newsdirect.com Open in urlscan Pro
3.212.102.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ameritas.co.uk//
Effective URL:
https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Submission: On June 21 via api (June 21st 2024, 5:25:02 pm UTC) from US — Scanned from DE

Summary HTTP 85 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 37 IPs in 4 countries across 31 domains to perform 85 HTTP transactions. The main IP is 3.212.102.32, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is newsdirect.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 18th 2023. Valid for: a year.

This is the only time newsdirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.147.5 172.67.147.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	3.212.102.32 3.212.102.32	14618 (AMAZON-AES) (AMAZON-AES)
8	104.18.91.62 104.18.91.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:350... 2a02:26f0:3500:12::1730:17a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:440... 2606:4700:4400::6812:297c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:af5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:561e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:80ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4c8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:8911	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:f16c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
10	2600:9000:275... 2600:9000:275b:9800:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:4ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	18.157.128.118 18.157.128.118	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
85	37

1 172.67.147.5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.ameritas.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.212.102.32 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-102-32.compute-1.amazonaws.com

www.newsdirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newsdirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.91.62 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:12::1730:17a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.fuseplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f6cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:297c (United States)

ASN13335 (CLOUDFLARENET, US)

5691062.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:af5b (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:561e (United States)

ASN13335 (CLOUDFLARENET, US)

f.hubspotusercontent10.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4c8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8911 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f16c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:275b:9800:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.128.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-128-118.eu-central-1.compute.amazonaws.com

api.cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 5195 api.cmp.inmobi.com — Cisco Umbrella Rank: 16926	222 KB
8	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 9957	192 KB
7	newsdirect.com 1 redirects www.newsdirect.com newsdirect.com	52 KB
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 ad.doubleclick.net — Cisco Umbrella Rank: 164	176 KB
5	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 6027 js.hubspot.com — Cisco Umbrella Rank: 4457 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4515 track.hubspot.com — Cisco Umbrella Rank: 2823 forms.hubspot.com — Cisco Umbrella Rank: 6172	28 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 1087 api.btloader.com — Cisco Umbrella Rank: 1198	37 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 357 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 746	81 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71 region1.google-analytics.com — Cisco Umbrella Rank: 2355	21 KB
4	hubspotusercontent-na1.net 5691062.fs1.hubspotusercontent-na1.net	9 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	360 KB
3	hubspotusercontent10.net f.hubspotusercontent10.net — Cisco Umbrella Rank: 79819	1019 KB
3	fuseplatform.net cdn.fuseplatform.net — Cisco Umbrella Rank: 13728	171 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	73 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1092	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 8088	126 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3125 www.google.com — Cisco Umbrella Rank: 5	316 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1008	15 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1098	28 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	1 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 4790	927 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 4224	1 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2607	19 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5910	92 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2634	24 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5803	24 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3959	4 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6258	5 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	19 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
1	ameritas.co.uk 1 redirects www.ameritas.co.uk	560 B
85	31

	Domain	Requested by
10	cmp.inmobi.com	cdn.fuseplatform.net cmp.inmobi.com
8	cdn2.hubspot.net	newsdirect.com
6	newsdirect.com	newsdirect.com js.usemessages.com
4	5691062.fs1.hubspotusercontent-na1.net	newsdirect.com
4	www.googletagmanager.com	newsdirect.com www.googletagmanager.com
3	api.btloader.com	btloader.com
3	c.amazon-adsystem.com	cdn.fuseplatform.net c.amazon-adsystem.com
3	f.hubspotusercontent10.net	cdn2.hubspot.net
3	cdn.fuseplatform.net	newsdirect.com cdn.fuseplatform.net
2	www.facebook.com
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	api.cmp.inmobi.com	cmp.inmobi.com
2	ad-delivery.net	newsdirect.com
2	securepubads.g.doubleclick.net	cdn.fuseplatform.net securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google.de	newsdirect.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	unpkg.com	1 redirects newsdirect.com
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	ad.doubleclick.net	newsdirect.com
1	btloader.com	cdn.fuseplatform.net
1	cdn.id5-sync.com	newsdirect.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.jsdelivr.net	cdn.fuseplatform.net
1	perf-na1.hsforms.com	newsdirect.com
1	www.google.com	newsdirect.com
1	api.hubapi.com	js.hsadspixel.net
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	region1.analytics.google.com	www.googletagmanager.com
1	js.hs-banner.com	newsdirect.com
1	js.hsleadflows.net	newsdirect.com
1	js.hs-analytics.net	newsdirect.com
1	js.usemessages.com	newsdirect.com
1	js.hubspot.com	newsdirect.com
1	js.hsadspixel.net	newsdirect.com
1	app.hubspot.com	newsdirect.com
1	static.hsappstatic.net	newsdirect.com
1	cdnjs.cloudflare.com	newsdirect.com
1	fonts.googleapis.com	newsdirect.com
1	www.newsdirect.com	1 redirects
1	www.ameritas.co.uk	1 redirects
85	43

This site contains links to these domains. Also see Links.

Domain
www.newsdirect.com
www.newsdirect.biz

Subject Issuer	Validity	Valid
www.newsdirect.com Amazon RSA 2048 M02	`2023-11-18` - `2024-12-15`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2024-03-06` - `2024-12-31`	10 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
cdn.fuseplatform.net R3	`2024-05-08` - `2024-08-06`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
hsappstatic.net E1	`2024-05-08` - `2024-08-06`	3 months	crt.sh
hubspotusercontent10.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
hsadspixel.net E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
usemessages.com E5	`2024-06-10` - `2024-09-08`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
hsleadflows.net E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.de WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
hubapi.com E1	`2024-05-04` - `2024-08-02`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
hsforms.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
id5-sync.com E1	`2024-06-04` - `2024-09-02`	3 months	crt.sh
btloader.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-06-04` - `2024-09-02`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-31` - `2024-06-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Frame ID: 5350E3A107C14279A11BCC9BD1B32641
Requests: 85 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.ameritas.co.uk// HTTP 307
https://www.ameritas.co.uk// HTTP 301
https://www.newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-ap... HTTP 301
https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-ap... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

85
Requests

99 %
HTTPS

66 %
IPv6

31
Domains

43
Subdomains

37
IPs

4
Countries

2679 kB
Transfer

7635 kB
Size

17
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.newsdirect.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.newsdirect.com/

Search URL Search Domain Scan URL

URL: http://www.newsdirect.com/videovista
Title: VideoVista

Search URL Search Domain Scan URL

URL: http://www.newsdirect.com/blogbuffet
Title: Blog Buffet

Search URL Search Domain Scan URL

URL: https://www.newsdirect.com/benchmark-international
Title: Benchmark International Blog

Search URL Search Domain Scan URL

URL: http://www.newsdirect.com/directly-from-news-direct
Title: Directly from News Direct

Search URL Search Domain Scan URL

URL: https://www.newsdirect.biz/ramp?__hstc=16499497.3ab3995d63b79a2ec64eab2044da9ad5.1718990698676.1718990698676.1718990698676.1&__hssc=16499497.1.1718990698676&__hsfp=3598200494
Title: rAMP

Search URL Search Domain Scan URL

URL: http://www.newsdirect.com/prcg-sports-crisis-communications-in-sports
Title: Crisis Communications in Sports

Search URL Search Domain Scan URL

URL: http://www.newsdirect.com/pr-masters-series
Title: PR Masters Series

Search URL Search Domain Scan URL

URL: http://www.newsdirect.com/affiliate-avenue
Title: AffiliateAvenue

Search URL Search Domain Scan URL

URL: https://www.newsdirect.biz/consumer-product-review?__hstc=16499497.3ab3995d63b79a2ec64eab2044da9ad5.1718990698676.1718990698676.1718990698676.1&__hssc=16499497.1.1718990698676&__hsfp=3598200494
Title: Amobeez

Search URL Search Domain Scan URL

URL: http://www.newsdirect.com/can-you-guess-how-many-americans-successfully-retire-with-1-million-saved-the-percentage-may-shock-you
Title: Benzinga Money

Search URL Search Domain Scan URL

URL: http://www.newsdirect.com/moneywise
Title: Moneywise

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ameritas.co.uk// HTTP 307
https://www.ameritas.co.uk// HTTP 301
https://www.newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023 HTTP 301
https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://unpkg.com/isotope-layout@3/dist/isotope.pkgd.min.js HTTP 302
https://unpkg.com/isotope-layout@3.0.6/dist/isotope.pkgd.min.js

85 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request 5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023 Show response
newsdirect.com/guest-content/
Redirect Chain

http://www.ameritas.co.uk//
https://www.ameritas.co.uk//
https://www.newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

22 KB
8 KB

379ms
362ms

Document
text/html

3.212.102.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.212.102.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-102-32.compute-1.amazonaws.com

