www.newseveryday.com Open in urlscan Pro
35.186.240.185 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.newseveryday.com/
Submission: On January 26 via api (January 26th 2022, 6:53:53 pm UTC) from US — Scanned from DE

Summary HTTP 123 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 24 domains to perform 123 HTTP transactions. The main IP is 35.186.240.185, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.newseveryday.com.
TLS certificate: Issued by R3 on January 11th 2022. Valid for: 3 months.

This is the only time www.newseveryday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	35.186.240.185 35.186.240.185	15169 (GOOGLE) (GOOGLE)
39	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6810:dd1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a03:2880:f22... 2a03:2880:f22d:1c2:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f22... 2a03:2880:f22d:1e6:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	92.122.255.233 92.122.255.233	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	18.133.97.68 18.133.97.68	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 3	99.86.3.92 99.86.3.92	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:aa00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	198.145.13.14 198.145.13.14	2044 (DF-PTL01) (DF-PTL01)
3	2a00:1450:400... 2a00:1450:400f:80b::200e	15169 (GOOGLE) (GOOGLE)
1	99.86.3.43 99.86.3.43	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400f:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
123	33

1 35.186.240.185 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 185.240.186.35.bc.googleusercontent.com

www.newseveryday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

1639681107.rsc.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1366492296.rsc.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:dd1d (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f22d:1c2:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f22d:1e6:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.255.233 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-255-233.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.133.97.68 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-97-68.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.3.92 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-92.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:aa00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.14 (Portland, United States)

ASN2044 (DF-PTL01, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400f:80b::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-43.fra6.r.cloudfront.net

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	cdn77.org 1639681107.rsc.cdn77.org 1366492296.rsc.cdn77.org	742 KB
29	googlesyndication.com ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	153 KB
9	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	160 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1501 m.addthis.com — Cisco Umbrella Rank: 1468	217 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 138	2 KB
3	anura.io script.anura.io — Cisco Umbrella Rank: 40527 ads.anura.io — Cisco Umbrella Rank: 50969	18 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	101 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 592 syndication.twitter.com — Cisco Umbrella Rank: 844	133 KB
3	instagram.com 2 redirects platform.instagram.com — Cisco Umbrella Rank: 6449 www.instagram.com — Cisco Umbrella Rank: 1105	5 KB
3	getclicky.com static.getclicky.com — Cisco Umbrella Rank: 11658 in.getclicky.com — Cisco Umbrella Rank: 9623	6 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	46 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1019 pixel.quantserve.com — Cisco Umbrella Rank: 424	10 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	64 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	82 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 47	31 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8028	792 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 898	437 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1758	683 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 361	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	2 KB
1	newseveryday.com www.newseveryday.com	13 KB
123	24

	Domain	Requested by
29	1366492296.rsc.cdn77.org	www.newseveryday.com
16	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.newseveryday.com ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.newseveryday.com ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com tpc.googlesyndication.com
10	1639681107.rsc.cdn77.org	www.newseveryday.com 1639681107.rsc.cdn77.org
4	googleads4.g.doubleclick.net	www.newseveryday.com
3	ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.newseveryday.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects www.newseveryday.com
3	www.googletagservices.com	www.newseveryday.com ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com
3	s7.addthis.com	www.newseveryday.com s7.addthis.com
2	www.google.com	ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com tpc.googlesyndication.com
2	s0.2mdn.net	www.newseveryday.com
2	googleads.g.doubleclick.net	ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	www.newseveryday.com
2	connect.facebook.net	www.newseveryday.com connect.facebook.net
2	script.anura.io	www.newseveryday.com script.anura.io
2	platform.twitter.com	www.newseveryday.com platform.twitter.com
2	www.instagram.com	1 redirects www.newseveryday.com
2	static.getclicky.com	www.newseveryday.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ads.anura.io	script.anura.io
1	in.getclicky.com	static.getclicky.com
1	pixel.quantserve.com	www.newseveryday.com
1	syndication.twitter.com	platform.twitter.com
1	rules.quantcount.com	secure.quantserve.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	secure.quantserve.com	www.newseveryday.com
1	z.moatads.com	s7.addthis.com
1	fonts.googleapis.com	1639681107.rsc.cdn77.org
1	platform.instagram.com	1 redirects
1	cdnjs.cloudflare.com	www.newseveryday.com
1	ajax.googleapis.com	www.newseveryday.com
1	www.newseveryday.com
123	37

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.addthis.com

Subject Issuer	Validity	Valid
*.newseveryday.com R3	`2022-01-11` - `2022-04-11`	3 months	crt.sh
www.cdn77.com R3	`2021-12-09` - `2022-03-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
script.anura.io Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-05` - `2022-02-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2022-08-03`	2 years	crt.sh
ads.anura.io Amazon	`2021-07-29` - `2022-08-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.newseveryday.com/
Frame ID: 3A680963998B0843C09DBDF96C4763D3
Requests: 79 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 442B3CB105CAFF14D943034F94D46D2E
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: EC2C54B2FB8817232E73E132A67ED284
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.newseveryday.com
Frame ID: B9DC1BE6B520EB61C4D56A765F4DAB8E
Requests: 2 HTTP requests in this frame

Frame: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C82E347DEB2440C3152D900B937B606E
Requests: 1 HTTP requests in this frame

Frame: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 24A087B0B477EFB6DE645DF74724FC95
Requests: 13 HTTP requests in this frame

Frame: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 317929A941D34A2AB934AAD6C0B02787
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhiFrZvAATAB&v=APEucNWoVXklST7W6hRMnSQsG6We5UJW_PlGAziEhP3QciEDrfyPK3AWOzXwS-lbiMvx4g2tmr870Au3G5M0rsKCvxE55GcYbg
Frame ID: 2FF04A468B4A9A50B1387DA4CBAFF86A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhiFrZvAATAB&v=APEucNXbmlADCOazwY6J48CxeaLVD6pgximWdHg3j_yfbiOE_d9efz3ZLOMDmIJfRZnVpCupLxoB0tjp4H8Mv-GTWJ12nYRLyg
Frame ID: EA03CBE7E29C1036C28271483E1CA359
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 48D86B4006F4292A7E2AB7F764DEC6D1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 91A05A14B4A4128D348235A4B6BE535C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B743217BF5032BBC89FC811D58895009
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01B86F0E57ED717D8AE8A4A7D6BFD793
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

News Every Day

Detected technologies

AddThis (Widgets) Expand

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

123
Requests

96 %
HTTPS

70 %
IPv6

24
Domains

37
Subdomains

33
IPs

5
Countries

1855 kB
Transfer

3880 kB
Size

15
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pages/Newseveryday/252124758245092
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/News_Every_Day
Title: tweeter

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 63

https://sb.scorecardresearch.com/b?c1=2&c2=14401431&ns__t=1643223226558&ns_c=UTF-8&cv=3.5&c8=News%20Every%20Day&c7=https%3A%2F%2Fwww.newseveryday.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=14401431&ns__t=1643223226558&ns_c=UTF-8&cv=3.5&c8=News%20Every%20Day&c7=https%3A%2F%2Fwww.newseveryday.com%2F&c9=

123 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.newseveryday.com/ 43 KB
13 KB 304ms
257ms Document
text/html 35.186.240.185
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.240.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 185.240.186.35.bc.googleusercontent.com
Software: nginx / PHP/7.2.34
Resource Hash: bd2c5d4e8d0340714051a47d48515852c98000a2e4940f5f5302f0c6b02a4ee1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Wed, 26 Jan 2022 18:53:46 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
alt-svc: clear

GET
H2 200 jquery.bxslider.css
1639681107.rsc.cdn77.org/common/js/bxslider/ 4 KB
1 KB 47ms
7ms Stylesheet
text/css 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1639681107.rsc.cdn77.org/common/js/bxslider/jquery.bxslider.css
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6300ba1c19b24d427fdec05b16c8b7c85f21155097c82ffdced06192a5f70d31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry9BIivvvFQFAA==
x-accel-expires: @1643910654
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: W/"61e0e76a-efc"
last-modified: Fri, 14 Jan 2022 03:00:58 GMT
server: CDN77-Turbo
x-77-nzt-ray: kw+L9gjTsiU=
x-77-cache: HIT
content-type: text/css
x-cache: HIT
x-age: 349372
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 style.css
1639681107.rsc.cdn77.org/static/common/_v0.0.0/css/ 21 KB
4 KB 48ms
9ms Stylesheet
text/css 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/css/style.css?v=1
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7e1118232be30930961993bbd54bdc38797314c497b74d1425caf9db5e784dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry+WrNzvvFQFAA==
x-accel-expires: @1643910654
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: W/"61e0e171-54f3"
last-modified: Fri, 14 Jan 2022 02:35:29 GMT
server: CDN77-Turbo
x-77-nzt-ray: 6VDBaak6JNY=
x-77-cache: HIT
content-type: text/css
x-cache: HIT
x-age: 349372
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 adunit.css
1639681107.rsc.cdn77.org/static/common/_v0.0.0/css/ 3 KB
862 B 49ms
10ms Stylesheet
text/css 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/css/adunit.css?40fc9e4
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d8647384e6833d9b894a3effdc0f875374b089e596836744f947d10bb268a1f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry/U9KDvvFQFAA==
x-accel-expires: @1643910654
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: W/"61e0e73f-bf0"
last-modified: Fri, 14 Jan 2022 03:00:15 GMT
server: CDN77-Turbo
x-77-nzt-ray: xRRkK7SZeR8=
x-77-cache: HIT
content-type: text/css
x-cache: HIT
x-age: 349372
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 12:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Jan 2023 12:12:59 GMT

