www.newsin.it Open in urlscan Pro
99.86.243.111 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.newsin.it/
Submission Tags: falconsandbox
Submission: On October 09 via api (October 9th 2020, 9:09:24 am UTC) from US

Summary HTTP 37 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 13 domains to perform 37 HTTP transactions. The main IP is 99.86.243.111, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.newsin.it.
TLS certificate: Issued by Amazon on September 25th 2020. Valid for: a year.

This is the only time www.newsin.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	99.86.243.111 99.86.243.111	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::681a:1a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	151.139.245.9 151.139.245.9	33438 (HIGHWINDS2) (HIGHWINDS2)
6	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
2	151.101.112.176 151.101.112.176	54113 (FASTLY) (FASTLY)
1	65.9.94.20 65.9.94.20	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
37	12

3 99.86.243.111 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-111.vie50.r.cloudfront.net

www.newsin.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:1a1 (United States)

ASN13335 (CLOUDFLARENET, US)

api.memberstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.245.9 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cdn.pushalert.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

memberstack-logos.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.20 (Seattle, United States)

ASN16509 (AMAZON-02, US)

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

newsin89.pushalert.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	memberstack.io api.memberstack.io	107 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	147 KB
3	pushalert.co cdn.pushalert.co newsin89.pushalert.co	47 KB
3	newsin.it www.newsin.it	53 KB
2	stripe.com js.stripe.com	48 KB
2	doubleclick.net googleads.g.doubleclick.net
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	1 KB
1	digitaloceanspaces.com memberstack-logos.nyc3.cdn.digitaloceanspaces.com	28 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	890 B
1	google.de adservice.google.de	890 B
1	gstatic.com fonts.gstatic.com	13 KB
1	googleapis.com fonts.googleapis.com	650 B
37	13

	Domain	Requested by
14	api.memberstack.io	www.newsin.it api.memberstack.io
4	pagead2.googlesyndication.com	www.newsin.it pagead2.googlesyndication.com
3	www.newsin.it	www.newsin.it
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	js.stripe.com	api.memberstack.io js.stripe.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdn.pushalert.co	www.newsin.it
1	newsin89.pushalert.co	cdn.pushalert.co
1	d3e54v103j8qbb.cloudfront.net	www.newsin.it
1	memberstack-logos.nyc3.cdn.digitaloceanspaces.com	www.newsin.it
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.newsin.it
37	15

This site contains links to these domains. Also see Links.

Domain
elyserobinson.com
en.wikipedia.org
pushalert.co

Subject Issuer	Validity	Valid
*.newsin.it Amazon	`2020-09-25` - `2021-10-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
memberstack.io Cloudflare Inc ECC CA-3	`2020-07-15` - `2021-07-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.pushalert.co Sectigo RSA Organization Validation Secure Server CA	`2019-05-07` - `2021-05-06`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert SHA2 Secure Server CA	`2020-03-11` - `2021-04-14`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2020-09-22` - `2021-02-03`	4 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.newsin.it/
Frame ID: FC771552EB79CF2B6AE6204D1B597F6A
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/zrt_lookup.html
Frame ID: 1B624B199A3792C7E9E8A516DD6045C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7204113339221254&output=html&adk=1812271804&adf=3025194257&lmt=1601756140&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.newsin.it%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602234547014&bpp=29&bdt=66&idt=138&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3123585996764&frm=20&pv=2&ga_vid=1386640436.1602234547&ga_sid=1602234547&ga_hid=1679535980&ga_fc=0&iag=0&icsg=2186&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467%2C21067688&oid=3&pvsid=2570665646016055&pem=3&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=172
Frame ID: 35FB2CC7A4955E63D6BE50E33EDAD06B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-c24e335c6ecfefe514d6ff32b3c40a6f.html
Frame ID: F997B66FB6C2836B73EC49BEF7B2A73E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 9700E777C294863EB8C33512E1139DEA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

MemberStack () Expand

Overall confidence: 100%
Detected patterns

script /memberstack\.js/i

Page Statistics

37
Requests

100 %
HTTPS

58 %
IPv6

13
Domains

15
Subdomains

12
IPs

2
Countries

474 kB
Transfer

1443 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://elyserobinson.com/
Title: Elyse Y. Robinson

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Payment_Services_Directive#Revised_Directive_on_Payment_Services_(PSD2)
Title: Learn more