Software

nginx/1.21.1 /

Resource Hash

2b58b4a64351def938af665d8684ba06a6c25eeac186b26335a9c621c16234b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=5,max-age=5
cf-cache-status: EXPIRED
cf-ray: 8975b1ecce2d0827-IAD
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Fri, 21 Jun 2024 17:24:56 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=an%2BTLKnDKFahLSrIWLx1%2FgeVqGBG8jVNrBEKmTIGjhvxH4jvAthntyILK4RkgZ7A4gb5scTYRlG3g%2F0cTF5Fvyon7JzjR2Qe1yr3x0bVCSaA1gBl578pqVAjvrzGNofR6bjyMxC0r5RhjhxxabNVVwYw%2FHM%3D"}],"group":"cf-nel","max_age":604800}
server: nginx/1.21.1
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 135
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/cms-10-19-td/envoy-proxy-64f59868fc-qs252
x-evy-trace-virtual-host: all
x-hs-reason: No view mapper found to handle request
x-hubspot-correlation-id: 47c7660f-771e-436f-951c-e54489b85823
x-hubspot-notfound: true
x-request-id: 47c7660f-771e-436f-951c-e54489b85823

Redirect headers

content-length: 169
content-type: text/html
date: Fri, 21 Jun 2024 17:24:56 GMT
location: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
server: nginx/1.21.1

GET
H2 200 jquery-1.7.1.js Show response
newsdirect.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 92 KB
34 KB 320ms
314ms Script
application/javascript 3.212.102.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://newsdirect.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.212.102.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-102-32.compute-1.amazonaws.com

Software

nginx/1.21.1 /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:56 GMT
content-encoding: gzip
via: 1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 8208599
x-amz-cf-pop: JFK50-P3
x-amz-version-id: null
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Nov 2014 17:03:30 GMT
server: nginx/1.21.1
etag: W/"ddb84c1587287b2df08966081ef063bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCG2EzCOhe0EUD70TUjrrHAPDFiBzVyV1XLfKJNJER%2BBoc4cy%2Ba3wHskrTIbE%2FMeTsTOGqp%2FU65NrrZ6mvxy6aCtZvmb9AM6PqdpOZ6LJN%2Fkxnp59UxCIjLcr4qGmfLyHzvIywO76nP6WJdpLKTaDKLHoDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8975b1ef2b5329b6-IAD
x-amz-cf-id: PqmtE__v-lukkLImm-JMYzXuN6b9mwJYLnLiOHgMYIs__e4obtOj6w==
expires: Sat, 21 Jun 2025 17:24:56 GMT

GET
H3 200 newsdirect.min.css
cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043729886/1622202155019/News_Direct_Theme/css/ 1 MB
159 KB 209ms
143ms Stylesheet
text/css 104.18.91.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043729886/1622202155019/News_Direct_Theme/css/newsdirect.min.css
Requested by: Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.91.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b82ae1ebe6e9f83f73cb754e044fa16d9637f7939bdabfaeaf76cfdcbab81125

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 398242
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"b3896d4af0f31d19ac4d8f9635f50490"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1622202158600
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 21 Jun 2024 17:24:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: acc625f1-be07-4198-b1ae-89fb187c94c3
x-envoy-upstream-service-time: 277
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: acc625f1-be07-4198-b1ae-89fb187c94c3
last-modified: Fri, 28 May 2021 11:42:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P6g8wfoYwvBARhIOkrGDUZgHQCJviTvp40albTS6E7wHqv6NgjEkr%2Fac9023eYJXj6VZqwkknGp4z8NiQ4uU4ATVfQMSPVjzTFMBRvDSnycpYX5kktE%2BoJeKhrw2YlERFns%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-687b456bbc-t8n7b
cf-ray: 8975b1ef3c3fbf29-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 main.css
cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043518001/1708668111675/News_Direct_Theme/css/ 53 KB
15 KB 257ms
192ms Stylesheet
text/css 104.18.91.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043518001/1708668111675/News_Direct_Theme/css/main.css
Requested by: Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.91.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0d7bdc608132b8246ddf7ced6c0f78de99f6c3676390e5dbb7aba126cf1f128

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 6652
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"99d816883b76e6eba6ef5bcd512b27a7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1708668111675
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 21 Jun 2024 17:24:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 105e7ad0-f8e1-4265-8615-aed94e394cc8
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 197
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 105e7ad0-f8e1-4265-8615-aed94e394cc8
last-modified: Fri, 23 Feb 2024 06:01:52 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=juTMnST8WKDRVgbxLa2b8Qgh7pXhSRvfxSiGIx%2FSM%2FSSe4PSsbGaeWhwm5jGvlbcAmzpKGiJGTe%2ByDG9SwvxAh1FPR%2FQ5ohXlcR%2FniABGyGM8AnF2MYSOFJsoyx%2Bjvna%2FBU%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z
cf-ray: 8975b1ef3c39bf29-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 theme-overrides.min.css
cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043688340/1632518668908/News_Direct_Theme/css/ 13 KB
4 KB 401ms
336ms Stylesheet
text/css 104.18.91.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043688340/1632518668908/News_Direct_Theme/css/theme-overrides.min.css
Requested by: Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.91.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7b92b7143625ae61e8690fe18bbd51b7cbb72539d715062a583ac00c461ea82

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 398242
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"ca929c1803641839c421bfc1029aa680"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1632518669034
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 21 Jun 2024 17:24:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: b26d9d4e-a7e7-468a-b5d5-275c29162fae
x-envoy-upstream-service-time: 228
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: b26d9d4e-a7e7-468a-b5d5-275c29162fae
last-modified: Fri, 24 Sep 2021 21:24:30 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aXv9Gm2GavkpOy%2FffF1usHjBSZXxN%2FuMNUwN%2F9%2BDP7ouxnW6lJ9jTS5W9f4o7YgNipIIqsDLGaYyxa%2BJGAEmLOMFwCfrU2N1njpaEQ3nW%2FYoIeV9U8p5nSnHthGG15f%2B9Ig%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6
cf-ray: 8975b1ef3c44bf29-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 custom-styles.min.css
cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41066413777/1708666488638/News_Direct_Theme/css/ 24 KB
8 KB 402ms
338ms Stylesheet
text/css 104.18.91.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41066413777/1708666488638/News_Direct_Theme/css/custom-styles.min.css
Requested by: Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.91.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 959a9634f70d3b541ff63f77a8025b1fb507a0a57438cbcfa6c5d6ea2ce2e9e2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 6652
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"b69da6499d6c1807311084a643136f98"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1708666489470
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 21 Jun 2024 17:24:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD66-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 1d4401b0-aa36-4fd4-831e-b4e0d2b24009
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 210
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 1d4401b0-aa36-4fd4-831e-b4e0d2b24009
last-modified: Fri, 23 Feb 2024 05:34:50 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BUoObAZLCr1%2B9RLNMamIn%2BVhALi7KqYLPlqOZeyEnXNx5rNEyLVfTBEWT2EljGtz7tEkshIh9BKNCgi6RwO3%2B%2F5%2Bcs%2BXqoep352Pql7NRKMvSrZaf2j83T3TjY25XQWRwGc%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-6f9f79465b-qd96f
cf-ray: 8975b1ef3c4cbf29-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 module_41043692174_menu-section.min.css
cdn2.hubspot.net/hub/5691062/hub_generated/module_assets/41043692174/1622211301882/ 4 KB
2 KB 399ms
335ms Stylesheet
text/css 104.18.91.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/module_assets/41043692174/1622211301882/module_41043692174_menu-section.min.css
Requested by: Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.91.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f85ad9df8d71ac4417a1691718a9dd7997a7889297f851efb65f2a246cef1fe1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 398242
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"f790847d30f1ea4230ec82f43b87389b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1622211301882
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 21 Jun 2024 17:24:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: b1d2a7f2-baa7-48e6-a6a8-614490a571fa
x-envoy-upstream-service-time: 181
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: b1d2a7f2-baa7-48e6-a6a8-614490a571fa
last-modified: Fri, 28 May 2021 14:15:02 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M7nCS9Azm9d8lsUbsWeThZrV2tIS53xEnJeQFtZXvxkkxQb07cxBHZ2MVoWQWkZCtO5HCRA64zGkN4ngpiJci3JqncOgpMLcriejqrN%2Fx3M9b%2F3Q5p5FDbx3gGEqoTJdwas%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6
cf-ray: 8975b1ef3c41bf29-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 module_48045610404_footer-mobile-nav.min.css
cdn2.hubspot.net/hub/5691062/hub_generated/module_assets/48045610404/1703228624924/ 178 B
1 KB 401ms
337ms Stylesheet
text/css 104.18.91.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/module_assets/48045610404/1703228624924/module_48045610404_footer-mobile-nav.min.css
Requested by: Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.91.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21edbf5f1ea58c709f2b16fa8223533a366dc03d4565ad6e9148f5f54b17bb25