GET
H2 200 jquery.bxslider.min.js Show response
1639681107.rsc.cdn77.org/common/js/bxslider4.2.12/ 23 KB
6 KB 53ms
14ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1639681107.rsc.cdn77.org/common/js/bxslider4.2.12/jquery.bxslider.min.js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry93ASbvvFQFAA==
x-accel-expires: @1643910654
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: W/"61e4c46f-5bf7"
last-modified: Mon, 17 Jan 2022 01:20:47 GMT
server: CDN77-Turbo
x-77-nzt-ray: mVm+1oaRRFU=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 349372
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 colorbox.css
1639681107.rsc.cdn77.org/common/js/colorbox1.6.4/ 3 KB
1 KB 50ms
11ms Stylesheet
text/css 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1639681107.rsc.cdn77.org/common/js/colorbox1.6.4/colorbox.css
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6e92ed2d364fb94642de787ddfff11b2a873cfbd00dfc329d0df9daaadbe2bb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry+zW3rviLsLAA==
x-accel-expires: @1643491122
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: W/"61e0e771-bd1"
last-modified: Fri, 14 Jan 2022 03:01:05 GMT
server: CDN77-Turbo
x-77-nzt-ray: b0F1gocbO0k=
x-77-cache: HIT
content-type: text/css
x-cache: HIT
x-age: 768904
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 jquery.colorbox-min.js Show response
1639681107.rsc.cdn77.org/common/js/colorbox1.6.4/ 12 KB
5 KB 54ms
16ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1639681107.rsc.cdn77.org/common/js/colorbox1.6.4/jquery.colorbox-min.js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 41bc4d4fe88139d6ee89abfcb2abac71e1430d85dbffc0be7c8f6bd36f4ced7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry9AGInviLsLAA==
x-accel-expires: @1643491122
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: W/"61e0e75d-2eb8"
last-modified: Fri, 14 Jan 2022 03:00:45 GMT
server: CDN77-Turbo
x-77-nzt-ray: vHQKC6Qtsw8=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 768904
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 jquery.cookie.js Show response
1639681107.rsc.cdn77.org/common/js/common/ 2 KB
1 KB 55ms
17ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1639681107.rsc.cdn77.org/common/js/common/jquery.cookie.js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 07bd3415a10c1e28f121f83385df47113ed4424508de494c85a95f4909adb8da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry/2xL7viLsLAA==
x-accel-expires: @1643491122
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: W/"61e0e1b3-8cd"
last-modified: Fri, 14 Jan 2022 02:36:35 GMT
server: CDN77-Turbo
x-77-nzt-ray: aEDptgb1pOU=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 768904
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ 3 KB
2 KB 57ms
17ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 119490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1120
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-d35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOjuf1DZA7frg1FDVtjNM5p0VkmSmd8j1gVp2g0FrImKsq1%2Bu7%2Bxe2s%2BB2D1ollyjA6MHtsXDCeMMFQ3Zmigg7ihWf9EKcjOaCY3kc8fGNfCbnBnclR6QmufBjV374oVnHkPqzM7lau9qWZUI2Hh5Dc3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d3bf22c1b219231-FRA
expires: Mon, 16 Jan 2023 18:53:46 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 53ms
11ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Wed, 26 Jan 2022 18:53:46 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 logo_newseveryday.png
1639681107.rsc.cdn77.org/static/common/_v0.0.0/images/ 6 KB
6 KB 8ms
7ms Image
image/png 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/images/logo_newseveryday.png
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 10e3015a6c5f65884b3ee1265907d8c8a8b869a99158cea58e955ed96a7a74f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry/9A9Pvd7APAA==
x-accel-expires: @1643231811
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: "61e0e72c-17fa"
last-modified: Fri, 14 Jan 2022 02:59:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: 2mzYeUSlSvI=
x-77-cache: HIT
content-type: image/png
x-cache: HIT
x-age: 1028215
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 6138

GET
H2 200 logo-newseveryday-w.png
1639681107.rsc.cdn77.org/static/common/_v0.0.0/images/ 6 KB
6 KB 12ms
7ms Image
image/png 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/images/logo-newseveryday-w.png
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e7c0991d44d04d906c7ffee0871cf272177a83e4af21102f362679053ba7be02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry+ISDvvd7APAA==
x-accel-expires: @1643231811
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: "61e0e735-17fa"
last-modified: Fri, 14 Jan 2022 03:00:05 GMT
server: CDN77-Turbo
x-77-nzt-ray: x7gb7y4UWh8=
x-77-cache: HIT
content-type: image/png
x-cache: HIT
x-age: 1028215
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 6138

GET
H2 200 should-you-rent-a-car-at-an-airport-a-short-guide.png
1366492296.rsc.cdn77.org/data/thumbs/full/61754/570/285/50/40/ 226 KB
227 KB 153ms
129ms Image
image/png 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61754/570/285/50/40/should-you-rent-a-car-at-an-airport-a-short-guide.png
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: afda7d79c82e59e6a50de2e7b00efc09049ce34765144fcb20e7ca8dd91480a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry/BrFGh
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: f0febcc57602836244ba69c618a5f881
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: N6oY27cqSQA=
x-77-cache: MISS
content-type: png
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 choosing-a-custom-designed-home-over-renovation.jpeg
1366492296.rsc.cdn77.org/data/thumbs/full/61744/215/107/50/40/ 6 KB
6 KB 146ms
123ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61744/215/107/50/40/choosing-a-custom-designed-home-over-renovation.jpeg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 85da06819cf57856a37e37b6070436931a1a4f16d5255645cf2645ee864140e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry+RVCyh
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 956ec01e62cb07b7550037dbac36e76f
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: C5QaDrazNAc=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 different-types-of-learning-management-systems.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61743/215/107/50/40/ 11 KB
11 KB 152ms
129ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61743/215/107/50/40/different-types-of-learning-management-systems.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 27747a5a1f780e2a9d75576c2eb15cfdc6ed5d71cb6aa4368c3307c9974e1fad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry+aOWqh
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 447aa633756651930e211c1e6a246778
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: AirQWaOZi/w=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 lax-parking-facts-figures-more.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61648/215/107/50/40/ 12 KB
13 KB 144ms
122ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61648/215/107/50/40/lax-parking-facts-figures-more.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 9b579a8ea96e09208d465a8ed4b8b842bd7cecd5186b3b594bb19def39577817

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry9P4lrOAAQDAA==
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 503eebf88908fac28a4227860d8c33c4
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: vN3mTB1cQqo=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: REVALIDATED
x-age: 197632
x-77-pop: frankfurtDE

GET
H2 200 how-to-deal-with-post-traumatic-stress-after-a-car-accident.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61647/215/107/50/40/ 8 KB
8 KB 145ms
122ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61647/215/107/50/40/how-to-deal-with-post-traumatic-stress-after-a-car-accident.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: b9958a0e376dd24d15097d2c829fe32c78270828ea8d964c52eead7d105cb333

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry/XCfyh
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 1b3e205e23c59a2a22ed11cb914e23ce
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 2PqKoAKkvvI=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 the-dark-web-is-getting-bigger-and-bigger.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61739/196/145/50/40/ 3 KB
3 KB 151ms
128ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61739/196/145/50/40/the-dark-web-is-getting-bigger-and-bigger.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 301c7f8257485801c02235089470beacfe319494ddf042526b79019c3b6c96e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry8sU6DOAAQDAA==
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 168929fe5ac69ea3e28f7e1978c725e6
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: Qm+nD0BN8yM=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: REVALIDATED
x-age: 197632
x-77-pop: frankfurtDE

GET
H2 200 how-to-set-and-reach-your-financial-goals-a-beginner-s-guide.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61738/196/145/50/40/ 10 KB
10 KB 119ms
118ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61738/196/145/50/40/how-to-set-and-reach-your-financial-goals-a-beginner-s-guide.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 68642d9dce0bf6f2ee3debb3dc04974d1fb383e75fc9b2a16638734f113244d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry+QpCHOAAQDAA==
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 4c2863c8dee39b68bee40c0f37cb5a70
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: vU7gQzBspDE=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: REVALIDATED
x-age: 197632
x-77-pop: frankfurtDE

GET
H2 200 content-curation-the-process.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61737/196/145/50/40/ 7 KB
8 KB 124ms
123ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61737/196/145/50/40/content-curation-the-process.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 6641525dab0863b8a51b24403a543a38f2f77403e73b6144ce195ade064afa1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry++7ajOAAQDAA==
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: c1d0cb345e4b12dff167674ce9ac67f7
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: vueBHXa50TE=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: REVALIDATED
x-age: 197632
x-77-pop: frankfurtDE

GET
H2 200 how-to-present-yourself-successfully.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61730/196/145/50/40/ 6 KB
6 KB 124ms
123ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61730/196/145/50/40/how-to-present-yourself-successfully.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: fc5871b46b466a3aa4408768fbfda3dc3d6ce65d98a0dbef0ba0000d9e80a9a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry/EBfnOAAQDAA==
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: ecb6ba0042dc97bb1602d1a8a0fdcedf
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: i20yLhXqcMU=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: REVALIDATED
x-age: 197632
x-77-pop: frankfurtDE

GET
H2 200 5-real-estate-tips-for-people-that-are-selling-for-their-first-time.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61729/112/112/50/40/ 5 KB
5 KB 125ms
123ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61729/112/112/50/40/5-real-estate-tips-for-people-that-are-selling-for-their-first-time.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: b51b3249807a62bed6df5563f59e5a25bb83bfab738a66f894df12e13fc30519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry9l2ejOAAQDAA==
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 1fe2c6d4089b14120910981e68ae2180
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: HA230uEeeXU=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: REVALIDATED
x-age: 197632
x-77-pop: frankfurtDE

GET
H2 200 glenwood-caverns-adventure-park-slapped-with-a-wrongful-death-lawsuit.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61728/112/112/50/40/ 6 KB
6 KB 123ms
121ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61728/112/112/50/40/glenwood-caverns-adventure-park-slapped-with-a-wrongful-death-lawsuit.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: c74d5e7d6c98ffe40425bd4f4162fe24d570c763c5acc80c3cd94fdc08a2f713