Search URL Search Domain Scan URL

URL: https://pushalert.co/
Title: by PushAlert

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.newsin.it/ 5 KB
2 KB 641ms
517ms Document
text/html 99.86.243.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsin.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-111.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94ce7d2356225e3aa938d041e4a776f643e8d0dae53bc3d869533a437013436c

Request headers

:method: GET
:authority: www.newsin.it
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html
date: Fri, 09 Oct 2020 09:09:07 GMT
last-modified: Sat, 03 Oct 2020 20:15:40 GMT
etag: W/"4585dcccc0c431ee79153805c23ee624"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 96b3f0ca359697e92cd090a37a2e3bf4.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: Gxppvviu22uulABhDcwjQKKerFg6vnKf0K0gz-Rm-wxBACP1m-NmKA==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
46 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.newsin.it
URL: https://www.newsin.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab57edd3abc44a45a73b25015276226458f78acb9f9527e93b927ff3f5c11906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45808
x-xss-protection: 0
server: cafe
etag: 10019123953907953663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Oct 2020 09:09:06 GMT

GET
H2 200 memberstack.js Show response
api.memberstack.io/static/ 125 KB
38 KB 63ms
22ms Script
application/javascript 2606:4700:20::681a:1a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/memberstack.js?custom

Requested by

Host: www.newsin.it
URL: https://www.newsin.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6ddcc6260715f25f42226ee33932399501714481caf8be2e36925dc78f72b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:07 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2
x-dns-prefetch-control: off
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05ae38133200002b2289b78200000001
last-modified: Tue, 06 Oct 2020 21:04:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1f37f-174ffba6dd0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 5df6f5feb9dd2b22-FRA

GET
H2 200 bootstrap.min.css
www.newsin.it/ 156 KB
23 KB 570ms
569ms Stylesheet
text/css 99.86.243.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsin.it/bootstrap.min.css
Requested by: Host: www.newsin.it
URL: https://www.newsin.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-111.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

Origin: https://www.newsin.it
Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:08 GMT
content-encoding: gzip
last-modified: Sat, 26 Sep 2020 19:41:25 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C1
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
status: 200
x-amz-cf-id: DeZrr4lUx9TX-PEjoiMSIrYmOpBHIN5CEa41Kb45PyOzR2tUaCWHVA==
via: 1.1 96b3f0ca359697e92cd090a37a2e3bf4.cloudfront.net (CloudFront)

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
650 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat&display=swap

Requested by

Host: www.newsin.it
URL: https://www.newsin.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abcaf427a40877acef435f4777ff7aeb4af5517ecd6ec9d0b4099248de71e0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Oct 2020 09:09:06 GMT
server: ESF
date: Fri, 09 Oct 2020 09:09:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Oct 2020 09:09:06 GMT

GET
H2 200 logo.jpg
www.newsin.it/ 27 KB
28 KB 318ms
318ms Image
image/jpeg 99.86.243.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsin.it/logo.jpg
Requested by: Host: www.newsin.it
URL: https://www.newsin.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-111.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1e49dc2c66114229a23426f7f941dff0dedf84afce6aa10d0f8475967438b4f

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:08 GMT
via: 1.1 96b3f0ca359697e92cd090a37a2e3bf4.cloudfront.net (CloudFront)
last-modified: Tue, 29 Sep 2020 20:02:52 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C1
etag: "028583f913542e3bb8b4d2bbccdfb515"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 27873
x-amz-cf-id: mHna_X56JrnD1zbym5eu9DQOhALtJX2EeB8rTk7clnM4iwusPaUzLw==

GET
H2 200 integrate_c9caafb997b9223e6fe96ee9041c0ce7.js Show response
cdn.pushalert.co/ 208 KB
46 KB 754ms
719ms Script
application/javascript 151.139.245.9
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pushalert.co/integrate_c9caafb997b9223e6fe96ee9041c0ce7.js

Requested by

Host: www.newsin.it
URL: https://www.newsin.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.245.9 Dallas, United States, ASN33438 (HIGHWINDS2, US),

Reverse DNS

Software

nginx /

Resource Hash

1ff509039e1a63384936b636fa03d1ed5541e975968ecb5bb76eb66004c23090

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:07 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sat, 03 Oct 2020 20:11:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/javascript
status: 200
cache-control: max-age=8640000, public
accept-ranges: bytes