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
age: 398242
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"b67f011544fa875d444f52520fa2e108"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1703228624924
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 21 Jun 2024 17:24:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: c567c2ae-49ff-4925-aefe-429761828ad8
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 177
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: c567c2ae-49ff-4925-aefe-429761828ad8
last-modified: Fri, 22 Dec 2023 07:03:45 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kuN%2BGR9jk8FQSO23ypyiHuxkVuyxt1MVo%2BeUUvGgik74ULxUiNP5c78jz91RBdpePuxvnIZgKjPs90ubD7HIDyGTzr6UzP%2Ftjv9EwkxFhWYM%2BUEWnw4YJywT%2FsB8c%2B9i2w0%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6
cf-ray: 8975b1ef3c48bf29-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 162ms
70ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-160062440-1

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8bc45f7842e583bd510859d672ca63742ccff74ce6abb012d60b2734558fbf27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76726
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 17:24:57 GMT

GET
H2 200 fuse.js Show response
cdn.fuseplatform.net/publift/tags/2/3472/ 280 KB
69 KB 680ms
557ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/publift/tags/2/3472/fuse.js
Requested by: Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 783648f50f42c58fc95c2b5d93f5296a12e6c3bf350d55bf8b7df431bd4cc88a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
content-encoding: gzip
last-modified: Fri, 24 May 2024 06:35:57 GMT
server: AkamaiNetStorage
etag: "01e0cc1e12fd722a78e705b7a07410de:1716532556.553764"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 70499
expires: Fri, 21 Jun 2024 17:54:57 GMT

GET
H2

200

isotope.pkgd.min.js Show response
unpkg.com/isotope-layout@3.0.6/dist/
Redirect Chain

https://unpkg.com/isotope-layout@3/dist/isotope.pkgd.min.js
https://unpkg.com/isotope-layout@3.0.6/dist/isotope.pkgd.min.js

35 KB
14 KB

56ms
56ms

Script
application/javascript

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/isotope-layout@3.0.6/dist/isotope.pkgd.min.js

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://newsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 21 Jun 2024 17:24:56 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8637886
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWFHER0CR41YT93JDY2H2C4-fra
server: cloudflare
etag: "8a75-xOWZTyTujI0s8tZgLwtWuQlqLpg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8975b1efda6591dd-FRA

Redirect headers

date: Fri, 21 Jun 2024 17:24:56 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J0XWVABB4ZVE1K2446CXET9C-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 444
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /isotope-layout@3.0.6/dist/isotope.pkgd.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8975b1ef59ca91dd-FRA

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 141ms
51ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jun 2024 17:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 17:14:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jun 2024 17:24:56 GMT

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 100 KB
19 KB 105ms
57ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://newsdirect.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 688099
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18861
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-49ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hEyzYmVSu8b2UHblkioSSnlpm9o5WBxjVudJYPtFEvmm2o9308BXw9GFoLfQUiShA5msGaURTceEWG8wJNh4PAjpLErVSopEcxoyrvhftTyVZT9C7Uv0Aw2FglKTZy1vQjCWIIzO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8975b1ef18c835f6-FRA
expires: Wed, 11 Jun 2025 17:24:56 GMT

GET
H2 200 NewsDirect_MarkONNAVY_RGB-Feb-11-2024-07-08-28-6843-PM.png
5691062.fs1.hubspotusercontent-na1.net/hub/5691062/hubfs/ 6 KB
6 KB 225ms
120ms Image
image/webp 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5691062.fs1.hubspotusercontent-na1.net/hub/5691062/hubfs/NewsDirect_MarkONNAVY_RGB-Feb-11-2024-07-08-28-6843-PM.png?width=720&height=720&name=NewsDirect_MarkONNAVY_RGB-Feb-11-2024-07-08-28-6843-PM.png

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3de2cf08070f0039b6a0fdfa14b554a29c670c716071eeff76598d1ff8e18f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:56 GMT
via: 1.1 7f7e359e1c06a914d3d305785359b84c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-156468642836,P-5691062,FLS-ALL
content-length: 5764
cf-resized: internal=ok/m q=0 n=189+99 c=2+29 v=2024.4.0 l=5764
last-modified: Sun, 11 Feb 2024 19:08:29 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfqvs1X5t-twNBNmDMKMfMTA0JkObdVE4CN3oWztBYDQ:1b63ba379b45a12b7ffcc404a8ecc3ca"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8975b1ef7ff92bf5-FRA
timing-allow-origin: 5691062.fs1.hubspotusercontent-na1.net

GET
H2 200 Menu.svg
5691062.fs1.hubspotusercontent-na1.net/hubfs/5691062/raw_assets/public/News%20Direct%20Theme/images/ 617 B
760 B 892ms
891ms Image
image/svg+xml 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5691062.fs1.hubspotusercontent-na1.net/hubfs/5691062/raw_assets/public/News%20Direct%20Theme/images/Menu.svg
Requested by: Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6f59c93d2a3daaf97137639b5a3144859d90a8a809c6f01478e75e5b643200

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:58 GMT
via: 1.1 1903071a927324e2fb28199ee96c4bb2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
x-amz-meta-cache-tag: F-48003542793,FD-41043654532,P-5691062,FLS-ALL
x-amz-version-id: WOdJQi4EsOa67MyD5xytm.48.EzEajIx
x-amz-cf-pop: FRA60-P7
x-amz-request-id: 4PN1PN37EJVHKH3G
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
edge-cache-tag: F-48003542793,FD-41043654532,P-5691062,FLS-ALL
cache-tag: F-48003542793,FD-41043654532,P-5691062,FLS-ALL
x-amz-meta-index-tag: none
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-id-2: AWj8g+veQVaYwETWQJBfm/dRNvYOeXpjavwFgQHa0rpQboqMStxC8PxVwP7qkl6dfDcO53E4RmNwfZJWaUV00Dpr00EvuwN+C1/yiov2X+Y=
last-modified: Thu, 27 May 2021 19:04:53 GMT
server: cloudflare
etag: W/"34b6c0921403f045124873a9df7f8e23"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1622142292673
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8975b1f19adb2bf5-FRA
timing-allow-origin: 5691062.fs1.hubspotusercontent-na1.net
x-amz-cf-id: puNN2AB0uKGf1IYoh7GItGR-8aYHFgeS6uAgm6hmRk1I7XNmVvlHUA==
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 Close.svg
5691062.fs1.hubspotusercontent-na1.net/hubfs/5691062/raw_assets/public/News%20Direct%20Theme/images/ 630 B
1 KB 76ms
75ms Image
image/svg+xml 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5691062.fs1.hubspotusercontent-na1.net/hubfs/5691062/raw_assets/public/News%20Direct%20Theme/images/Close.svg
Requested by: Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c46dd569fd343033bf8b4d282c7394c7628756dabd3f5ae5a1ca5db4365ce27

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-48005355957,FD-41043654532,P-5691062,FLS-ALL
age: 377602
x-amz-request-id: R1N0H48M6GCX28Q5
x-amz-server-side-encryption: AES256
edge-cache-tag: F-48005355957,FD-41043654532,P-5691062,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"08a8c2f878d4556a9fabaaecfdd43ed6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1622142292662
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 21 Jun 2024 17:24:57 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 1Q6MpWDdfzqBSv._T.UKi_KTullsZV.Q
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-48005355957,FD-41043654532,P-5691062,FLS-ALL
x-amz-meta-index-tag: none
x-amz-id-2: uBKWJsyQwSnAbJwfsSYJzl3p6q5l1fRn5LpDvgMCiYSLOWhAONVCMD19uE2NLJIZxd/u/ae73EA=
last-modified: Thu, 27 May 2021 19:04:53 GMT
server: cloudflare
cf-ray: 8975b1f19ade2bf5-FRA
timing-allow-origin: 5691062.fs1.hubspotusercontent-na1.net
x-amz-cf-id: PO_-Sed988ckLfKqMQ30wCtfRb43NInNEC094BzPJBnzLsRROVmaSA==

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.971/ 13 KB
5 KB 174ms
76ms Script
application/javascript 2606:4700::6811:af5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.971/embed.js

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:af5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98dfeb1d061e8788b320a130a84723813efed0b2518921f30b40cc8a09bf8ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
x-amz-version-id: 1gm1MaaLzWiIBc2FerIVtLdckhSMSaY7
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
age: 1235711
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jun 2024 15:05:39 GMT
server: cloudflare
etag: W/"26c40482b55a607cd44486a2958741d4"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YrENTHqyLTpMVhDE4Ar6FN2yVTEeWwvl7WoytXl1wHHzTFM%2F%2FAU2GO%2FEYIesg4vlBse%2ByDvf3vedNFdw%2B1SZLjUxXxh0VQja1l%2B5%2BeneVj%2B6N2fzybc%2Fq%2FW%2BRmBBn97iGFeqorbub6Hc6LQdcHhY6Y8kEdk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8975b1f23ee8912a-FRA
x-amz-cf-id: lEGvwrTGJqZ2O6fxk0_3bnjSm4fK8__hUDVF23Uszs_fPcZWhCrfhQ==
expires: Sat, 21 Jun 2025 17:24:57 GMT