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry+z5veh
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 6e81450ae1eb3fb6f9d3bee763134b5c
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: jgoNGAqtp/I=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 how-can-an-accident-lawyer-help-me.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61727/112/112/50/40/ 4 KB
4 KB 164ms
162ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61727/112/112/50/40/how-can-an-accident-lawyer-help-me.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 79b8388b7202f0bef63e15cc6f9a0172def5016bc105aacf29f939ca45ff6ef0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry/SQfqh
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: f8be72e25e5a1a595e179c3bdc02e3c1
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: uUqt82r/MPA=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 how-to-handle-a-bicycle-accident-when-hit-by-a-car.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61632/112/112/50/40/ 7 KB
7 KB 123ms
121ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61632/112/112/50/40/how-to-handle-a-bicycle-accident-when-hit-by-a-car.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 8ebe8ff2e3ec71888471bb0de83b7cf1bcf011add84080b787ede0285b591c63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry/s/kKh
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 802a6986e4c57df57d909c3d4ca069d2
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 9KilJfCKids=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 a-well-organized-business-is-a-successful-one.png
1366492296.rsc.cdn77.org/data/thumbs/full/61725/112/112/50/40/ 10 KB
11 KB 124ms
123ms Image
image/png 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61725/112/112/50/40/a-well-organized-business-is-a-successful-one.png
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 153bdfe98f0b45231d4ea5ecf699122df1b8f3620ddbf2e3289e61129483db69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry8G1NKh
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 76dd743c45fe09919be4292054d6e2e4
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: NO0p3NhCG/s=
x-77-cache: MISS
content-type: png
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 why-you-can-still-trust-charities.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61724/112/112/50/40/ 4 KB
4 KB 125ms
123ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61724/112/112/50/40/why-you-can-still-trust-charities.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: aabd0009fc8c170d63f016728977356733bb4f66dfe34b6ff0759316724f4ab1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry/puhCh
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 589c23da64a445c2431228e41d8ccad2
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: YQAfKcwZYRE=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 what-research-suggests-about-the-growing-popularity-of-hybrid-work.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61723/112/112/50/40/ 4 KB
4 KB 123ms
122ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61723/112/112/50/40/what-research-suggests-about-the-growing-popularity-of-hybrid-work.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 25f44db80de0535f3816a4aba738b590435efe2a602a52d11bbdcc70fde81d24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry+Rlheh
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 85fea30249ebdc465943efa42cb58b06
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: ImPbdXKCafY=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 gbksoft.png
1366492296.rsc.cdn77.org/data/images/full/61721/ 268 KB
269 KB 131ms
130ms Image
image/png 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/images/full/61721/gbksoft.png?w=920&h=460&l=50&t=40
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 5f56b50e672249b693fda9894e0dfadf927539ed769391e18675375a4459deed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry9VTleh
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: d4a5c4e9e41a95a65bde8c20f19eac27
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: F2ctF9NXNt0=
x-77-cache: MISS
content-type: png
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 questions-to-ask-yourself-before-deciding-to-splurge.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61719/211/105/50/40/ 7 KB
7 KB 124ms
123ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61719/211/105/50/40/questions-to-ask-yourself-before-deciding-to-splurge.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 8f166b5ac0ac036787279b63f945b302f90c938ab204aac1c565c34e62a3cac7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry/WhOOh
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 60263245ad96960b6e3194324ddd3945
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: vLKa4FbB6NQ=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 awesome-marketing-ideas-for-your-new-lifestyle-brand.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61718/211/105/50/40/ 9 KB
9 KB 124ms
123ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61718/211/105/50/40/awesome-marketing-ideas-for-your-new-lifestyle-brand.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: e1ece626fe87a04169af2ab5669c3f92718e62755aeb00b17c9f817e0ce82c68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry9smvSh
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 393915fe97fa747ad17bcb923b197742
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: BpGMQg9EJpg=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 social-trends-in-employment.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61716/211/105/50/40/ 7 KB
8 KB 119ms
119ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61716/211/105/50/40/social-trends-in-employment.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 458632142ff634533e62ca19452984b1285456c760d9bb4ddc70610b7624f3f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry+9P+mh
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 1f4b3f02615c3f0379df9fdc270e9cc3
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: pKi7wOZ3kfk=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 5-safety-tips-for-driving-in-the-rain.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61714/211/105/50/40/ 7 KB
7 KB 122ms
122ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61714/211/105/50/40/5-safety-tips-for-driving-in-the-rain.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 3efb295535f851ec14b33ff0b2f5a13aa9761150168e88d1ebc9731748a39d56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry+7Sqah
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 9d54e58d228af081f66352e862e84f96
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: Y8I9xjLgWp4=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 how-to-lower-your-internet-bill.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61710/211/105/50/40/ 9 KB
9 KB 120ms
120ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61710/211/105/50/40/how-to-lower-your-internet-bill.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: bed098c35d99957d5f5816a2953cb765f339cf68aaac5fcd75e691de709b2fe2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry9qAJKh
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 516d9083ae7f3f0c50244a2320707b59
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: qvSG/OjXZGY=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 interested-in-influencer-marketing-5-things-that-you-need-to-know.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61706/211/105/50/40/ 11 KB
12 KB 122ms
121ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61706/211/105/50/40/interested-in-influencer-marketing-5-things-that-you-need-to-know.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 9284bb7e5f19ba81c4a9cfb24dfd5fc613e252ffd4a2950478036162497e05fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry8BBR3O/wMDAA==
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: d1afdf569e4c0fcc9c65cceb55150dd7
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: rRKFZl5TFww=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: REVALIDATED
x-age: 197631
x-77-pop: frankfurtDE

GET
H2 200 3-fun-ideas-for-your-new-social-media-channel.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61705/211/105/50/40/ 10 KB
11 KB 120ms
120ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61705/211/105/50/40/3-fun-ideas-for-your-new-social-media-channel.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: ef080dc21a1f970a0306d263f7844300221504f2619ac5dfcf97b3fb1a2fba62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry9HAe+h
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: f88967663a76f1372a991737f84bb706
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: fUb44qS5b3U=
x-77-cache: MISS
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: MISS
x-77-pop: frankfurtDE

GET
H2 200 bodies-of-two-un-workers-found-in-congo.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61026/180/90/50/40/ 8 KB
9 KB 166ms
165ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61026/180/90/50/40/bodies-of-two-un-workers-found-in-congo.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 0383220765cc0f4bdaf58a65cd5837e1ac2779298f757c933aa8fc055d80976a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry8TH8PO/wMDAA==
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 123c82847bfd1955d9b1ebf9bf1f8654
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: yY27Bxv0OZU=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: REVALIDATED
x-age: 197631
x-77-pop: frankfurtDE

GET
H2 200 7-important-roles-of-iqip-in-the-modern-onshore-and-offshore-construction-projects.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61757/180/90/50/40/ 7 KB
8 KB 116ms
116ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61757/180/90/50/40/7-important-roles-of-iqip-in-the-modern-onshore-and-offshore-construction-projects.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 86a8e13947d005b3d811b6045b7cfca6f3595df1b41441854a404c72d772b410

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry9Qs6rO/wMDAA==
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: b777a5ab415cf85acbe8f77acdf1d722
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: C1x6KuOS2Ms=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: REVALIDATED
x-age: 197631
x-77-pop: frankfurtDE

GET
H2 200 john-lasseters-skydance-animation-premieres-first-animated-short-as-part-of-apple-deal.jpeg
1366492296.rsc.cdn77.org/data/thumbs/full/61692/180/90/50/40/ 6 KB
6 KB 8ms
7ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61692/180/90/50/40/john-lasseters-skydance-animation-premieres-first-animated-short-as-part-of-apple-deal.jpeg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 7518ebcb4b7c3c8b57541eee2f6ce91654af175bf76b9f280ad0c1ca3c908818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry9Eeq7vyEYBAA==
x-accel-expires: @1643225970
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: b26a749961f932c40b3f0a5f180695b4
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: Qdbuj38e9Ek=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 83656
x-77-pop: frankfurtDE

GET
H2 200 2021-wild-card-weekend-storylines-and-picks.jpg
1366492296.rsc.cdn77.org/data/thumbs/full/61594/180/90/50/40/ 6 KB
7 KB 131ms
131ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61594/180/90/50/40/2021-wild-card-weekend-storylines-and-picks.jpg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 4fcee3e563cd0f4963fac555cb567d7d72dc11cef1d9c2d4ac931c78607b6090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry9NYYHO/wMDAA==
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: cab4b054a76a7596eabf5d253d700c8a
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: pMnLEDmqy80=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: REVALIDATED
x-age: 197631
x-77-pop: frankfurtDE

GET
H2 200 biden-must-be-tough-on-automakers-to-fight-climate-change.jpeg
1366492296.rsc.cdn77.org/data/thumbs/full/61681/180/90/50/40/ 7 KB
8 KB 121ms
120ms Image
image/jpeg 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1366492296.rsc.cdn77.org/data/thumbs/full/61681/180/90/50/40/biden-must-be-tough-on-automakers-to-fight-climate-change.jpeg
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: de9aa1d1bb7a34ab0583eec465fc320ff0371792f5ef5b29b0a1b4ac2e04153d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry83PtzO/wMDAA==
x-accel-expires: @1643309626
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: 14c970f08da12609c48a84acd5ff8fea
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 1+lfzVkdfHA=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: REVALIDATED
x-age: 197631
x-77-pop: frankfurtDE

