscription_tenure=non-subscribed&ep.subscription_type=non-subscribed&ep.subdomain_id=1&up.user_status=guest&tfd=3613
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4QT8FMEX30&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Mar 2024 16:38:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newspapers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 46ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7T5H12SHSY&gtm=45je43d0v9117606710za200&_p=1710607079679&gcs=G100&gcd=13q3p3m2m5&npa=1&dma_cps=-&dma=1&tcfd=1064b&cid=19394647.1710607081&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&_eu=AEA&_s=2&uid=not%20logged-in&sid=1710607080&sct=1&seg=0&dl=https%3A%2F%2Fwww.newspapers.com%2Fchoose-a-plan%3Fxid%3D5989%26utm_source%3Dancestry%26utm_medium%3Demail%26utm_campaign%3DUSAncestryCrossSell_30%2525off_Feb-2024%26o_xid%3D134547%26o_lid%3D134547%26o_sch%3DEmail%2BCampaigns&dt=Choose%20a%20plan%20-%20Newspapers.com&en=scroll&ep.page_name=choose%20a%20plan%20%3A%20choose%20a%20plan%20-%20newspapers.com&ep.country_code=de&ep.page_name_tier_2=&ep.page_name_tier_3=&ep.page_type=&ep.subscription_status=non-subscribed&ep.subscription_tenure=non-subscribed&ep.subscription_type=non-subscribed&ep.subdomain_id=1&epn.percent_scrolled=90&_et=1&tfd=3616
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7T5H12SHSY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newspapers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Mar 2024 16:38:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newspapers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame F6F1 0
272 B 214ms
214ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0df839a82322161cb8c3200c5b2f353b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 16 Mar 2024 16:38:01 GMT
x-stripe-server-envoy-start-time-us: 1710607081704738
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1710607081704247
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame F6F1 0
271 B 218ms
217ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0df839a82322161cb8c3200c5b2f353b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 16 Mar 2024 16:38:01 GMT
x-stripe-server-envoy-start-time-us: 1710607081709132
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1710607081707750
access-control-allow-credentials: true
content-length: 0