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/ 230 KB
87 KB 52ms
38ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f36a0659b60462ae7cd1f37cda1dd4d32a9cbe1a6817428fc9ae220f601bd01d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88664
x-xss-protection: 0
server: cafe
etag: 2239360983930794775
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Oct 2020 09:09:07 GMT

OPTIONS
H2 204 settings
api.memberstack.io/site/ Frame 0
0 445ms
429ms Other 2606:4700:20::681a:1a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/site/settings

Protocol

Server

2606:4700:20::681a:1a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.newsin.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 204
date: Fri, 09 Oct 2020 09:09:07 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization,content-type
via: 1.1 vegur
cf-cache-status: DYNAMIC
cf-request-id: 05ae38136f0000323cde8d7200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5df6f5ff1f5c323c-FRA

POST
H2 200 settings Show response
api.memberstack.io/site/ 344 B
361 B 168ms
168ms Fetch
application/json 2606:4700:20::681a:1a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/site/settings

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?custom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a2b288faa1e79353c4a61e57c14dd36b0e4255ad90169c803817e915b74e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsin.it/
Authorization: Bearer
Content-Type: application/json

Response headers

date: Fri, 09 Oct 2020 09:09:07 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
status: 200
content-encoding: br
cf-request-id: 05ae38151c0000323cde8ff200000001
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"158-HmDLIQMKxV+9A7eG2gUto4kfyZA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-ray: 5df6f601cddf323c-FRA

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newsin.it
Referer: https://fonts.googleapis.com/css2?family=Montserrat&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:22:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 226018
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:22:09 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/ Frame 1B62 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201007/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsin.it/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsin.it/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 08 Oct 2020 17:34:09 GMT
expires: Thu, 22 Oct 2020 17:34:09 GMT
content-type: text/html; charset=UTF-8
etag: 7382719332125555894
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4731
x-xss-protection: 0
age: 56098
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 37ms
16ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.newsin.it

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Oct 2020 09:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 36ms
15ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newsin.it

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Oct 2020 09:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 403 ads
googleads.g.doubleclick.net/pagead/ Frame 35FB 0
0 27ms
27ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7204113339221254&output=html&adk=1812271804&adf=3025194257&lmt=1601756140&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.newsin.it%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602234547014&bpp=29&bdt=66&idt=138&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3123585996764&frm=20&pv=2&ga_vid=1386640436.1602234547&ga_sid=1602234547&ga_hid=1679535980&ga_fc=0&iag=0&icsg=2186&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467%2C21067688&oid=3&pvsid=2570665646016055&pem=3&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=172

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7204113339221254&output=html&adk=1812271804&adf=3025194257&lmt=1601756140&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.newsin.it%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602234547014&bpp=29&bdt=66&idt=138&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3123585996764&frm=20&pv=2&ga_vid=1386640436.1602234547&ga_sid=1602234547&ga_hid=1679535980&ga_fc=0&iag=0&icsg=2186&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066467%2C21067688&oid=3&pvsid=2570665646016055&pem=3&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=172
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsin.it/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsin.it/

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 09 Oct 2020 09:09:07 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Oct-2020 09:24:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

401786d03dbe0c83dd204266feab8aa11054845baac1effb3669be9f401e720c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27576
x-xss-protection: 0
expires: Fri, 09 Oct 2020 09:09:07 GMT

GET
H2 200 5.b7ba3f53e3ed2a967416.bundle.js Show response
api.memberstack.io/static/ 67 KB
11 KB 17ms
16ms Script
application/javascript 2606:4700:20::681a:1a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/5.b7ba3f53e3ed2a967416.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?custom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2644f8193230dedfe8b845c5fd843fc06c1464cc9586d81f357e41183d8e931

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:07 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
x-dns-prefetch-control: off
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05ae3815c800002b2289ba4200000001
last-modified: Tue, 06 Oct 2020 21:04:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"10be4-174ffba6dd0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 5df6f602dc092b22-FRA

GET
H2 200 10.c1359e6cc3616e13bf0d.bundle.js Show response
api.memberstack.io/static/ 5 KB
1 KB 164ms
164ms Script
application/javascript 2606:4700:20::681a:1a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/10.c1359e6cc3616e13bf0d.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?custom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8e6740ff6d1db6e98fd3d64f5f6b38475de54fab63dd093442da666dcc93cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:07 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05ae3815c800002b2289ba5200000001
last-modified: Tue, 06 Oct 2020 21:04:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"14a2-174ffba6dd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 5df6f602dc0c2b22-FRA