GET
H2 200 badge.gif
static.getclicky.com/media/links/ 241 B
365 B 20ms
19ms Image
image/gif 2606:4700::6810:dd1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.getclicky.com/media/links/badge.gif
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:46 GMT
cf-cache-status: HIT
age: 119480
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 241
last-modified: Wed, 13 Apr 2016 00:13:35 GMT
server: cloudflare
etag: "570d8f2f-f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6d3bf22d6a0d927d-FRA
x-proxy-cache: MISS
expires: Wed, 02 Feb 2022 18:53:46 GMT

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 58ms
28ms Script
text/javascript 2606:4700::6810:dd1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 09:42:13 GMT
server: cloudflare
age: 119493
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 18:53:46 GMT
cache-control: public, max-age=604800
cf-ray: 6d3bf22d194d927d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-proxy-cache: HIT

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

18ms
7ms

Script
text/javascript

2a03:2880:f22d:1e6:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H3
Server: 2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 16:52:50 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Wed, 26 Jan 2022 18:53:46 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: frc
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 30ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 18:53:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1498
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29180
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:22:23 GMT
Server: ECS (frb/6727)
Etag: "e92bd51c447ba1dbd509a1e23d3a8521+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 css
fonts.googleapis.com/ 3 KB
933 B 132ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: 1639681107.rsc.cdn77.org
URL: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/css/style.css?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1639681107.rsc.cdn77.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:29:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Jan 2022 18:53:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jan 2022 18:53:46 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 91ms
40ms Script
application/x-javascript 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:46 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: C837A48B2C34EE56
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=60776
accept-ranges: bytes
content-length: 948
x-amz-id-2: Dl95LInGfb+/e1pJjUIJZHBdqqnQR5kAoOKx/bgx79sAoLcQhhni+BFzg0LbdHAlPM1lV3GPvgg=

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 152ms
49ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d20921d3495b1d2c456ebde74dd61f180c7e849c78b0ddfa8357b83d517849a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27061
x-xss-protection: 0
server: sffe
etag: "1113 / 84 of 1000 / last-modified: 1643198680"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Jan 2022 18:53:46 GMT

GET
H2 200 request.js Show response
script.anura.io/ 48 KB
17 KB 231ms
175ms Script
application/javascript 18.133.97.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2238638024&source=newseveryday&campaign=homepage&789985797543

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.97.68 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-97-68.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

531b96799a4dc30386c415d267c444f2117fde25a92551cf2a5ba6e31d164770

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 18:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2df838461bf9f05b96d51ed69d758447d8b40281a9f5cac048d3799c871f39ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BkfIA5Ikes/KrqoCEkW73A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: LiQJZWC6WI9H22xGePKDyP+QAfgZv7byKPDsF/OwcnW4QF/XUgzW9/699DdxmiffezhBLmDh3L5HWWZKGVjqvw==
x-fb-trip-id: 917726464
x-fb-content-md5: 1cf4243fed1ab45ada4cd3d37d1857b7
x-frame-options: DENY
date: Wed, 26 Jan 2022 18:53:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "dd1513ebe52ff3ebc3e3706c2e45c813"
timing-allow-origin: *
expires: Wed, 26 Jan 2022 18:59:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 73 KB
29 KB 206ms
111ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCR5XV

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8657aee702f75f2e6ae8f29c42496b8d70c43f4188695f12b23d262f23ebbd8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29423
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jan 2022 18:53:46 GMT

GET
H2 200 icons.png
1639681107.rsc.cdn77.org/static/common/_v0.0.0/images/ 8 KB
8 KB 8ms
7ms Image
image/png 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/images/icons.png
Requested by: Host: 1639681107.rsc.cdn77.org
URL: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/css/style.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 33df6cb47ce763d108a186d3667974e25a6da5106b271fe2f5414a04d35b82ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1639681107.rsc.cdn77.org/static/common/_v0.0.0/css/style.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: AcO1ry/kaBDvd7APAA==
x-accel-expires: @1643231811
date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 google
etag: "61e0e73f-1f1c"
last-modified: Fri, 14 Jan 2022 03:00:15 GMT
server: CDN77-Turbo
x-77-nzt-ray: Aas5xeysEKE=
x-77-cache: HIT
content-type: image/png
x-cache: HIT
x-age: 1028215
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 7964

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 164ms
76ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newseveryday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 21:26:28 GMT
x-content-type-options: nosniff
age: 163638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 24 Jan 2023 21:26:28 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 40ms
6ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:46 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 02 Feb 2022 18:53:46 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 41ms
8ms Script
application/javascript 99.86.3.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-92.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 04:30:28 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 51832
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: nbgwbE12XoCJ94O9JQL-aVh_3K8hf7vvrCqCtgZgw_jyfIs9K1PFlQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 160ms
66ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-52977351-1

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

690af6714789686f16f0bde4518a96f2d6f2f2bb589c1e4308df549906362179

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35993
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jan 2022 18:53:46 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5849963f0125e7c6/ 1 KB
683 B 217ms
209ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5849963f0125e7c6/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7296714d4927c19e32c0c4b6bda27dd76440e4bb19e2a7fa2351660020a9e452

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:46 GMT
content-encoding: gzip
etag: -897875747--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=58, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 507

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 200ms
182ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61f198bab05527a2&bkl=0&bl=1&pdt=326&sid=61f198bab05527a2&pub=ra-5849963f0125e7c6&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.newseveryday.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Newseveryday%2CPolitics%2CWorld%2CEntertainment%2CSports%2CBusiness%2CTechnology%2CScience%2CHealth%20and%20Off%20Beat&colc=1643223226482&jsl=4097&uvs=61f198ba44f4e87d000&skipb=1&callback=addthis.cbs.jsonp__73647877140532290
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b81f8cd7da45c1ee0de13ba35868feb64f9b57d3240148dbd12909d274282c50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 18:53:46 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 442B 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame EC2C 71 KB
26 KB 10ms
10ms Document
text/html 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 26 Jan 2022 18:53:46 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 101ms
41ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newseveryday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 04:27:49 GMT
x-content-type-options: nosniff
age: 483957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 21 Jan 2023 04:27:49 GMT

GET
H/1.1 200
OK widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html Show response
platform.twitter.com/widgets/ Frame B9DC 319 KB
104 KB 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.newseveryday.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 504317
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Jan 2022 18:53:46 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 19 Jan 2022 19:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67DF)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 16ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=de69577ff2de99dab547b24aa711783d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

faefca049955aabbbe189538aa896e61cf9ad28ba24d40c4c5fde973f1cf8e39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.newseveryday.com/
Origin: https://www.newseveryday.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 6Kvqp+2y68lCZeMX5VwhgQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 26 Jan 2023 18:21:47 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82057
x-fb-rlafr: 0
x-fb-debug: ysVgRQb/niJ0hrG92DuOneyKo0rugP177Qm9wxyHKewP1dPzJV8/r+YBPeBLKDd0FDirLuA8a0S3/MejLiZ44Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 317e1f5b3158f5091d84eb5b7e349609
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Jan 2022 18:53:46 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "9bd1b1210f2a5d16556f84a157df070b"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=14401431&ns__t=1643223226558&ns_c=UTF-8&cv=3.5&c8=News%20Every%20Day&c7=https%3A%2F%2Fwww.newseveryday.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=14401431&ns__t=1643223226558&ns_c=UTF-8&cv=3.5&c8=News%20Every%20Day&c7=https%3A%2F%2Fwww.newseveryday.com%2F&c9=

0
222 B

12ms
11ms

Image
text/plain

99.86.3.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=14401431&ns__t=1643223226558&ns_c=UTF-8&cv=3.5&c8=News%20Every%20Day&c7=https%3A%2F%2Fwww.newseveryday.com%2F&c9=
Requested by: Host: www.newseveryday.com
URL: https://www.newseveryday.com/
Protocol: H2
Server: 99.86.3.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-92.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: RYp9NUsXbPGGTox9Kf-C7LT2WDKHhtCu1DRFm0lmjepOVYZIZgtf3g==
x-cache: Miss from cloudfront

Redirect headers

date: Wed, 26 Jan 2022 18:53:46 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=14401431&ns__t=1643223226558&ns_c=UTF-8&cv=3.5&c8=News%20Every%20Day&c7=https%3A%2F%2Fwww.newseveryday.com%2F&c9=
content-length: 179
x-amz-cf-id: VE8ukJ97A5nL8D3g3FkmhTv4DOacs2bxYwc17jVk-rqlRXDNgGJf7g==

GET
H2 200 rules-p-Gx1AK6KSU74K8.js Show response
rules.quantcount.com/ 3 B
437 B 50ms
11ms Script
application/javascript 2600:9000:206f:aa00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Gx1AK6KSU74K8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:aa00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 07:46:53 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
age: 40014
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:25:40 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: Jt6EcWmnE0r8I97nvL_7GcycMOPROV3P02PZBztHudkQXvrW5uS_5A==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame B9DC 232 B
448 B 134ms
112ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=a0eccc0caa4f8e9f1ff3b06cf9f33a1924215503

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.newseveryday.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 105
date: Wed, 26 Jan 2022 18:53:46 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 18:53:46 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: cbd808811f1c2d796bbb285d3437407d24e28f46f7437468c3dac1948f0d050f
content-length: 166

GET
H2 200 pixel;r=286232737;rf=0;a=p-Gx1AK6KSU74K8;url=https%3A%2F%2Fwww.newseveryday.com%2F;uh=8ff3890c8d1f9f784eb0a648cdef7688a42f71075c7883632c76b053dc9b7609;uht=0;fpan=1;fpa=P0-223797252-1643223226614;pb...
pixel.quantserve.com/ 35 B
372 B 21ms
12ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=286232737;rf=0;a=p-Gx1AK6KSU74K8;url=https%3A%2F%2Fwww.newseveryday.com%2F;uh=8ff3890c8d1f9f784eb0a648cdef7688a42f71075c7883632c76b053dc9b7609;uht=0;fpan=1;fpa=P0-223797252-1643223226614;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=newseveryday.com;je=0;sr=1600x1200x24;dst=0;et=1643223226614;tzo=0;ogl=