GET
H3 200 main.min.js Show response
cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41044183505/1622202153243/News_Direct_Theme/js/ 1 KB
2 KB 174ms
174ms Script
application/javascript 104.18.91.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41044183505/1622202153243/News_Direct_Theme/js/main.min.js
Requested by: Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.91.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2db8deb6e51f3c2a04cf60a0420bc305122df58418be8fa3f8230f482b06828

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
age: 398242
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"59b039040e03c800cd7a424855d9d5a1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1622202153572
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 21 Jun 2024 17:24:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 6bd1a152-874a-415d-ab54-287be0649a7b
x-envoy-upstream-service-time: 148
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6bd1a152-874a-415d-ab54-287be0649a7b
last-modified: Fri, 28 May 2021 11:42:34 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CZGIeBcRZ7Fw7IOf3%2By9jygk1u63mXOQaKQjOec5YZ7aRfi3666IXYkC0PVHn1TmIeQP1qyE8L%2B9RE8vzmcLIw3tb%2FhdWDksiwY6PlMz1GY8uowYQz2ivL9IEhHgj%2FpgMLw%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z
cf-ray: 8975b1f03daabf29-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H2 200 project.js Show response
newsdirect.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
2 KB 316ms
315ms Script
application/javascript 3.212.102.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://newsdirect.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.212.102.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-102-32.compute-1.amazonaws.com

Software

nginx/1.21.1 /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
content-encoding: gzip
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 8212558
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: nginx/1.21.1
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lGfUJC%2FTwJEgYZWUoSaZ32oC2MOI2IyegaEO9qVs2VwGs5RTtniCBGOnKBPFGp%2F9atONdxCMmyGqd9E2wcZoVEplSuHyb4Rnd9YHLwBfUdMpSoclne2U2tuSFA3HHLnQN5Rl3By8EVHGEV6tS2OC510x%2FX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8975b1f08b719c42-IAD
x-amz-cf-id: 6GT9JKvCSseWzk8KQxbANK06zlOuaZRCtHF26A_I1NUK7uMJ3BGIlg==
expires: Sat, 21 Jun 2025 17:24:57 GMT

GET
H3 200 module_41043692174_menu-section.min.js Show response
cdn2.hubspot.net/hub/5691062/hub_generated/module_assets/41043692174/1622211301701/ 2 KB
2 KB 81ms
81ms Script
application/javascript 104.18.91.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/module_assets/41043692174/1622211301701/module_41043692174_menu-section.min.js
Requested by: Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.91.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93f62f58c1b2bfbe94bb13e1e5cca57f6c27baddf7787c47f37b5914be180433

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
age: 410598
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"7f6c96105e49025e4c4f70a9d87f635c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1622211301701
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 21 Jun 2024 17:24:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: b1682f18-7e4d-447c-b0ca-47facd38f183
x-envoy-upstream-service-time: 129
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: b1682f18-7e4d-447c-b0ca-47facd38f183
last-modified: Fri, 28 May 2021 14:15:02 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6r9o04n6ssSJcUb67ZEAdgTk2%2FnN2gD3tAa5NUcCZCbm5K8bKIGFwRTDIoAGehp4YpLSgA%2BWk40hoiu%2Fx8tXhBWnai9iaTQ93mmvpeQTbC2GJ6u9QRcrMys69c7ufL3o44Y%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z
cf-ray: 8975b1f18f63bf29-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H2 200 5691062.js Show response
newsdirect.com/hs/scriptloader/ 3 KB
2 KB 272ms
271ms Script
application/javascript 3.212.102.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://newsdirect.com/hs/scriptloader/5691062.js

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.212.102.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-102-32.compute-1.amazonaws.com

Software

nginx/1.21.1 /

Resource Hash

74be25be6ad3ce39c502e146bfb58d42ed3b8ef9050814fae09065f61e2eb7ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 69
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7907a986-dc35-4170-96ea-bce5b795120e
x-envoy-upstream-service-time: 37
alt-svc: h3=":443"; ma=86400
content-length: 701
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7907a986-dc35-4170-96ea-bce5b795120e
last-modified: Fri, 21 Jun 2024 17:23:48 GMT
server: nginx/1.21.1
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://newsdirect.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-94hvq
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KrWNfOoJwns4ozgv5DzQp8Z1ymGKyjOMncrbSw%2FNMxWcX6s3vYMpRskFAtzH6BG6bDCkyVeYCoQtgxq6aVKmBV3tkL2fpSAFrS%2Fx1yvgVlgRHlNl3htvnlA0Lk%2FoSgWeisWHZLvPI%2Bk24zrMT0%2FR1K94mhc%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8975b1f1ecd95a76-IAD
expires: Fri, 21 Jun 2024 17:26:27 GMT

GET
H2 200 index.js Show response
newsdirect.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/ 12 KB
5 KB 258ms
257ms Script
application/javascript 3.212.102.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://newsdirect.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.212.102.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-102-32.compute-1.amazonaws.com

Software

nginx/1.21.1 /

Resource Hash

f826bcac220a5475477ee65fae659b0d8292d038d180a122df67fadb6742ed52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
content-encoding: gzip
via: 1.1 1ac532da7db85d551ad10ca7bd9957b8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 8039479
x-amz-cf-pop: IAD61-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: 1rlxLpliQ7bEVIEMqiesE48_Sx9RmqkP
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Mar 2024 15:59:57 GMT
server: nginx/1.21.1
etag: W/"5885ac5129ee80f8b7e1e228e142587d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rzRrfdp4pkSN5vvDRHrKZLTOs2jes5sJpPH9j%2BCQ41p1oph370R1UIvZWsRC%2FKyY8AV%2FrVsIcyB0ydjNBRZGy6x7qAdWdBN2QB9bVlkhb27DIXYZghLbFXccJ%2FkJ%2BmjKomJazUh5yA2dO0t7YaTYMJrnbYk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8975b1f1ef945973-IAD
x-amz-cf-id: RyO78IWr-HNjMex5VALU9alUU7o12DKN8qB9eCRqctsyZL4cabjAEA==
expires: Sat, 21 Jun 2025 17:24:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 253 KB
90 KB 215ms
125ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NT7BQ3Q4

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c06cb08a61962254d6e4841b4664004ddf0f52b9f95f7d8577f0cdef0e129fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92068
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 17:24:57 GMT

GET
H2 200 Hurme-HurmeGeometricSans2-Bold.otf
f.hubspotusercontent10.net/hubfs/5691062/fonts/ 357 KB
357 KB 243ms
143ms Font
application/x-font-otf 2606:4700::6812:561e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://f.hubspotusercontent10.net/hubfs/5691062/fonts/Hurme-HurmeGeometricSans2-Bold.otf

Requested by

Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043729886/1622202155019/News_Direct_Theme/css/newsdirect.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:561e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1199deed4086cac3beaab066c39d29685ceb66e6fd19b8effd79fcbcc71c17cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn2.hubspot.net/
Origin: https://newsdirect.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-cache-tag: F-41067117986,FD-28402948615,P-5691062,FLS-ALL
age: 446254
x-amz-request-id: M0QHNBCBH1F4H6WR
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41067117986,FD-28402948615,P-5691062,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "67e178c65bdfa1e29ae91ca24862544d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-font-otf
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1611853166299
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 21 Jun 2024 17:24:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: yVK_QWYRjtkx8.R3s4KbnlT24HpB17Cm
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-41067117986,FD-28402948615,P-5691062,FLS-ALL
x-amz-meta-index-tag: all
content-length: 365144
x-amz-id-2: 4OAHogTad2AI3XhUSQBvRDQjoOUtAwmhG091m1+RROlN37/R9MGsGHHc7kZpkCFTjRuD/28d8/c=
last-modified: Thu, 28 Jan 2021 16:59:27 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8975b1f25b82a5f9-FRA
timing-allow-origin: f.hubspotusercontent10.net
x-amz-cf-id: f22kpbNhiQ7JHR5ppyJcMxgck_HwKFt8ITwcAjE7YEKPfVlZJiV66w==

GET
H2 200 Hurme-HurmeGeometricSans2-Light.otf
f.hubspotusercontent10.net/hubfs/5691062/fonts/ 334 KB
334 KB 243ms
143ms Font
application/x-font-otf 2606:4700::6812:561e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://f.hubspotusercontent10.net/hubfs/5691062/fonts/Hurme-HurmeGeometricSans2-Light.otf