GET
H2 200 1.b27311c782044d55ba95.bundle.js Show response
api.memberstack.io/static/ 96 KB
34 KB 30ms
29ms Script
application/javascript 2606:4700:20::681a:1a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/1.b27311c782044d55ba95.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?custom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

690788b8580c8fa411f0f5f00dce82e782a73c661d0d53322a909bf3c737e085

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:07 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-dns-prefetch-control: off
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05ae3815c800002b2289ba6200000001
last-modified: Tue, 06 Oct 2020 21:04:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"17e89-174ffba6dd0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 5df6f602dc0e2b22-FRA

GET
H2 200 8.c4bbf278374760531e8c.bundle.js Show response
api.memberstack.io/static/ 1 KB
718 B 431ms
430ms Script
application/javascript 2606:4700:20::681a:1a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/8.c4bbf278374760531e8c.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?custom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f09639069de98a3d08da00360f426fbdd3748007622d8a6c58b4bb9f1037cd15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:08 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05ae3815c800002b2289ba7200000001
last-modified: Tue, 06 Oct 2020 21:04:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c4-174ffba6dd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 5df6f602dc0f2b22-FRA

OPTIONS
H2 204 memberships
api.memberstack.io/site/ Frame 0
0 404ms
404ms Other 2606:4700:20::681a:1a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/site/memberships

Protocol

Server

2606:4700:20::681a:1a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.newsin.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 204
date: Fri, 09 Oct 2020 09:09:08 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
via: 1.1 vegur
cf-cache-status: DYNAMIC
cf-request-id: 05ae38177e0000323cde91e200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5df6f6059e56323c-FRA

POST
H2 200 memberships Show response
api.memberstack.io/site/ 467 B
418 B 421ms
421ms Fetch
application/json 2606:4700:20::681a:1a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/site/memberships

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?custom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b067455076961be58d76d7a5a9727ad1998dbdb5db04bdf1e9035b78fd2fd440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Oct 2020 09:09:08 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
status: 200
content-encoding: br
cf-request-id: 05ae3819130000323cde937200000001
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d3-bk8hNvdy0a77fM8GwE1PhjDL2RQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-ray: 5df6f6081b9e323c-FRA

GET
H/1.1 200
OK 1601536400694logo.jpg
memberstack-logos.nyc3.cdn.digitaloceanspaces.com/square/ 27 KB
28 KB 850ms
770ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://memberstack-logos.nyc3.cdn.digitaloceanspaces.com/square/1601536400694logo.jpg

Requested by

Host: www.newsin.it
URL: https://www.newsin.it/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

a1e49dc2c66114229a23426f7f941dff0dedf84afce6aa10d0f8475967438b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 09:09:08 GMT
Last-Modified: Thu, 01 Oct 2020 07:13:20 GMT
x-amz-request-id: tx0000000000000044a089f-005f8028b4-3ef0e77-nyc3a
ETag: "028583f913542e3bb8b4d2bbccdfb515"
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
X-HW: 1602234548.dop053.lo4.t,1602234548.cds053.lo4.shn,1602234548.dop053.lo4.t,1602234548.cds064.lo4.p
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 27873

GET
H2 200 9.a0b5c81ff2ee78597feb.bundle.js Show response
api.memberstack.io/static/ 29 KB
10 KB 25ms
24ms Script
application/javascript 2606:4700:20::681a:1a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/9.a0b5c81ff2ee78597feb.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?custom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5a260adec70ce6db2d605bd3c68ff7d93c09b17d258b3a017313b0984aa08ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:08 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2
x-dns-prefetch-control: off
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05ae38178f00002b2289bce200000001
last-modified: Tue, 06 Oct 2020 21:04:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7587-174ffba6dd0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 5df6f605bb8d2b22-FRA

GET
H2 200 0.3dd3e39ea920260ccd76.bundle.js Show response
api.memberstack.io/static/ 13 KB
5 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:1a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/0.3dd3e39ea920260ccd76.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?custom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cdf5b9c1f3a84e8ae11cecd123eb3b2e38614ea926060e0133bfe43cbe907e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:08 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2
x-dns-prefetch-control: off
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05ae38178f00002b2289bcf200000001
last-modified: Tue, 06 Oct 2020 21:04:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"34c6-174ffba6dd0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 5df6f605bb902b22-FRA