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 18:53:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pubads_impl_2022011002.js Show response
securepubads.g.doubleclick.net/gpt/ 352 KB
119 KB 122ms
37ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121009
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 21:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 26 Jan 2023 17:04:38 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 122 B
733 B 141ms
51ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.newseveryday.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3028ad692501830c5f13d7638c4445c1037c97ac8892c358a2eaa83b4eefe504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 18:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97
x-xss-protection: 0
expires: Wed, 26 Jan 2022 18:53:46 GMT

GET
H2 200 in.php Show response
in.getclicky.com/ 139 B
435 B 448ms
146ms Script
text/javascript 198.145.13.14
DF-PTL01

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=100756016&type=pageview&href=%2F&title=non-article&res=1600x1200&lang=en&jsuid=2071338673&mime=js&x=0.9680676075597525
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.14 Portland, United States, ASN2044 (DF-PTL01, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: 4da1423e986c57d3271d8b7236d471ee03cb9b8eea9d56a32597df64081e4ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:47 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 110ms
33ms Script
text/javascript 2a00:1450:400f:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52977351-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 750
date: Wed, 26 Jan 2022 18:41:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 26 Jan 2022 20:41:16 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 10ms
10ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 26 Jan 2022 18:53:46 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 showads.js Show response
ads.anura.io/ 0
350 B 36ms
7ms XHR
application/javascript 99.86.3.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.anura.io/showads.js?685003245074
Requested by: Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2238638024&source=newseveryday&campaign=homepage&789985797543
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-43.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 11:50:12 GMT
content-encoding: gzip
server: nginx
age: 25414
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: m8rq5ezdf7dNCn1RvDNkZc-7E_6FlOKArguadNJYKllMIJGfdAKzfg==
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 87ms
43ms XHR
text/plain 2a00:1450:400f:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=311607974&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newseveryday.com%2F&ul=en-us&de=UTF-8&dt=News%20Every%20Day&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAAC~&jid=1843163441&gjid=490529733&cid=745698769.1643223227&tid=UA-52977351-1&_gid=1844378916.1643223227&_r=1&gtm=2ou1o0&z=88353522

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseveryday.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 18:53:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newseveryday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 76ms
33ms Image
image/gif 2a00:1450:400f:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=311607974&t=event&_s=2&dl=https%3A%2F%2Fwww.newseveryday.com%2F&ul=en-us&de=UTF-8&dt=News%20Every%20Day&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=article&ea=article3&_u=4GBAAUABAAAAAC~&jid=&gjid=&cid=745698769.1643223227&tid=UA-52977351-1&_gid=1844378916.1643223227&gtm=2ou1o0&cd1=&cd2=&cd3=&cd4=main&cd5=&cd6=&z=1789162858

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 14:07:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17149
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 129ms
45ms Script
application/javascript 2a00:1450:400f:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.newseveryday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 18:53:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 137ms
46ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newseveryday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 18:53:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 116 KB
39 KB 505ms
458ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3445197507756344&correlator=2168159868942732&output=ldjh&impl=fifs&eid=31061814%2C31063871%2C44752540&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220126&iu_parts=21697271410%2Cnewseveryday%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=300x250%2C300x250%2C300x250&prev_scp=pos%3Dright1%7Cpos%3Dright2%7Cpos%3Dright3&cookie_enabled=1&bc=31&abxe=1&dt=1643223226969&lmt=1643223226&dlt=1643223226199&idt=743&frm=20&biw=1600&bih=1200&oid=2&adxs=1029%2C1029%2C-9&adys=130%2C580%2C-9&adks=3981841859%2C3981841856%2C3981841857&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.newseveryday.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x10%7C300x10%7C0x-1&msz=300x0%7C300x0%7C0x-1&ga_vid=745698769.1643223227&ga_sid=1643223227&ga_hid=311607974&ga_fc=true&fws=4%2C4%2C2&ohw=300%2C300%2C0&btvi=0%7C0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d6b4de9df9ed3947016367470738ba89f143b0626ee86eef7d45991e97ddf6d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39906
x-xss-protection: 0
google-lineitem-id: -1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newseveryday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C82E 6 KB
4 KB 175ms
48ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 26 Jan 2022 18:53:47 GMT
expires: Thu, 26 Jan 2023 18:53:47 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 response.json Show response
script.anura.io/ 92 B
435 B 100ms
60ms XHR
application/json 18.133.97.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2238638024&source=newseveryday&campaign=homepage&789985797543

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.97.68 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-97-68.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

781a8922302b48b1afea93293539f1883d398dab74e6cfb322c8b7be029f12ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newseveryday.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 18:53:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 139ms
52ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3c5bccf6062e70bd721ce309005c42678c962d8bff12d6d2363f66cb44aae9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 18:53:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8996
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 757ms
671ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jan 2022 18:53:48 GMT

GET
H3 200 container.html Show response
ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 24A0 6 KB
3 KB 86ms
40ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 18:53:47 GMT
expires: Thu, 26 Jan 2023 18:53:47 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3179 6 KB
3 KB 85ms
42ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 18:53:47 GMT
expires: Thu, 26 Jan 2023 18:53:47 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2FF0 0
683 B 133ms
51ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhiFrZvAATAB&v=APEucNWoVXklST7W6hRMnSQsG6We5UJW_PlGAziEhP3QciEDrfyPK3AWOzXwS-lbiMvx4g2tmr870Au3G5M0rsKCvxE55GcYbg

Requested by

Host: ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com
URL: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 26 Jan 2022 18:53:47 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Jan 2022 18:53:47 GMT
cache-control: private

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/ Frame 24A0 19 KB
8 KB 94ms
46ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/abg_lite_fy2019.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 18:52:13 GMT

GET
H2 200 16885997802885610643
s0.2mdn.net/simgad/ Frame 24A0 23 KB
23 KB 126ms
39ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16885997802885610643

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff388f4a95d8ca756c1b0b4234a1d343c38c3f6a0a2d3909eb0f6f868ca013d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:06:49 GMT
x-content-type-options: nosniff
age: 208018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23263
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 16:10:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 09:06:49 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/elements/html/ Frame 24A0 6 KB
3 KB 100ms
54ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 18:08:20 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 24A0 0
61 B 241ms
130ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSxaKFL_LTgBJN_uXBUFe-n7-SUE1E9-knTfI5Kn4ZOIrZcuqAjgNcHtLvLeHBtYPkYHWz2S6X48s49nZdWTn16Jk0gUMu8Oi3Aa2nxFbJJ_7oxz1d6bCBMk3BnblLalfxst1GIBr9YJIDYe-g3jJFAr8H_zdeGuLGxOgI41GPxwyZdhoCtHwoBT0TajAwVdIollUGPVtktGiS24IzGRXazYrFNrUrpV9JYU1686ffnTrzVHkWQYxOYspWolRHcSXRCBg-x1hd_Q70zd40svyNGbzTXQxGBMFg5S-_3vB4sGRfLTJ1iw4_MnngfoZbm1--2TFhe5e1Qc5w4bpSBlVMQJ__Gys0ciuV_nL0YZSEvL9W0ric3BRuplJK-h3UaUOBB6iPwQokphu9B9NSLKMRIZs9RXN2y-65ON5Zhlzumw80GBIGDH8fgpLXP1qVSAuVw61Xn5LSGyPQ2kfbxPioTSS2VGjsXKDvm07YnpwwVVQHwbr2-Un7VRa9B-inWPt116xH4XcaQzaRpNaR9gp1iA88JKwlHSlwthcrQS6l6J_B6Q_0jx8b0e4MVW_R8AQkEJeLwF_R8kSNab86OlXP-h2rwp6IVc_APQs_-eChML_PJJFkEXTE9fZbSuF7KR4R2o0JaeS52An5M5W--unAruU0OV0ETQahtND1MGeX0QBJVYT7mY6K9rtrkaST3FhSkaFsscZ0xbpfaJx_NzHSNa248PSCJONzsGtZrHF-9UZ5WQCMiAEYJqc688qNiEaCXFAo42GEK94vh3SsAHbZnMr-NOxa1tm50f_qidLrDMHq9js_IHLNJpr0ZBKPrD863eFXn87_m0B0wUFX5aadiAGXSLeik2F3vV9gXbbypfrEV9qfHM5He8F2WdfTT4q2UvK9McV3jnMbE7mzYvDvmHmH7BRPosSMJJL26-IUAiZSCEy8WLnrDVml704upgYyeQEk4TcVPi7oYS2KGgcbljf6ymG-BoHvtsecFmCkjUkZMZClwyqAIj19_TwTBHhtYFI0uuyfJp9SBeUkRKHsb-u3nNo4AKfnsQMbIiAOQyOVyYpSxnhvIvFnWkrKxphM92dlD3HRvsJdHjzHQnneHOr9aK0AMLJEx6mT2pBbuxHMZYDU5eFvilYZh5BlHxRcEumXZWDJWcKZpRRXC56YZerDy6doquShyvNlg0t2D7-6a2IY9NlILSUNxFBW8rlGguJDOm2gGw&sai=AMfl-YSzVbetLMxyHgw0zmHH43R__DkBhAg4hi9Cq3fr-uc3OTZa076Rj0WubxeX-MJIG1lKVMOrgndABF_CQx5lunbjM2NO8CSkWKliivKOpJpNxtR2uMtTumUPxZMHAjCRGmVO0T_wP2ayMjPqWHdkOJ045GNVXdR2PTzXI04Vp_HbsqoVsIKN2DtutEj8tpdFfh_aiunp4afNE6nbG83qxB5VBDYChPuUwZVScE3DR9Yscju_lgrMOn46pkqexpDX0QVxyfFcS3H-s0QEOIfq87BWuE-jZIp0h37udjf4Mdl8EvThyHL1qOFO-IZ9qI4U7FtSDfqYdjbUo1FHRL-AM4zfU9XBrgbJbTPareh87oA9vw0N-m9_YVHzispyBBJbG8GoVZ_GtaM5Dkc&sig=Cg0ArKJSzNwv6-NJdLNyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220120.04424&adurl=