Requested by

Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043729886/1622202155019/News_Direct_Theme/css/newsdirect.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:561e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4f9ff10be3eeaff61855fb05c3cec1825ad0ff84708e9795e024835b344f54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn2.hubspot.net/
Origin: https://newsdirect.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-cache-tag: F-41067288680,FD-28402948615,P-5691062,FLS-ALL
age: 753464
x-amz-request-id: 8Q6CFDX7R9WRAW1V
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41067288680,FD-28402948615,P-5691062,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "3289e6bebbfc5c098a82c79b1f61c2e1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-font-otf
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1611853166494
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 21 Jun 2024 17:24:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: JNkt_30L6fxead1ACdfb8r2vKNeGn8cy
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-41067288680,FD-28402948615,P-5691062,FLS-ALL
x-amz-meta-index-tag: all
content-length: 341580
x-amz-id-2: W/maP+H9a4dOaCi1RPk3xfG0v2MjnGJTebrtmgooXckjJgErv6iZJFnHsEbUMdCGsnRldY/lVtA=
last-modified: Thu, 28 Jan 2021 16:59:27 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8975b1f25b7fa5f9-FRA
timing-allow-origin: f.hubspotusercontent10.net
x-amz-cf-id: c3yXYmMpMXnmUIl6jvCK9twkAExbhBAdT_cqtiBWhY5ugXMLXMDMvw==

GET
H2 200 Hurme-HurmeGeometricSans2-Regular.otf
f.hubspotusercontent10.net/hubfs/5691062/fonts/ 326 KB
327 KB 201ms
101ms Font
application/x-font-otf 2606:4700::6812:561e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://f.hubspotusercontent10.net/hubfs/5691062/fonts/Hurme-HurmeGeometricSans2-Regular.otf

Requested by

Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/5691062/hub_generated/template_assets/41043729886/1622202155019/News_Direct_Theme/css/newsdirect.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:561e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b9c9a65c75a19e22ae5ebd87d6b04f1e1088d0ef0ff4802367301619c610638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn2.hubspot.net/
Origin: https://newsdirect.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-cache-tag: F-41067121036,FD-28402948615,P-5691062,FLS-ALL
age: 81946
x-amz-request-id: M0QPTR3GBSK8EVV2
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41067121036,FD-28402948615,P-5691062,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "ac936ad13b87ff77d904e57d48258422"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-font-otf
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1611853166496
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 21 Jun 2024 17:24:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 783a2e1eae90b7e367c282f984f64e36.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 5xkTYB3abdyX6HjiHZJBYQjfifqsFUlE
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-41067121036,FD-28402948615,P-5691062,FLS-ALL
x-amz-meta-index-tag: all
content-length: 333528
x-amz-id-2: AkXf0ja9Klsm0nR8nigpJYRFGIy4g+ecjUAYDs4AbtwbPjsHh2eefOCvGlnp3F0TqsWXopP2G4w=
last-modified: Thu, 28 Jan 2021 16:59:27 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8975b1f25b84a5f9-FRA
timing-allow-origin: f.hubspotusercontent10.net
x-amz-cf-id: oxntf-hJXt1Y7l8eQSrWcgAC63SfeAFz0ejxd059VkEPay9Ua6ntEg==

GET
H2 204 has-permission-json Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
1 KB 383ms
286ms XHR
text/plain 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=5691062

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: dac41f59-f8b7-4a40-abea-285aa49c2782
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8975b1f3df745c38&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: dac41f59-f8b7-4a40-abea-285aa49c2782
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
access-control-allow-origin: https://newsdirect.com
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-5s6qd
cache-control: max-age=0
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 8975b1f3df745c38-FRA

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 157ms
59ms Script
application/javascript 2606:4700::6811:80ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/hs/scriptloader/5691062.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c114a5641b9988aecb7a00c47bd1d37d912883ff4ef9c3b9fe6ad21603ab1066

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
x-amz-version-id: 7Zz_oLsqoY3yHsxt9nM5YRwsj1MKwqFV
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 270
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.565/bundles/pixels-release.js&cfRay=8975ab59cd5436de-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 76dafb45-8437-4502-8d46-76a1c317ea07
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 4
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 76dafb45-8437-4502-8d46-76a1c317ea07
last-modified: Tue, 18 Jun 2024 12:46:30 UTC
server: cloudflare
etag: W/"b233ea75981268a81228cd819e8fd5eb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: MISS
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-rqmnf
cf-ray: 8975b1f3ffe99f36-FRA
x-amz-cf-id: RjI0qZhfgD-LSPFLgNR7ZXmS1mMTYiPLYUwUXH1-Ejv2itn0SCzDWQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.565/bundles/pixels-release.js

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 82 KB
24 KB 276ms
173ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/hs/scriptloader/5691062.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab1fca31f7e7a89c198881e69c42c6bb3578b7d55f2cee7463b96360feaf7eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Origin: https://newsdirect.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1194/bundles/project.js&cfRay=8975b1f3fa5f2c4e-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"50f2e99c1f025777ca05bdae3cfcf91d"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1194/bundles/project.js
date: Fri, 21 Jun 2024 17:24:57 GMT
x-amz-version-id: MDb_7hFyElKIrRJmReYAEj96Es7nef4a
x-content-type-options: nosniff
cf-cache-status: EXPIRED
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: e60a4d8d-5d8c-4bf9-900b-0e50df57fcbb
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-request-id: e60a4d8d-5d8c-4bf9-900b-0e50df57fcbb
last-modified: Thu, 20 Jun 2024 14:37:30 UTC
server: cloudflare
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UrMJ6kOMXdodm5X5K4b6FM3cBXNrMvN63I2%2FXE3SiCkNjFfLtGSDl%2FE89lopexWmqq05ZFSNFW3SqxHnf0lyHJK%2Bc3FZ2YwCkEARXdRlwBEERpQiXZyjkbXHxYadwAWqhKwghB8fgsVBla6d"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-qfdc9
cf-ray: 8975b1f3fa5f2c4e-FRA
x-amz-cf-id: Bhqv9RVYqkyyfEFuVO6wbXDTkg9b4TJplN4Oh-Jm1ver02mIjd5NXg==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
24 KB 231ms
128ms Script
application/javascript 2606:4700::6810:4c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/hs/scriptloader/5691062.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

753b5d77684b20581dddd43b3a944bca93a44da9e6dee0c8232ca6ed8a40ead5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
x-amz-version-id: yFTRQFC1g6ZpuTIoktepwBCyrzt6F_8h
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 578
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16706/bundles/project.js&cfRay=8975a3d3fae5bb71-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 9bfdc1c5-6a35-41d8-9653-6483eae0a702
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9bfdc1c5-6a35-41d8-9653-6483eae0a702
last-modified: Fri, 21 Jun 2024 14:34:54 UTC
server: cloudflare
etag: W/"d5ed42fdc505d7812288ee600abec355"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-qfdc9
cf-ray: 8975b1f45b009a2f-FRA
x-amz-cf-id: -P3gBYLjZTkYVDKIjT-OAs09MFgZU6LU-7BMgZGlvvk2Au2SWGuHzA==
x-hs-target-asset: conversations-embed/static-1.16706/bundles/project.js

GET
H2 200 5691062.js Show response
js.hs-analytics.net/analytics/1718990400000/ 68 KB
24 KB 335ms
233ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1718990400000/5691062.js
Requested by: Host: newsdirect.com
URL: https://newsdirect.com/hs/scriptloader/5691062.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b76c3158df6c6b0eb558464af7edfc168ef5df32bf9d8a9f4120ee69a20a35

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: AQ4QPSF915GDE4Z5
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 75142352-2888-4c3d-b518-681dfc8fbeba
x-envoy-upstream-service-time: 22
x-amz-id-2: C47/kmsA9FfO6Qo+kc6XF/3vmU0lO4v2Ack9uyBMQCGWLa+yLFbN0jobYz2Tgg1ntZyNrxQRAF8=
x-evy-trace-listener: listener_https
x-request-id: 75142352-2888-4c3d-b518-681dfc8fbeba
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 20 Jun 2024 17:54:13 GMT
server: cloudflare
etag: W/"151e01fccbfc2e4af25cb0669f5253ff"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-zmwrp
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8975b1f3fe712c3f-FRA
expires: Fri, 21 Jun 2024 17:29:57 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
92 KB 160ms
60ms Script
application/javascript 2606:4700::6812:8911
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/hs/scriptloader/5691062.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8911 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd26d9d88899d0587c9377964b7d1ab478a318b0fdbee7b9d6a084e4aa6425f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Origin: https://newsdirect.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 14320
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js&cfRay=897454589cf73680-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"be45bdb720f44c8db4ee42bc228ff2a8"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js
date: Fri, 21 Jun 2024 17:24:57 GMT
x-amz-version-id: HLkmxotJV8gQ_mnvhNwLT9fnVmh1uWjb
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: aadc8d4e-949c-4729-a48d-5a079d3802e1
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-request-id: aadc8d4e-949c-4729-a48d-5a079d3802e1
last-modified: Thu, 30 May 2024 10:22:15 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-rcvgx
cf-ray: 8975b1f3fc086987-FRA
x-amz-cf-id: zImV3v1KSGRYuBY7JTr8IuwOfKJhHLAQhLJiNVIBhn4axEb4Lek62Q==