GET
H2 200 3.0e5f887d7d9124d97a08.bundle.js Show response
api.memberstack.io/static/ 16 KB
6 KB 19ms
18ms Script
application/javascript 2606:4700:20::681a:1a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/3.0e5f887d7d9124d97a08.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?custom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d4f30b2511769b202e84d4e0dded4561231292e1f18ae1093a73fbef083709

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:08 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2
x-dns-prefetch-control: off
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05ae38178f00002b2289bd0200000001
last-modified: Tue, 06 Oct 2020 21:04:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3e16-174ffba6dd0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 5df6f605bb922b22-FRA

GET
H2 200 12.bbe5775b3cceb43d53f0.bundle.js Show response
api.memberstack.io/static/ 3 KB
972 B 19ms
18ms Script
application/javascript 2606:4700:20::681a:1a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/12.bbe5775b3cceb43d53f0.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?custom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e5a7e1d3bd89efbc96c963a8d3320566db42137add5303d18cdc41c6c728df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:08 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2
x-dns-prefetch-control: off
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05ae38179000002b2289bd1200000001
last-modified: Tue, 06 Oct 2020 21:04:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d20-174ffba6dd0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 5df6f605bb932b22-FRA

GET
H2 200 7.cb35ba89de12abaa1764.bundle.js Show response
api.memberstack.io/static/ 4 KB
1 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:1a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/7.cb35ba89de12abaa1764.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?custom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85c80213474cf67f4dcf0eadd14e944ff6422a60205cbea5cd70e8302daec502

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:08 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2
x-dns-prefetch-control: off
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05ae38179000002b2289bd2200000001
last-modified: Tue, 06 Oct 2020 21:04:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ebe-174ffba6dd0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 5df6f605bb952b22-FRA

GET
H2 200 / Show response
js.stripe.com/v3/ 184 KB
48 KB 88ms
23ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/3.0e5f887d7d9124d97a08.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

26c30c69308745f71cce15a23754557bf77eaedf498c0aad84e38a926b6efd24

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:08 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 36
via: 1.1 varnish
x-cache: HIT
status: 200
content-length: 48708
x-amz-id-2: k36+JGv6tBC0z8/FtmiRZ/iRf0wqxa1oZjnkX9zcICCA9BkO6RRS1RprOV+ntWRcgj71Kkw+hqo=
x-served-by: cache-hhn4029-HHN
timing-allow-origin: *
last-modified: Thu, 08 Oct 2020 20:33:12 GMT
server: AmazonS3
etag: "4569ba7f0a1fd3435350351f7d4f30b3"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 3C23DE172C6BEBFB
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 34

GET
H2 200 image-placeholder.svg
d3e54v103j8qbb.cloudfront.net/img/ 801 B
1 KB 134ms
44ms Image
image/svg+xml 65.9.94.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3e54v103j8qbb.cloudfront.net/img/image-placeholder.svg
Requested by: Host: www.newsin.it
URL: https://www.newsin.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.20 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32099b201e4d474839074efeff27c07799d68431c3ab1a86eea6c7cd10f886c5

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 20:43:21 GMT
via: 1.1 c76f57c516237f120f723cde4dab446f.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2016 23:08:08 GMT
server: AmazonS3
age: 44748
etag: "903099cef357bdefb58e59715cb010f9"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 801
x-amz-cf-id: P1Dfj_gkJBNMJpkCRl5_SfMdX0Jd3kwy0JJ8ybieA5hx0D4HhgBYpg==

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 40ms
26ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201007&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ef59f144f8d67fb9023c34317b26dd34737e4ce1d9d7f748cba59313393c314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Oct 2020 09:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6558
x-xss-protection: 0

GET
H2 200 m-outer-c24e335c6ecfefe514d6ff32b3c40a6f.html
js.stripe.com/v3/ Frame F997 0
0 23ms
22ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-c24e335c6ecfefe514d6ff32b3c40a6f.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-c24e335c6ecfefe514d6ff32b3c40a6f.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsin.it/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsin.it/