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 26 Jan 2022 18:53:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 24A0 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 15:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Jan 2023 15:54:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 24A0 42 B
63 B 117ms
74ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AG4j0Z450QTavT4_Jhpk3oRF_-GpZZHSxtZgSjJ29Zh-7IA69avMwSjNAboyMFEap8WRl1TtLkBc4Ir6ni4l0oKJyVC36NXNjPzXajd8VcZv9XuBY

Requested by

Host: ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com
URL: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 18:53:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 24A0 2 KB
1 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com
URL: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 18:53:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 24A0 122 KB
37 KB 145ms
101ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com
URL: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jan 2022 18:53:47 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 24A0 15 KB
7 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com
URL: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:50:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 18:50:39 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EA03 0
273 B 121ms
52ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhiFrZvAATAB&v=APEucNXbmlADCOazwY6J48CxeaLVD6pgximWdHg3j_yfbiOE_d9efz3ZLOMDmIJfRZnVpCupLxoB0tjp4H8Mv-GTWJ12nYRLyg

Requested by

Host: ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com
URL: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 26 Jan 2022 18:53:47 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Jan 2022 18:53:47 GMT
cache-control: private

GET
H2 200 16885997802885610643
s0.2mdn.net/simgad/ Frame 3179 23 KB
23 KB 152ms
77ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16885997802885610643

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff388f4a95d8ca756c1b0b4234a1d343c38c3f6a0a2d3909eb0f6f868ca013d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:06:49 GMT
x-content-type-options: nosniff
age: 208018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23263
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 16:10:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 09:06:49 GMT

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/ Frame 3179 19 KB
8 KB 77ms
42ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/abg_lite_fy2019.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 18:52:13 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/elements/html/ Frame 3179 6 KB
3 KB 74ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220120/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 18:08:20 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3179 0
571 B 229ms
130ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQGp5XZJ-w-XVZI3qxX9gTMdlGLDbc1pVNQ9skCDa9SQkdBFfVAhixM4LFwzbrgv2fJUhavFp9s1o6q7OTX2sWAozRByxho-gXqp-m9P8DCOwC0t11axKPhIUYEpyTpaLBnN8CKZMQp-PUtCyxIrhlL7oUHtyPvwbOl1GfMVpPVMJlL_PpX7j84ksf4297HB3NMv2t4JqfcJi1o-dpjbmECdTuBSAGl91jmmYGgLeuNI8jNva4fb3xRc_t_yloXc6tqAvkxGERWObF1x7hfRjGtc3tTs62cRvQ7koDjDqHLy8-VnY8bzpInaqdrh2TZZGRqtTtkCUXRpA4CiXbHgFQWs4dgtM5Bj-7EZ_BA6L0ACadSOAs0tS2UjDyX1AWfoebWWvx73j4yHMqjAZmM9gMnGGUyKGBU07wt-I4B6lammuaOsCxfC7ae9zBdjRbtIPN-udsV8LWThsICYrRphC86I_uaaG4xK5ywlve1MiOGVyZriU1moPRCeotr6Vx_V_5oGmQAbAWNWVV4VN2v9Znc1XcQ_qAqcyiYD0F4fHuRL1GOhL68BXNzAApx4sCxOoRggtjhJIte1xRbZ6fmUT_GY6Xol0h3TzrKl5iOXrs4HaqXBjq4yfE92kXRWSlun5BeGszNiCRllgEoS5Dp_DoBdF5eELD9LrIXW5uGpI5EjoX3r0rHzczxMwxB4kWWSbTE45SEBEHsKJnJgbHwcXHhFq2Ho7aatUIHYhtHuGXvYjGLp5ll8p07IH1_p8VKndbRSTrILA6VVlpiON6ZTeT5Kidy949pA4GeZxBvHxQXM1yp-XwcKST1h5CRxMHtzeDoj_cOr-Y1KpieKzXqXSpHVpPySaDf4Y1GEBlgx0la4k8Qr7SMDLKTb3zdj3usaC8VJUJfrtCVOygCW1MngYy2fYXOTwKo0ln_5sLRMNA0mmCWBD9hVHzTOJThqc8SrBV8k5yCvxRKRsLx9t81ncouqFnax-yW0vqXZnT2fUlVpn8OKrrLXuJGCqwOTAFu1yHsnHoDCyXdyg2wwLC-9--E6n55ONH2JVxO-nKDQc1GMQLzUZLfMwHMJbjooGIhOeiPZLMxJiyJes_g6Mb2SFyKX8qyQLjQk4kMwrigXQJHxcuaopO2WILmPOb8zLYh9WCSRxMDge9RZpVtFtYDZatmdt_NYVwu7hlrEFYeFBqS4SrR33q2VDMfijVtOKur9z-ClqlHrFgicRAr_g&sai=AMfl-YQe3sr1nfveGKwgeRECwrE14Sa6x-zcTn7kMXISII9RDSduSBYsJctrhgCTMO1LwQ7sxKzsIO529IBJBjKeJ6ATBTTH3Q-A2SGKtlqo3_ZRDuob8hSBu8zFfquaBvfK2w2Y4lWHV1rxJkZ3Oul3sLm7WoWEY3rZEVJ9V6K8rQlkUr8rcEYGUr_95RaRZwYoH5-fzIXDs61MiWQJHEkO7DtzIiSaEyxJghl6E3Gw3ufofhTOOzfGdE3TENRuz6OfR3PaNJxfz02-bXHf3K4fyLr7acTUJnGBCN0bIGJtkyWdnEJyq9Egk8q3FPQhC1phkFLmrkPgw9UjxpdY0o6jgkehfiLeCuzNL5BLrHsk_LmOytWdHwsEFyh1N2Kz9Hdi0dnVQ_MUffTTrnc&sig=Cg0ArKJSzEud9S0lIwgDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220120.59457&adurl=

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 26 Jan 2022 18:53:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3179 41 KB
15 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 15:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Jan 2023 15:54:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3179 42 B
63 B 104ms
72ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ce04s4JFXvr3PpMa8U6QaMrTA8_whot5M_9LLe8EPfxYrZw2gUMYqvNle_Zyf7UcJ5jNYAK3UHaMmNGICNvmH1X2DbRi_M0h8ChLWA72ZDc3fv0xY

Requested by

Host: ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com
URL: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 18:53:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 3179 2 KB
1 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com
URL: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 18:53:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3179 122 KB
37 KB 132ms
98ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com
URL: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:53:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jan 2022 18:53:47 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 3179 15 KB
6 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com
URL: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:50:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 18:50:39 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3179 0
0 134ms
47ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaREOeDVsa-AJHQmroIB3Yuf6RPhNP6EXxeVucBEuLZPIMlkZWiBMYmvb5rb0xJqDdUySSPq
Requested by: Host: ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com
URL: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 48D8 22 KB
8 KB 88ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 11:10:53 GMT
expires: Thu, 26 Jan 2023 11:10:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 27774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 91A0 22 KB
8 KB 58ms
41ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 11:10:53 GMT
expires: Thu, 26 Jan 2023 11:10:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 27774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 24A0 0
60 B 76ms
76ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 18:53:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js Show response
pagead2.googlesyndication.com/bg/ Frame 48D8 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 16:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13268
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 16:13:52 GMT