GET
H2 200 5691062.js Show response
js.hs-banner.com/ 61 KB
19 KB 289ms
186ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5691062.js
Requested by: Host: newsdirect.com
URL: https://newsdirect.com/hs/scriptloader/5691062.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baef0c93793c961aa71b11750fff903e0385d97366a725e3d4a446928da0f2eb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
x-amz-version-id: dTKFrNADPxw99gwNZkFQtY6BOyEomLIo
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: MHDWBCMQNYKEBMW5
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 6753450c-3852-477f-9ce4-e60a7a75e4ac
x-envoy-upstream-service-time: 49
x-amz-id-2: j5YKVVHtKvoNHDi/Hinygs0Bnf8wDIdrZVaT1ieEdp8WB+kEc6pTlrTE6bz29YZgHqoUMsXPSGY=
x-evy-trace-listener: listener_https
x-request-id: 6753450c-3852-477f-9ce4-e60a7a75e4ac
x-evy-trace-route-configuration: listener_https/all
last-modified: Sun, 09 Jun 2024 17:05:39 GMT
server: cloudflare
etag: W/"43b10dce4d57bb730774ba1c0a02cd6c"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://newsdirect.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-q4rbs
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8975b1f3faef1e5b-FRA
expires: Fri, 21 Jun 2024 17:29:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 257 KB
91 KB 84ms
83ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-17876VYMX9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-160062440-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d68977567a0c4addd185885a269395ba99a650e6b9920119e9868babffc28b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92564
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jun 2024 17:24:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 130ms
41ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-160062440-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Jun 2024 15:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6234
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 21 Jun 2024 17:41:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
104 KB 106ms
106ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N1Y6E58C0N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NT7BQ3Q4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85453a1cce484e49145f0a66596a7a51b3e2278b54a62b718a1ec4ce993a4af4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106379
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jun 2024 17:24:57 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 141ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-17876VYMX9&gtm=45je46j0v9129973512za200&_p=1718990697192&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=777084970.1718990698&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1718990697&sct=1&seg=0&dl=https%3A%2F%2Fnewsdirect.com%2Fguest-content%2F5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1804&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17876VYMX9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 17:24:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsdirect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 152ms
49ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-17876VYMX9&cid=777084970.1718990698&gtm=45je46j0v9129973512za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17876VYMX9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 17:24:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsdirect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 261ms
209ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-17876VYMX9&cid=777084970.1718990698&gtm=45je46j0v9129973512za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=446311775

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 17:24:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 48ms
46ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1849219151&t=pageview&_s=1&dl=https%3A%2F%2Fnewsdirect.com%2Fguest-content%2F5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023&ul=de-de&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1437395665&gjid=2084380558&cid=777084970.1718990698&tid=UA-160062440-1&_gid=1599448163.1718990698&_r=1&gtm=457e46j0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1149400942

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 17:24:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsdirect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 138ms
48ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N1Y6E58C0N&gtm=45je46j0v9185603694z89185602117za200zb9185602117&_p=1718990697192&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=777084970.1718990698&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718990697&sct=1&seg=0&dl=https%3A%2F%2Fnewsdirect.com%2Fguest-content%2F5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023&dt=&en=page_view&_fv=1&_ss=1&tfd=1845&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N1Y6E58C0N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 17:24:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsdirect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 88ms
49ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-160062440-1&cid=777084970.1718990698&jid=1437395665&gjid=2084380558&_gid=1599448163.1718990698&npa=1&_u=YADAAUAAAAAAACAAI~&z=691781889

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Jun 2024 17:24:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsdirect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget Show response
newsdirect.com/_hcms/livechat/ 347 B
2 KB 229ms
229ms XHR
application/json 3.212.102.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://newsdirect.com/_hcms/livechat/widget?portalId=5691062&conversations-embed=static-1.16706&mobile=false&messagesUtk=11f685896bf54e35b786aa1ca74d1008&traceId=11f685896bf54e35b786aa1ca74d1008

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.212.102.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-102-32.compute-1.amazonaws.com

Software

nginx/1.21.1 /

Resource Hash

d893f50ac9990642d48b701e82f1e9984fafd049cfb54ab9815b15b21fe6fada

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-HubSpot-Messages-Uri: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 23d44d9e-6b80-4917-a6a3-804dccbb42bb
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 23d44d9e-6b80-4917-a6a3-804dccbb42bb
server: nginx/1.21.1
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-slsj2
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PWcLJAaExUdlV3Fx4Yxp4OX82eTbv7npsP3QW%2Fx%2FAZkgEON9nlqg5WYOVdhr789gngdv7d5tQvNTGxyCqUEv91xeAnCUrebiljTNSHoW2l4X7BoL2fq7KlFkvrQWXZ5XaUA6WusFCz1oiSOC6KMfSkjY8Vg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8975b1f55bc46ffd-IAD
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 61 B
1019 B 189ms
179ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=5691062&currentUrl=https%3A%2F%2Fnewsdirect.com%2Fguest-content%2F5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023&contentId=null

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f22677eb-4eba-4ffe-9dad-4eb37d518b38
content-encoding: br
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f22677eb-4eba-4ffe-9dad-4eb37d518b38
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://newsdirect.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r6kxlRnc9MX7bB7TIejAwAPrzJK7ANtOuKmDLmC8r08UmFAmwdwlVcj7xHH3znIy6tw66FVyhwXdwEYLpSZnTM%2FBWUqhmyAMU%2BHRU8kk%2Bkl8yWh7zTKNS4Cv7fYpd2GILTRO5abZsJAY4pnxCiQxkS2IVpRb4TQz%2Fmw%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8975b1f53c192c4e-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-2gsfg

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 122 B
1 KB 267ms
170ms XHR
application/json 2606:4700::6812:f16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=5691062

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2504d825349e7f5c3600432a1d60d201651a1dfd24485eaf33d84d5efabd1985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9de5a893-9dda-4d2d-9a71-39c27f5a1bee
content-encoding: br
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9de5a893-9dda-4d2d-9a71-39c27f5a1bee
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://newsdirect.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-hwgfb
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T4C3AC%2FYkVPoQlbtNyWf7%2BkjKCfU%2BTztkjn4YDAVhauDVJSV7BYuTalkyJhUBcLaLA%2FdPTBB12ngR444gyWXlj3%2BC0JYd6prP1WjApFIpMg3F9To%2BtrNMIsMX3zN0sAZxKwDpkI25e95oEpy"}],"group":"cf-nel","max_age":604800}
cf-ray: 8975b1f5eb596ade-FRA
access-control-allow-headers: *

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 159ms
75ms Image
image/gif 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-160062440-1&cid=777084970.1718990698&jid=1437395665&npa=1&_u=YADAAUAAAAAAACAAI~&z=66567598

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 17:24:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 126ms
125ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-160062440-1&cid=777084970.1718990698&jid=1437395665&npa=1&_u=YADAAUAAAAAAACAAI~&z=66567598

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 17:24:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 choice.js Show response
cmp.inmobi.com/choice/PRrmquD1Ggcb1/newsdirect.com/ 4 KB
2 KB 180ms
72ms XHR
application/javascript 2600:9000:275b:9800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/newsdirect.com/choice.js?tag_version=V3
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/3472/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c5440d741ee863978d732a5e52fdd3978283992324bf47887431b25432795ac

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:59 GMT
content-encoding: br
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Tue, 04 Jun 2024 07:28:58 GMT
server: AmazonS3
etag: W/"99d988dac2a11934dc447368f49b55fc"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://newsdirect.com
cache-control: max-age=900
access-control-allow-credentials: true
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-amz-cf-id: eRlWI2SqQalgxpHdEBtKKYwDNmbh8oPJfKXXnJL9Z3dc5PP-_GV4vw==