Response headers

status: 200
x-amz-id-2: MmDdkELYAt9I0Ic0eQAlGwImzjabQanRWzB0XcJuPQvFcQAUYLfYy6CN90W7CDGSLBqK0Fuh4Mc=
x-amz-request-id: 0A5AB86896193455
last-modified: Wed, 07 Oct 2020 20:18:55 GMT
etag: "c24e335c6ecfefe514d6ff32b3c40a6f"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Oct 2020 09:09:09 GMT
via: 1.1 varnish
age: 18
x-served-by: cache-hhn4029-HHN
x-cache: HIT
x-cache-hits: 41
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 186

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 59ms
38ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Fri, 09 Oct 2020 09:09:09 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 9700 0
0 27ms
13ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newsin.it/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.newsin.it/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Fri, 09 Oct 2020 08:50:58 GMT
expires: Sat, 09 Oct 2021 08:50:58 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1091
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201007&jk=2570665646016055&bg=!aWqlakrNAAWqWepuqli93ZRbpY-ZGQIAAABZUgAAAA0KAe-Qcu2E17ctGYn8JqoWgCH7lMU4bYVC6Y1yJien20rfqVotIsOApzkSDX4BjAcq9sBW6-MdwOnalxIl5MNag5PVJfMJL52JDpr3VyOUfdRSVTQZaCPivkojTPbYzLsZZjtqfZ5hnSnm8RkCk3eMXkGAN3JMCDyYKO7mbA43EgvchLfbpZOT-sLosf7ASMZUqtFvlJm55ihPnk-pJChED4V4K9Gffb8qDk9CE0poV0MryL1ZxoC6mJBD8M_PBIwShxd_J_0dEoVtMlIxLLON-fIn4lRU9BR7ZLDz3QwpmsoLmuixI0NDFXJuhU0IX5hzlug1f2KsCBg_YVV9FOYJYonFm-e9bLoXlV-8g0B5T7ipJwNMv2YAALe5t9fgay_xqHhTnJi4DvIMwoJPdqYk2axGJNEO6fT4RMl2HCep0qTDKseLtvnyJZSZu1QiC4XPkk6lEhi7eI0ZMZPcr0rRvpGFTssIKE4hRb2dibvGyKNifGFzHml_F7MN6oMrsWb250otfDMBE7IG8J7Uf4k37tfKmr4kEeMO5zELdNRaXLKqpkgo6k7G-ML-zZvMq3Ssysir2FCsoc6nu_WhD3_3NNGiP2gBM38FHyDaEC_ohvZz_EFXntTsMUxWPq4O7GpiKnVp9dwUtmtODwl0DH-Nv9yZAaaqpobSafTnLPt26IprAG71N8IbZRoXu19EjG2O_9xO5swKU5RGruRoc-fwBrG7b1GUdRdftPMoX1DiaouhfHH4CmMZSYPfJcU3pU6SCWjM5zb086dKA8CCefRjAQaWCtrVHlr9oCMxf7mnjuFbOckKovBJeeuFm__KfaBgDV3Yt3-wu74-NoEBa3evIaeJ675UIH9v-rM2qS-kyVBr1vtf6JmWw3LM9udxZEyiPuHccE6IxOXY69RSxekMwOUDSOOKzyFO8W3splzWUevt6eCHIvqpLBV_9FpP4S5N9WBELUCUOGf7pO7uxoQZ3sa-QU6Fl2cHMGjM3xMNLlnlSRfZXCpmILSWzXdBOAsXs42Bu3PA839I5oBfTHFJAIoT3J5DL0npuSNQ8B_8vVnNvmyelh_tftuQsWexIkGNEJec93ofVCvllurIB-Q6bjtCg4eND5NDTniQ7Nd_vUjEDDEsmxC-3ksPxr7_w9pxP8_rOQ5xgKh9Vw7FyTJTgy6tBHYrjAgc1lgzD4kqyLF_VhfXZ22C7F9LS35ySotB8Xl-uXEjNLiagQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Oct 2020 09:09:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 1 Show response
newsin89.pushalert.co/optin/ 15 B
186 B 206ms
150ms Fetch
text/html 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://newsin89.pushalert.co/optin/1
Requested by: Host: cdn.pushalert.co
URL: https://cdn.pushalert.co/integrate_c9caafb997b9223e6fe96ee9041c0ce7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 09 Oct 2020 09:09:12 GMT
content-encoding: gzip
server: Google Frontend
status: 200
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: ffbba9e3b6a70fbbb4982b0239ad61b2
cache-control: private
content-length: 35