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ancestry.com/	1970-01-21 04:46:07	Name: SOURCES Value: O_SCH=Email%20Campaigns&XID=134547&XDD=03%2F16%2F2024+10%3A37%3A58&XDST=49081
.ancestry.com/	1970-01-21 04:46:07	Name: VARSESSION Value: SOURCES=XID%3D134547%26XDD%3D03%252F16%252F2024%2B10%253A37%253A58&S=pZezf0eBVUqtv0qbw%2FRsrA%3D%3D&SLI=0&ITT=0
.ancestry.com/	1970-01-21 04:46:07	Name: TI.SI Value: 0
.ancestry.com/	1970-01-21 04:46:07	Name: TI Value: 0
.ancestry.com/	1970-01-21 04:46:07	Name: ANCUUID Value: 7fb397a5-8147-4a55-adbf-4a9bc3f46cac
.ancestry.com/	1969-12-31 23:59:59	Name: ANCSESSIONID Value: 680762c2-ea2a-4801-ac31-c37d10401041
.ancestry.com/	1970-01-20 23:33:38	Name: OPTOUTMULTI Value: c3:1%7Cc12:1%7Cc11:1%7Cc2:1%7Cc10:1%7Cc6:1%7Cc9:1%7Ci:7756
.ancestry.com/	1970-01-21 04:46:07	Name: VARS Value: LCISONAME=enUS&LCID=1033
.ancestry.com/	1970-01-20 19:10:08	Name: __cf_bm Value: L1L3Tv97HwDABHAl5.t2suZeGmhRAfqFX7gRWm30qPM-1710607078-1.0.1.1-HseWVZNsc4E1BpuwcJeop1Wm3obvJE.kBhetqOsuN8IfRIe6dp.gf4utdcVPzYlBFPPKOMtoeXIt1ODkNfUmzQ
.ancestry.com/	1969-12-31 23:59:59	Name: _cfuvid Value: GvEzuFUpUdtJupXff67_M4U1yuhhbemCUwMffwmwegU-1710607078990-0.0.1.1-604800000
.www.newspapers.com/	1970-01-20 19:11:33	Name: accesscheck Value: YWI6ODFlYTRkYWI1MGEyMDRiMjRkMmNiMTdjNDkwYWYxOTI6NjYyZGQxYmFmZGJkZTlhYzE2ZTYxODYxYmFlN2ZlMGQ%3D
.newspapers.com/	1970-01-21 03:55:43	Name: _sp_su Value: false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.privacy-mgmt.com
cdnjs.cloudflare.com
click.email.ancestry.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
r.stripe.com
region1.google-analytics.com
www.ancestry.com
www.googletagmanager.com
www.newspapers.com
13.111.36.125
172.64.148.74
18.173.154.44
18.66.192.25
2001:4860:4802:32::36
2606:4700::6810:fb1d
2606:4700::6811:180e
2a00:1450:4001:812::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:827::200a
54.187.159.182
0037d786830066fce1690ea1cdb4b90458edabacc1491d74c25e4c8a0f3aefe9
05e96d5d177d834a1cad34c74c79352f0df883f5b2f32aca33443219c3547e58
091cd5db0726bc9b7700202aa77fc7a54b3f7f74367e8684f338dc39f494eab7
0c4bb86021bbc4596098072deea2d27bb8861b70382958582af6b60f61111cdc
0d9471a13b288e7a31b5fdd228558ca4d5377594e50becce9ffaa0bd4d59e32a
0d99cc60b0e046aa0fb9aa6229148a687fc2cbe5cd9012f9900ad18f81043e97
1c297a3d8446e110b7662f718e08cec39ffe0407df127ac8549dd8a7e3ec6d89
22802ac9172bd389d500747636924daead69f96f057b24e84bf525c7a9f1320d
237d88f081dcae964e24766ec5295e1d562ee4edd0e2967d72a3e875085e152c
2edf427faf06b0f84a991d77d44610d9c72702d0fe73f57e9a117a39c622a980
36d306717e99f4b309cd761a4d880839680efc3c77215857afa991423b184e82
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
49027f9c260f5c53eeaa84b9e847e77ac0c13cd8a2b6774e21f37659d3d18bfa
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
598c62ec0d4a4b800c2a2ce698931f524171cf10d31e3aa351fb771adb9b6811
5f496ef87585b30dea6ec3340959d43352de9a367aedb2d274b46c949d168123
5fbd272d23bb18786ecacff1953875fe4be5d08f328ba1d9659b4a7c528d8a3a
6a7c2034afdde4e7fa4849918a81ea9a30ada7cbcff80d3f3744b63a8d0bc6e6
6af5c50fda024dcf9bdbc2c4ce1af27432795195bcd4241c809c288c79f1bc95
705ad97c21908c9cb54de43dffcd5e088b7aa538a6eaa6af8e3c841dc7291e73
78b435cd47263da5359608172fe71c285cc5e11e012148eb6126ce32ab36137c
7b051da0285550b76e92c54525f4e18ebb090d5174eccd4451612e9f864b0bed
851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7
85f9aa47569f756989d76c071795d42c4c95b01298185c6a08fdbb49f1e53382
8a979f2ad131a73e7208e211e3f2e6aca84591b79c7675aaa659b5ca717102b3
8b73d664affb760285b268273d2b89319bd46de24c3b902fd97b07bc2c675a69
8d9ed11080ad8f77c16c19899d56a20b959f6012ea876c87adc4461b7dee6908
9170a1a89c64f413c2901f61a153a3c2cc1dd93751ac27056780dd74509e1919
9ea8c9c20b53594652705408edd7c521840012efc0ebc67ac806ac2b75213587
aad7f3010486df22824c28328374e631865d82bb1d963b056a3c3001755ed3f4
ac2c4bbfdc4d97a96933a2ce6f70595647dd14c3bb0d615d1eca584ee94eff89
b6527376efb6bd7e8cf76e917a67fc608da4627ae1cfc75fae39f9e46e5a9349
b7db48b336c3b55636834c1b901ee03f6fd7d991f4467e34d32a9cf4b30218c7
bca6d09b8ca54865810034f7ed380e4354945dce252d046f29b43ffd92522b96
c01e9574f456527c085343f708d3472b8341a0eaf5c0d9d032bb932012c1e523
c1d557bf697c5628a51521eadb53c02f59b6a31d837e7bed1c3ef67ea92c7c27
c52d29cf9b43eec4fb9f3871c2dbd8c1ddd2609f8f2ccc9c497d6578aceddcdc
c9cf689f854a05cb7268843a7baed22d60b004cb943fcb8e3070b75811338a02
de717fb14f0ec63d600e4795bf8c043c2255e22b7bf3b8a028f99e930bd5bd2e
e161acf399045c017dd5b7dfdf175bba0fad329efb693926d4685578f7e2f5c8
e1b0dcf1415a4eba4b21af3df4f1371f97daea7a418169504300cb877aa37983
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4f131fc08809b2ad2ed0977c75bb0e4883a974774458febc45435f0f2539d1f
f8c350ba501d916cb2ae8f2a6af53cb64a11c530598d1f9051e680ccc979c5bb
f9e6f6b216914d262d7308f66cf9f3c15c8df51ff8cf9e12aedbc74b2c7a17aa

www.newspapers.com Open in urlscan Pro 2606:4700::6810:fb1d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

55 %IPv6

9 Domains

11 Subdomains

9 IPs

2 Countries

1949 kBTransfer

7406 kBSize

12 Cookies

15 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newspapers.com Open in urlscan Pro
2606:4700::6810:fb1d Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

9
IPs

2
Countries

1949 kB
Transfer

7406 kB
Size

12
Cookies

55 HTTP transactions
0 data transactions