GET
H3 200 i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js Show response
pagead2.googlesyndication.com/bg/ Frame 91A0 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 16:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13268
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 16:13:52 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3179 0
60 B 77ms
76ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.newseveryday.com
URL: https://www.newseveryday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 26 Jan 2022 18:53:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 3179 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6625c42666c27c711157917ff7158fb2f2cd1332e5315acfbaab437e8a258bad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 24A0 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cee3f6f51374f0fc8f0bb4b026f9dd435ac7c3a9f91f3b59c6444aa2c258ec64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 48D8 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9OQ8u5jxYdn0BMS6lgSbzaHABwAAAAA4AeAEAg&bg=!iIuli8_NAAZ_DxPPfw87ACkAdvg8WvRUPw_WeGYTmWAV-t6wnTSNZX1_X__ZqID6aq1lAl5fHTy8ZgIAAABgUgAAAANoAQcKACfnnZAdzecyiAn5bz9SnHmzAFFFGAbmcAxWzRPaZ29DWQe0xJRGZcmZAvvx1fsG74M6wMiUM7rlcmnWJ8_3KgMkYJVUR0F-9oD7iCVG9wIZhAUUXQ_Tnn3ZVvxyVsS2T5RNoR1mzcDRpA7m3hoVKy5AAg3KpKk574SOiRTb40xaGZg7iFB7hxfQf8GGLWZoLrXihp5_wKokMoGHqiGZGGScFO_PivhJ-hdOeqhXVWebBknqiPE3WxYpMzA0j7GAbujK8QYChMbZrpqhMmmhpge5Z6_mhIQlHUj_CIJFdUKhQv--pfXc9oGttosYMbood-ReQnU92uyRiz-80j2_n9qUkNjrvjEVCOF9SuePjl-Uback-QDDqx9lljNh6CkH_cMn9TiKkIa8A1Er6FOg7CdRQSfnYJO3ycq61nqM8JnQteikgKPz5wcFbKzkMoVKML_mfAXMtzL9VEz4w-EH7Maxrkw4VeDWRAlR4YSPrLqbKG0smU7YS4TonGedTCe7mkRl5o7SOck-UxxwLZPnIG3etCNm7YNSS2vUpYTqfbV89IPnmMEDJavBzcTjcUWhSnqHbtHtQTV3VP9B3vy92W6UL_xZgI6q-BAD1Whqq8PXRbeIKfSuVZjTkuaf0bTCBMVCJ1Diynr9R4PKE4QWCX0DqS4ICmnUPC4gjhhhVJyRJDK0tsrG4vdKrt9lvTnbfoqH5Zi8MtUcanwdJrfGFgw2jLXGEkB_fCfpH4IiiWdWELJ0BoSONLKwMcKhRcI7yYZCjTTSq5FeiJhv-9Q41iPR5_PB3XWFod_HTRRZdq5l-W0nNFz50_j-L6b74w9cpj8pwS8HgTo3i-KNY5giqg80eWf0mrjtDBSpytwcBRWVX4S8CnpNLKjCnyU0-rhyRw1-5ZpujmPyj528yoMiwDhnQCqQzZnjfL1x7eqSiajbp3LlDcjkjgiwCfGQUr1g0t4MRODaly2aMzAreUsfAnqvX2m_tjVt2QVhvwf-ps8NVz6pgyyorq7QkpFysmsPYQBmdLEPIrEk33RjAuke_9cBarGyzmoyXxWPCo8ntoJC3LgydAiv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 18:53:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91A0 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdX1hu5jxYdr0BMS6lgSbzaHABwAAAAA4AeAEAg&bg=!ODulO3_NAAZ_DxPPfw87ACkAdvg8WgSdLg-UHBA3dOv59xFeCparRnyPD1yL91J-YO0j3amQVOvi0gIAAABuUgAAAAJoAQcKAH6xDeCLn3ed8DOKwSjE6VnzTvad_Frno9ROzCCC28NVpFQYD-exy90a6L6w6rr2qKNGFqC6MyJUNohO31u5j5zZaI6QuB3kQQ_cW6hQPC70D5ZZdolLWrdh-GQ6pkY20LzpbJrgflmV2Bd5V07aBOtNbeF6qhemIn8lRU5uxPyZAxFN3rsxo3RUGheR93a1Ry1oKKdHlWt9c3NHzXoEWbCmXgWsCYdCja4x0qmNoyM8Z8xXtUqqErg9cjwN3m60wguyApyUUgvHHRr49WT6p6PHO9xjv56CR08YT5ebrZPNHzLPGTWU9VYjCNllQf2ab96tPltWRh-ISSAobo4eH0do_iHBU3op10BY2WiwslgbP_-kbRR4HCxFAbCNoVZq6sadhlUQiwitmX7g9TO2gfCMpd7W-k5eF_OIl_m1Nb8g20LWMomMb6czy00OEMsNCJi6AsleEPxXQpNf0YdbhR6nTHF8Qvq6mgpTkK4nR3uGiSGG0WY5PRNv8KmEKwWAav_g8cs2cuyunXRHygYYu5St4h5J110eFto9cZ1QfMURl1XFJeIRccj4EmIna_FHu-rvV302OuJL-eM1CPUoJObXD9oBJjFHeV12LKhJII93JKi8UXBmJwBUl9-DXfV8Wc7SJYasWLVQ2x1LkNCIeUsGJ5Rfm3ElbUkqWcqy9-yLpTASmJsVdjHp0ilHOlJ0hykWU_Bd-NiCCl3zuLtve4CGAIZGE8TIUU43mGkezjsEBkZnAfVaSgPuTcuyQZuKt3HOhk0_C892_7H2VuYbaWIHh__Blf5mlF2RTg8v5Wsao7tOKYy2VcP2msJw2c2M7oJBUG66mmjtpaoplNwULlqqZNErH2G3KLWgSzhEZonsy45M7h_0AcvoOoTyA9c887JQ1Z1ilhC_4lefaikfPsFMh9JYfmNrWK_C1BF3E7dxetYK0K22cRag5TaMGpMTlWDw3KZgkRMO4CpKkW4rFsSp1uCQ_2PQzuTzg9_qKahFvKU3nAWw37KfTgSPA7Bu23lzqJvIil88pfDr2eHk_DVVcWCVxm16APYJrjOW_vLBGaZFe1EEWNNPahDY6hR8UPiZo5wyT36YTZkNnIP5QAgs0D930f4F1qXbIS-6W5wnYDMekzSoLEDgSKP8fihP-g1MVNopggAaiC1rF7BxeZbf8_J2FaUHC8ikmtyFpGGjrE1nbz-x8AHxys2yiCIDlfz_-A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 18:53:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B743 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 17:43:33 GMT
expires: Thu, 26 Jan 2023 17:43:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4215
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 01B8 783 B
536 B 98ms
49ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3d673380484ee74d79c06061614cbd68ffd8c9297710c10ff641f4085e59576

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+51JBRgmILIM24kIJiuZqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 26 Jan 2022 18:53:48 GMT
date: Wed, 26 Jan 2022 18:53:48 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-+51JBRgmILIM24kIJiuZqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js Show response
pagead2.googlesyndication.com/bg/ Frame B743 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 10:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13497
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Jan 2023 10:48:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 01B8 0
0 109ms
108ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=3445197507756344&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET generate_204
tpc.googlesyndication.com/ Frame B743 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=3445197507756344&bg=!h4SlhMDNAAZ_DxPPfw87ACkAdvg8WtwWLCIg-m4NcQvTbC5k61hQyRpDwZOi7hL5cBIu-jcApvgluwIAAABUUgAAAAJoAQcKAJcWVzKlBl9aBTEfeTuRRFC5nnzkcNU4YAtx1TediBXTTwM-PpIwx4qaK4ruSeYt03JCq_qYyyeSE6vAKCkvo3nFZa9phFJuPhc2L60BYQDqgNqbK-RAj6b0RIIG0c0zf08E2rfjbOON27Ugbj9cs4WGy5QsSjXcM9n74qV6dqzaMcQErk0VgKfAluj5Ol6mGPY4zDuFKbbPmQKxMMAwn7rPoZo3afWbSYD24mAOXwJzgHDvey4gJaZ0DJv6Ks9lHAVofSVdtS2zYoclIuMiOfVEy5weU6z7TY02KjS3nMlcWrV56os0gtfZYEO2PhtdtjJ5QNIxlk65THgMkiu4dqwIkyP4kq6CU8tEToliYWbMAqgp5MfE_eCh3vhgTUXdJrRTRcw5JLhKVH982K5aXr9CnBd0vL-py72Pf9uzeohG88J0U63UsMbUfxvYEt_vrtRsZv96X2T9fI8j4pW7RQ9eEeter_OeOmURmgg_SPwv7uF2HiuCQwK9r4Q7X4nvqZVOnCw4CV7DT7vgeIyR-cmqsK6V5lJbs6xU3O998gcwTX_5K_YksnPryxsxgjZx_vB52c2N6JGD-YrIG_0sO8lp1GMOvzYno2HcJkoITU03KJHkegRaicyWwGUhn5aQ-5qtPvixEl3wAhpz4_sQQAqUWjS9oL_uLmt_G7kdQMiJ_E-1QXqpH8n_Jnl2u8nqNKtjJY0OaIRkwfLz5dS3CA1POQx_ne5hjPU3Ej-VCS1L7VCGyYliNFW5idxY95FKrwyWrbUep7ZPs4G6w3148_T5oWFStERR7WF9b8Nrdyu8T_r6n-O0LgHRVI0hYaacSKA2r2hmTssys9Jcp8Zhpl4-mmS2P89ROtGgqQD8AUhfegpN8nReIOIoff7CdPAjMnHOPoQqsI1Hm4TznfBPXtYWr0TCcIPB51H1GFv8syaQaVwRLJt1DBjA4YklxnteRsfi1q5HeQjhr9fFMiKfD7ueXqFHuzWFMKlHJ9Vif9aLZwi41RXvQnatg-1PsmeFXOUTLuVElT8_9V0oE6WlVlYDT5AC2FxdTtlyl32WzFvivzvrThthE4ffp5XF2fER-gUHf5ypNJNNotn0o6s7aNYaYYZb4hsuqLNby0A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newseveryday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 18:53:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3179 42 B
64 B 124ms
77ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstonf94K6bhzAmeur7GTysEHLQIHZXUg231reBEheT5ghGri7FFw81EqpYobPauSRG18_JMzKA3VFEoe9Dt7yMnoIOXq-2E-mk5HNBa9n-bQPUfxj1a0w&sai=AMfl-YRDQ4umoT1beeNwmPpGggIB7-2jNfU3PFjzpqdHUWKdcQhZo9HuHIeD2-sYlKTrg0-dT2C3gpC9kJeLsmIXnnIvttPROh1wpZW71FppgfYsdS0pC9miy2sBBLJibPI&sig=Cg0ArKJSzLyKq35Im6UcEAE&cid=CAASPeRoaQ5SpPxRnSMaO0jV06qO-Igj5H8-WFQwjHOhURtHnhY93SHketNEW6J4OIlal4GcyxNyQNpqEVwVG-k&id=lidar2&mcvt=1000&p=830,1029,1084,1329&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220124&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3981841856&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643223227523&rpt=340&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 18:53:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 24A0 42 B
64 B 121ms
76ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxNBl8hHq7QiJDyPu2zTVbBkq109lhtFuSCQlW6O6tcrsejjFY4ZS_ltcEid_nEEhucyGBWM7ie6oQlewMgsAGyMxGgAKVJzXmlPjAOkXfilFOMf8qmg&sai=AMfl-YTeDKy9GlP0zM8czazco7M9ijBi39XZD2wOn0PSRma9OkfYfaKe-eZBxX7QsyAfUeiAW76OCRGVyOIfbJ6_rNFxijzIZbvc5UUAryMkyx3lZFj7WwsTjXqxNV0-Qr4&sig=Cg0ArKJSzDdMn4dbf9htEAE&cid=CAASPeRoXmkyI_-nXrYfW_Nc9gIRdHW7XcSe5VIBMzwuRSwnVNzh6JDsz0F9H19rVwYtvQb_9QtSm7QeJnitRbc&id=lidar2&mcvt=1002&p=130,1029,384,1329&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20220124&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3981841859&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643223227519&rpt=361&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 18:53:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?fFhHPg