GET
H2 200 prebid-9d7424b625ebceecbda06acbe2dc3478.js Show response
cdn.fuseplatform.net/prebid/ 318 KB
102 KB 48ms
44ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/prebid/prebid-9d7424b625ebceecbda06acbe2dc3478.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/3472/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8fae0d734a5139904ecbccc1257e5d3236179daa602dc0ed06d0616b051b88e7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:57 GMT
content-encoding: gzip
last-modified: Thu, 01 Feb 2024 11:55:57 GMT
server: AkamaiNetStorage
etag: "2c8b74c3f5215eef628904fdbd3b34aa:1706788557.855309"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400000
accept-ranges: bytes
content-length: 104195
expires: Thu, 18 Mar 2027 17:24:57 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 308 KB
76 KB 161ms
45ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/3472/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1ee48fdc9c11e6866e86ddc8c850aceff697a6e0b1ee20f1dd2d1877b3c66cd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:35:17 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jun 2024 21:55:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2982
x-amz-server-side-encryption: AES256
etag: W/"8f94a6a072a070cbb8299e59a43dbe3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: wQaz6ubYzWhSrr7O67JzoO_k26XbqKfmsLnvl7IR9ZMBS85N6fMqkA==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
31 KB 178ms
84ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/3472/fuse.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

7e709868f7e590e8ef8ea2d0347d65148dce4cc0d9e938a06af5f1f27b8e3015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31589
x-xss-protection: 0
server: cafe
etag: 330 / 19895 / m202406170101 / config-hash: 17147832980266668957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jun 2024 17:24:58 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
267 B 187ms
98ms Fetch
text/plain 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?v=1&ttm=1718990697966&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=8e23f65d-33d8-592f-ad4f-d03e8d06832d&fid=3472&pubid=4&url=https%3A%2F%2Fnewsdirect.com%2Fguest-content%2F5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023&sid=aa0850222485926817f6&srate=100&adserver=gpt&etm=2093&e=fuse-load&tenant=publift&fusecdn=akamai&tlt=2053&account=newsdirect
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/3472/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:58 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://newsdirect.com
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Fri, 21 Jun 2024 17:54:58 GMT

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
927 B 243ms
171ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ad6e0db5-f4aa-48e7-a906-58dc4a264adc
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ad6e0db5-f4aa-48e7-a906-58dc4a264adc
last-modified: Fri, 21 Jun 2024 17:24:58 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-njspp
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8975b1f6dd7bbf16-WAW

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 151ms
47ms XHR
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240621

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-9d7424b625ebceecbda06acbe2dc3478.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

381e93c86f89f1c31e414c96ad2a4e78d7a85ab5ad30ced4e6bde9a0dc9d4f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Jun 2024 17:24:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5049
x-jsd-version: 1.0.2094
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 834
x-served-by: cache-fra-eddf8230103-FRA, cache-mxp6924-MXP
x-jsd-version-type: version
etag: W/"63a-DvosQSRAogbw/3vwnuG3mSLTSxU"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 choice.js Show response
cmp.inmobi.com/choice/PRrmquD1Ggcb1/newsdirect.com/ 4 KB
414 B 171ms
92ms Script
application/javascript 2600:9000:275b:9800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/newsdirect.com/choice.js?tag_version=V3
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/3472/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c5440d741ee863978d732a5e52fdd3978283992324bf47887431b25432795ac

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:59 GMT
via: 1.1 7a6b4cd1254095c5b4b5ec2c3af1870a.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: FRA60-P7
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Tue, 04 Jun 2024 07:28:58 GMT
server: AmazonS3
etag: W/"99d988dac2a11934dc447368f49b55fc"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://newsdirect.com
cache-control: max-age=900
access-control-allow-credentials: true
access-control-max-age: 3000
x-amz-cf-id: -6VcJBFpcHc-VaDvBQ2_COvqaahJfWtiJxDFUxa-Rkv1gbDlN_idMw==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/ 463 KB
144 KB 41ms
40ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:58:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12359
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147664
x-xss-protection: 0
server: cafe
etag: 1926151935331161023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 21 Jun 2025 13:58:59 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 122ms
42ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
date: Fri, 21 Jun 2024 05:05:27 GMT
x-amz-cf-pop: FRA56-P6
age: 44372
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: u0UsPcbPv3XPUO1su78bTmIqURxfcddWkzgua1bMk52JOIdIitOXxA==

GET
H2 200 8b48e249-e9e6-4a52-8b48-396ea93403e8 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
828 B 130ms
39ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/8b48e249-e9e6-4a52-8b48-396ea93403e8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: a79086333dd884effafca5b9935e773da7257e25a5b6041fd4fc69e0799325bd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:25:41 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 3557
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: vkdxHoh0jNyg0AFeaKUgf-2J2ba4Mk7x0TKfovPeux_9fIvgGE2SYw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 488 B
842 B 42ms
41ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnewsdirect.com&pubid=8b48e249-e9e6-4a52-8b48-396ea93403e8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 90f428eb104131a5f76713300dbbf38dfecf62f53a19ff10c8bb14fe5a2b46b1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:08:16 GMT
via: 1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 4602
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://newsdirect.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 488
x-amz-cf-id: ovDoxYgZ78_zziP12nzheRFvEMmascJG_2j1fmEisuree7tlDpGimw==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 94 KB
28 KB 150ms
59ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:15:00 GMT
server: cloudflare
x-amz-request-id: NG1TX7C2PGN4M2PD
age: 16
etag: W/"7549ecdacdd2ca9502744f648799d58a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8975b1f8cdb51e54-FRA
x-amz-id-2: KW62yijFmHexkOtrY6cVzb76Egw/zACz3n60GBBl2Lo6h2i+70hcAIZRWuJ3Nk0l6RgGSp2QImw=

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/53/ 167 KB
44 KB 46ms
45ms Script
text/javascript 2600:9000:275b:9800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=newsdirect.com
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/newsdirect.com/choice.js?tag_version=V3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 05:53:55 GMT
content-encoding: br
via: 1.1 7a6b4cd1254095c5b4b5ec2c3af1870a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 41464
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Mon, 03 Jun 2024 09:45:41 GMT
server: AmazonS3
etag: W/"db6c513b7a9d1bf38b36047c185655a2"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: SlIm5fETqWZ0W4CoVoUFleO34vl9MWe93NjIg5WPnAD32fFeM8P5MQ==

GET
H2 200 tag Show response
btloader.com/ 136 KB
36 KB 138ms
53ms Script
application/javascript 2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/3472/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646c9a5e26298716cf6be079e693aced43687f7a6e0cc88ee5eb8cd0e8c89629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:58 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 21 Jun 2024 16:22:06 GMT
server: cloudflare
age: 3575
etag: "5df1c5ca710282f8ea5cbe28f20a30cc"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8975b1f93f9d3631-FRA
content-length: 37014

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
322 B 39ms
39ms XHR
application/json 2600:9000:275b:9800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=newsdirect.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:58 GMT
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P7
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 39
x-amz-cf-id: 7WmzYWbOvlWeMW9O-zm2CxunM3EKKt3zihzCFtgBbCgkZntx5zOAfQ==

GET
H2 200 cmp-list.json Show response
cmp.inmobi.com/GVL-v2/ 19 KB
4 KB 56ms
39ms XHR
application/json 2600:9000:275b:9800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=newsdirect.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc971dde9b3794d5ce272ed459e185ae920f60e823beb83c364a6a63a316424c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 03:00:44 GMT
content-encoding: br
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 51855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 21 Jun 2024 03:00:42 GMT
server: AmazonS3
etag: W/"827669b93a7ac16ce875c2b552f14696"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: Xwr0RH6tEU3oML2C21axOhmvk1tDfh3HZZARpcQmHckXXMAnl6wwnw==

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 241ms
151ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 21 Jun 2024 17:24:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
340 B 145ms
55ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2224859
x-guploader-uploadid: ABPtcPrux6dlODB5e_tasWROPm5jTBdL450Xz1Wts3KrxFSKJRkUiuPhL3oKK-QLBZQzrtIKB6QwkkAwAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UaFOKElMQPKt8E2qIBt3Yg3U0P%2FPJ7nCpa3TNZTtRlg7SMUL2etJDm%2BmAlLOcjSJfpBtd6UWm2j7GVdWDC6svz0iUl3l%2BqkPkygm%2BNW3UiMgJQuxOaydAwPvDeIg4arzgxP4ULGLYqtTkkapBw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8975b1fa2f251e59-FRA
expires: Mon, 27 May 2024 00:03:40 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 97ms
40ms Image
image/x-icon 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 14:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9565
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jun 2024 14:45:33 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
923 B 138ms
49ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.5100004823294593
Requested by: Host: newsdirect.com
URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2224859
x-guploader-uploadid: ABPtcPrux6dlODB5e_tasWROPm5jTBdL450Xz1Wts3KrxFSKJRkUiuPhL3oKK-QLBZQzrtIKB6QwkkAwAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1nF64kvouOfFiIefRbeKkPH%2BXWdLILc8vFZj5MkO9YzB12W4npGNT2Qy%2Fz%2FH1U9KEPFokJIcov2SnA6c8H%2BmvcECUaERPJBuLVRoCwZ9su0bPgJZ%2FaM8081E%2B4NRIaNQt95EWGbw0l0hXOnRw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8975b1fa2f231e59-FRA
expires: Mon, 27 May 2024 00:03:40 GMT