GET
H2 200 pushalert-square-icon.png
cdn.pushalert.co/img/ 943 B
1 KB 17ms
17ms Image
image/png 151.139.245.9
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.pushalert.co/img/pushalert-square-icon.png?0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.245.9 Dallas, United States, ASN33438 (HIGHWINDS2, US),

Reverse DNS

Software

nginx /

Resource Hash

921625f0b27bc7460cf639bacdbd483936a798534b5455448851ecd07b44ed06

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsin.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:09:12 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
x-sucuri-cache: HIT
alt-svc: clear
content-length: 943
x-xss-protection: 1; mode=block
last-modified: Sun, 13 Oct 2019 13:43:45 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 19008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 13:03:55	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.memberstack.io
cdn.pushalert.co
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.stripe.com
memberstack-logos.nyc3.cdn.digitaloceanspaces.com
newsin89.pushalert.co
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
www.newsin.it
151.101.112.176
151.139.245.9
2001:4860:4802:36::15
205.185.216.42
2606:4700:20::681a:1a1
2a00:1450:4001:806::2003
2a00:1450:4001:816::2002
2a00:1450:4001:81b::2001
2a00:1450:4001:81c::200a
2a00:1450:4001:820::2002
65.9.94.20
99.86.243.111
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
1ff509039e1a63384936b636fa03d1ed5541e975968ecb5bb76eb66004c23090
26c30c69308745f71cce15a23754557bf77eaedf498c0aad84e38a926b6efd24
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
32099b201e4d474839074efeff27c07799d68431c3ab1a86eea6c7cd10f886c5
401786d03dbe0c83dd204266feab8aa11054845baac1effb3669be9f401e720c
4cdf5b9c1f3a84e8ae11cecd123eb3b2e38614ea926060e0133bfe43cbe907e3
4ef59f144f8d67fb9023c34317b26dd34737e4ce1d9d7f748cba59313393c314
690788b8580c8fa411f0f5f00dce82e782a73c661d0d53322a909bf3c737e085
81d4f30b2511769b202e84d4e0dded4561231292e1f18ae1093a73fbef083709
85c80213474cf67f4dcf0eadd14e944ff6422a60205cbea5cd70e8302daec502
921625f0b27bc7460cf639bacdbd483936a798534b5455448851ecd07b44ed06
94ce7d2356225e3aa938d041e4a776f643e8d0dae53bc3d869533a437013436c
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a1e49dc2c66114229a23426f7f941dff0dedf84afce6aa10d0f8475967438b4f
ab57edd3abc44a45a73b25015276226458f78acb9f9527e93b927ff3f5c11906
abcaf427a40877acef435f4777ff7aeb4af5517ecd6ec9d0b4099248de71e0de
b067455076961be58d76d7a5a9727ad1998dbdb5db04bdf1e9035b78fd2fd440
c5a260adec70ce6db2d605bd3c68ff7d93c09b17d258b3a017313b0984aa08ca
c5e5a7e1d3bd89efbc96c963a8d3320566db42137add5303d18cdc41c6c728df
d6ddcc6260715f25f42226ee33932399501714481caf8be2e36925dc78f72b0f
d7a2b288faa1e79353c4a61e57c14dd36b0e4255ad90169c803817e915b74e2e
d8e6740ff6d1db6e98fd3d64f5f6b38475de54fab63dd093442da666dcc93cfe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
f09639069de98a3d08da00360f426fbdd3748007622d8a6c58b4bb9f1037cd15
f2644f8193230dedfe8b845c5fd843fc06c1464cc9586d81f357e41183d8e931
f36a0659b60462ae7cd1f37cda1dd4d32a9cbe1a6817428fc9ae220f601bd01d

www.newsin.it Open in urlscan Pro 99.86.243.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

58 %IPv6

13 Domains

15 Subdomains

12 IPs

2 Countries

474 kBTransfer

1443 kBSize

1 Cookies

3 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newsin.it Open in urlscan Pro
99.86.243.111 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

58 %
IPv6

13
Domains

15
Subdomains

12
IPs

2
Countries

474 kB
Transfer

1443 kB
Size

1
Cookies

37 HTTP transactions
0 data transactions