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.newseveryday.com/	1970-01-20 09:57:17	Name: __atuvc Value: 1%7C4
www.newseveryday.com/	1970-01-20 00:27:05	Name: __atuvs Value: 61f198ba44f4e87d000
.addthis.com/	1970-01-20 09:57:17	Name: uvc Value: 1%7C4
.scorecardresearch.com/	1970-01-20 17:43:51	Name: UID Value: 1E09d104fb377ad9296d8321643223226
.quantserve.com/	1970-01-20 09:57:17	Name: mc Value: 61f198ba-9a8b2-48063-05627
.newseveryday.com/	1970-01-20 09:51:32	Name: __qca Value: P0-223797252-1643223226614
.newseveryday.com/	1970-01-20 00:27:03	Name: _first_pageview Value: 1
.newseveryday.com/	1970-01-20 09:12:39	Name: _jsuid Value: 2071338673
.addthis.com/	1970-01-20 09:57:17	Name: loc Value: MDAwMDBFVURFQlkyMjk0MTkwMjAwNTAwMDBDSA==
.newseveryday.com/	1970-01-20 17:58:15	Name: _ga Value: GA1.2.745698769.1643223227
.newseveryday.com/	1970-01-20 00:28:29	Name: _gid Value: GA1.2.1844378916.1643223227
.newseveryday.com/	1970-01-20 00:27:03	Name: _gat_gtag_UA_52977351_1 Value: 1
in.getclicky.com/	1970-01-20 09:12:39	Name: cluid Value: 2071338673
.newseveryday.com/	1970-01-20 09:48:39	Name: __gads Value: ID=10424b7afa86c649-22c854862acf00f7:T=1643223227:S=ALNI_MYWhEJUvmPrkMB-Ta2JWAQf-uE3pA
.doubleclick.net/	1970-01-20 09:48:39	Name: IDE Value: AHWqTUnHVtS8lyAw2hth-wCANZ6yupJTRbgaLd3Ru8Ax1ZjLAb85WMzONmLh9-40

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1366492296.rsc.cdn77.org
1639681107.rsc.cdn77.org
ads.anura.io
adservice.google.com
adservice.google.de
ajax.googleapis.com
cdnjs.cloudflare.com
connect.facebook.net
ebbf9c8990763143a3461061884326ee.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
in.getclicky.com
m.addthis.com
pagead2.googlesyndication.com
pixel.quantserve.com
platform.instagram.com
platform.twitter.com
rules.quantcount.com
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
script.anura.io
secure.quantserve.com
securepubads.g.doubleclick.net
static.getclicky.com
syndication.twitter.com
tpc.googlesyndication.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.newseveryday.com
z.moatads.com
s7.addthis.com
tpc.googlesyndication.com
104.244.42.72
142.250.184.226
142.250.186.98
18.133.97.68
184.30.24.121
198.145.13.14
2600:9000:206f:aa00:6:44e3:f8c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:135e
2606:4700::6810:dd1d
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:800::2004
2a00:1450:4001:802::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:400f:802::2002
2a00:1450:400f:80b::200e
2a02:6ea0:c700::2
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f22d:1c2:face:b00c:0:43fe
2a03:2880:f22d:1e6:face:b00c:0:4420
35.186.240.185
92.122.255.233
99.86.3.43
99.86.3.92
0383220765cc0f4bdaf58a65cd5837e1ac2779298f757c933aa8fc055d80976a
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
07bd3415a10c1e28f121f83385df47113ed4424508de494c85a95f4909adb8da
0d20921d3495b1d2c456ebde74dd61f180c7e849c78b0ddfa8357b83d517849a
10e3015a6c5f65884b3ee1265907d8c8a8b869a99158cea58e955ed96a7a74f0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
153bdfe98f0b45231d4ea5ecf699122df1b8f3620ddbf2e3289e61129483db69
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
25f44db80de0535f3816a4aba738b590435efe2a602a52d11bbdcc70fde81d24
27747a5a1f780e2a9d75576c2eb15cfdc6ed5d71cb6aa4368c3307c9974e1fad
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2df838461bf9f05b96d51ed69d758447d8b40281a9f5cac048d3799c871f39ca
301c7f8257485801c02235089470beacfe319494ddf042526b79019c3b6c96e8
3028ad692501830c5f13d7638c4445c1037c97ac8892c358a2eaa83b4eefe504
30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f
33df6cb47ce763d108a186d3667974e25a6da5106b271fe2f5414a04d35b82ab
3efb295535f851ec14b33ff0b2f5a13aa9761150168e88d1ebc9731748a39d56
41bc4d4fe88139d6ee89abfcb2abac71e1430d85dbffc0be7c8f6bd36f4ced7e
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
458632142ff634533e62ca19452984b1285456c760d9bb4ddc70610b7624f3f6
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4da1423e986c57d3271d8b7236d471ee03cb9b8eea9d56a32597df64081e4ce0
4fcee3e563cd0f4963fac555cb567d7d72dc11cef1d9c2d4ac931c78607b6090
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
531b96799a4dc30386c415d267c444f2117fde25a92551cf2a5ba6e31d164770
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5f56b50e672249b693fda9894e0dfadf927539ed769391e18675375a4459deed
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300ba1c19b24d427fdec05b16c8b7c85f21155097c82ffdced06192a5f70d31
6625c42666c27c711157917ff7158fb2f2cd1332e5315acfbaab437e8a258bad
6641525dab0863b8a51b24403a543a38f2f77403e73b6144ce195ade064afa1a
68642d9dce0bf6f2ee3debb3dc04974d1fb383e75fc9b2a16638734f113244d5
690af6714789686f16f0bde4518a96f2d6f2f2bb589c1e4308df549906362179
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e92ed2d364fb94642de787ddfff11b2a873cfbd00dfc329d0df9daaadbe2bb9
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7296714d4927c19e32c0c4b6bda27dd76440e4bb19e2a7fa2351660020a9e452
7518ebcb4b7c3c8b57541eee2f6ce91654af175bf76b9f280ad0c1ca3c908818
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
781a8922302b48b1afea93293539f1883d398dab74e6cfb322c8b7be029f12ea
79b8388b7202f0bef63e15cc6f9a0172def5016bc105aacf29f939ca45ff6ef0
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7e1118232be30930961993bbd54bdc38797314c497b74d1425caf9db5e784dcd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85da06819cf57856a37e37b6070436931a1a4f16d5255645cf2645ee864140e7
8657aee702f75f2e6ae8f29c42496b8d70c43f4188695f12b23d262f23ebbd8f
86a8e13947d005b3d811b6045b7cfca6f3595df1b41441854a404c72d772b410
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8ebe8ff2e3ec71888471bb0de83b7cf1bcf011add84080b787ede0285b591c63
8f166b5ac0ac036787279b63f945b302f90c938ab204aac1c565c34e62a3cac7
9284bb7e5f19ba81c4a9cfb24dfd5fc613e252ffd4a2950478036162497e05fd
9b579a8ea96e09208d465a8ed4b8b842bd7cecd5186b3b594bb19def39577817
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aabd0009fc8c170d63f016728977356733bb4f66dfe34b6ff0759316724f4ab1
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc
afda7d79c82e59e6a50de2e7b00efc09049ce34765144fcb20e7ca8dd91480a7
b51b3249807a62bed6df5563f59e5a25bb83bfab738a66f894df12e13fc30519
b81f8cd7da45c1ee0de13ba35868feb64f9b57d3240148dbd12909d274282c50
b9958a0e376dd24d15097d2c829fe32c78270828ea8d964c52eead7d105cb333
bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2
bd2c5d4e8d0340714051a47d48515852c98000a2e4940f5f5302f0c6b02a4ee1
bed098c35d99957d5f5816a2953cb765f339cf68aaac5fcd75e691de709b2fe2
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c74d5e7d6c98ffe40425bd4f4162fe24d570c763c5acc80c3cd94fdc08a2f713
c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cee3f6f51374f0fc8f0bb4b026f9dd435ac7c3a9f91f3b59c6444aa2c258ec64
cff388f4a95d8ca756c1b0b4234a1d343c38c3f6a0a2d3909eb0f6f868ca013d
d6b4de9df9ed3947016367470738ba89f143b0626ee86eef7d45991e97ddf6d4
d8647384e6833d9b894a3effdc0f875374b089e596836744f947d10bb268a1f1
de9aa1d1bb7a34ab0583eec465fc320ff0371792f5ef5b29b0a1b4ac2e04153d
e1ece626fe87a04169af2ab5669c3f92718e62755aeb00b17c9f817e0ce82c68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d673380484ee74d79c06061614cbd68ffd8c9297710c10ff641f4085e59576
e7c0991d44d04d906c7ffee0871cf272177a83e4af21102f362679053ba7be02
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
ef080dc21a1f970a0306d263f7844300221504f2619ac5dfcf97b3fb1a2fba62
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c5bccf6062e70bd721ce309005c42678c962d8bff12d6d2363f66cb44aae9e
faefca049955aabbbe189538aa896e61cf9ad28ba24d40c4c5fde973f1cf8e39
fc5871b46b466a3aa4408768fbfda3dc3d6ce65d98a0dbef0ba0000d9e80a9a5

www.newseveryday.com Open in urlscan Pro 35.186.240.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

123 Requests

96 %HTTPS

70 %IPv6

24 Domains

37 Subdomains

33 IPs

5 Countries

1855 kBTransfer

3880 kBSize

15 Cookies

3 Outgoing links

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newseveryday.com Open in urlscan Pro
35.186.240.185 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

96 %
HTTPS

70 %
IPv6

24
Domains

37
Subdomains

33
IPs

5
Countries

1855 kB
Transfer

3880 kB
Size

15
Cookies

123 HTTP transactions
1 data transactions