GET
H2 200 cmp2ui-en.js Show response
cmp.inmobi.com/tcfv2/53/ 297 KB
72 KB 83ms
83ms Script
text/javascript 2600:9000:275b:9800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=newsdirect.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 706942656eb9d47aba1a60229b27acc14a95a7f81fd8f7227d2c4e2ab9687207

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 05:53:55 GMT
content-encoding: br
via: 1.1 7a6b4cd1254095c5b4b5ec2c3af1870a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 41464
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Mon, 03 Jun 2024 09:45:44 GMT
server: AmazonS3
etag: W/"991fbc793ffbdf15116c0458b5a2027a"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: lzxHicJLMYMChi1fdj2AuawA7j_Ei29asoktk8_xoJ0roFNd_SwQNw==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v3/ 593 KB
65 KB 83ms
82ms XHR
application/json 2600:9000:275b:9800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=newsdirect.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 870081c102495df88cbdfad8de12f5070ed18fab6ee2382e22403940a5f368b0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 23:59:23 GMT
content-encoding: br
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 62736
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 20 Jun 2024 23:59:19 GMT
server: AmazonS3
etag: W/"b9ef025c1e2e7a8bd49659c0bc0c0816"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 1-GMAavX7RMmnFkALVmDGDG5KvnH0pbVzswqvg8FwWDcrbZ-_f-UKw==

GET
H2 200 google-atp-list.json Show response
cmp.inmobi.com/tcfv2/ 142 KB
33 KB 124ms
124ms XHR
application/json 2600:9000:275b:9800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=newsdirect.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f0dc15253c79e35ffeb35b079b9913b0588525ee7b970dfb2fe94d6a960b8b5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 05:53:55 GMT
content-encoding: br
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 41464
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 21 Jun 2024 03:00:24 GMT
server: AmazonS3
etag: W/"1ec7c43a6ba7c25fb30966aeccbd7ac0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: K-qG5T8KQxy2DvkVtXtpyLeju6DyaUB8wsYHOcu6cDit8OPmD-2V0w==

GET
H2 200 purposes-en.json Show response
cmp.inmobi.com/google-basic-consent/v1/ 3 KB
1 KB 131ms
131ms XHR
application/json 2600:9000:275b:9800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/google-basic-consent/v1/purposes-en.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=newsdirect.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a5daaa6ad4414ce23cf44631d6bd0fb55138eef51e5b89c9ac4fc4d18ef8f09

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:11 GMT
content-encoding: br
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 47
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 13:53:11 GMT
server: AmazonS3
etag: W/"63eb241f2eff549c61a71fcd388a6d3b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=900
access-control-allow-credentials: true
vary: Accept-Encoding
x-amz-cf-id: iiFAR7bg286xg18nuYDw1bm1Y_5xKXGM7YNTb9I944iRK1kyGHvSlw==

GET
H2 200 / Show response
api.cmp.inmobi.com/ 2 B
101 B 137ms
40ms XHR
text/plain 18.157.128.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22PRrmquD1Ggcb1%22%2C%22domain%22%3A%22newsdirect.com%22%2C%22publisher%22%3A%22newsdirect%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.53%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22mUruNE%2FMZ4DJSo6dMT456w%22%2C%22tagVersion%22%3A%22V2%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1718990698648%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-8mxr15nqk2crx1nvnrt5%22%7D
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.157.128.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-128-118.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 21 Jun 2024 17:24:58 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 / Show response
api.cmp.inmobi.com/ 2 B
100 B 137ms
40ms XHR
text/plain 18.157.128.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22PRrmquD1Ggcb1%22%2C%22domain%22%3A%22newsdirect.com%22%2C%22publisher%22%3A%22newsdirect%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.53%22%2C%22displayType%22%3A%22gbc%3Amandatory%22%2C%22configurationHashCode%22%3A%22mUruNE%2FMZ4DJSo6dMT456w%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1718990698648%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GBC-g22v1bcdt9vsmhcfcfay%22%7D
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.157.128.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-128-118.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 21 Jun 2024 17:24:58 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
322 B 40ms
40ms XHR
application/json 2600:9000:275b:9800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:58 GMT
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P7
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 39
x-amz-cf-id: 5uuh0QHTG-TbQbf6Cr1jIPe3KRcm06hCPR9lBU68NIs54bQiNWCS1w==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 123ms
41ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 17:24:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: BDh+Z9XqbOIH2K/s7m1DchJEj5iA+Zdod7wlkV9HqVBDJGOAwTnUL29+Pe/e4Jkuar97plpTDGEFNfVve3/4uw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
615 B 171ms
162ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3598200494&v=1.1&a=5691062&ct=standard-page&ccu=http%3A%2F%2Fwww.newsdirect.com%2F404&lvc=en&pu=https%3A%2F%2Fnewsdirect.com%2Fguest-content%2F5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023&cts=1718990698679&vi=3ab3995d63b79a2ec64eab2044da9ad5&nc=true&u=16499497.3ab3995d63b79a2ec64eab2044da9ad5.1718990698676.1718990698676.1718990698676.1&b=16499497.1.1718990698676&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0c3d7957-019d-4540-8321-b976cf957b32
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0c3d7957-019d-4540-8321-b976cf957b32
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2Fd%2BOOj%2Bbhbl9tc2932nuPbxV7M944T%2FxKEbeGZFQo%2FatUNLlNclOgGKaKAxksKLMlOsZeSDacUxrwfummhiWkHuoON694x8OgP3YtkLDJJGpbiz%2BSbgx6h9QTMlUUeWLqAXXwJIqfHkR4NTYOzb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-5gwdl
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8975b1faed0f5c38-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1 KB 179ms
168ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5691062&utk=3ab3995d63b79a2ec64eab2044da9ad5&__hstc=16499497.3ab3995d63b79a2ec64eab2044da9ad5.1718990698676.1718990698676.1718990698676.1&__hssc=16499497.1.1718990698676&contentId=null&currentUrl=https%3A%2F%2Fnewsdirect.com%2Fguest-content%2F5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61aff923266332028d28b1f75a0cd9e7f2d5216e2f7fea7b68c53f2c1e90156a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a65831b0-40ed-46d1-a639-9b5f323b820c
content-encoding: br
x-envoy-upstream-service-time: 18
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a65831b0-40ed-46d1-a639-9b5f323b820c
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://newsdirect.com
x-evy-trace-virtual-host: all
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-2gsfg
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k27CVyBzEigitmSy3Ed3PEwbvDmoQ2UBPvZncgN56T9fgzKyMPV%2FIHiVPwgVvP0JJCQcVqGPm5Y2%2BBDoY7Bst8kN5jDbXRzQSxAxRdQ0L6GhagVk8Yceg2CJKo7e0AehCsa6TAboxalh7WPQdZ6L"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8975b1fafc1d2c4e-FRA

GET
H2 200 favicon-32x32.png
5691062.fs1.hubspotusercontent-na1.net/hubfs/5691062/ 790 B
1 KB 92ms
92ms Other
image/webp 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5691062.fs1.hubspotusercontent-na1.net/hubfs/5691062/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3abfa3d338c3b3ebf7c77bd878e58951526066711d48cc16816f9838ef169262

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-cache-tag: F-41225551669,P-5691062,FLS-ALL
age: 1442172
x-amz-request-id: P8QQ2GY508FYYJV4
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41225551669,P-5691062,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="favicon-32x32.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "e748fd776d30a46ed45a69b455cd244e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1612364854018
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 21 Jun 2024 17:24:58 GMT
via: 1.1 8bd22c4e977189bdb5963957ff8477de.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: PbGRAbhzJGzSoYOVE.2tsYOhnn4aGOdd
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1480
x-cache: RefreshHit from cloudfront
cache-tag: F-41225551669,P-5691062,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 790
x-amz-id-2: PNLkA+oit2xdZYE7+yuiNmAxJynEtmmrw7ohJ2RX84n18/Re4gShGML2r2wBafyS3BLsXjRxk1M=
last-modified: Mon, 06 Feb 2023 07:50:59 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8975b1faffc72bf5-FRA
timing-allow-origin: 5691062.fs1.hubspotusercontent-na1.net
x-amz-cf-id: SEcCe5NyoxJ5zPIjG4IcUjyAeT0xkCJQsMX0DnyY4RuB41ZTep8VgA==

GET
H2 200 country Show response
api.btloader.com/ 37 B
162 B 153ms
151ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=5708166709903360
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 17:24:58 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 151ms
151ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=nidioKYXvO&w=5180513618231296&o=5708166709903360&cv=2.1.46-1-ge6dd43d&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fnewsdirect.com%2Fguest-content%2F5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023&sid=aBjGCJTCi&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 21 Jun 2024 17:24:58 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 682327702617354 Show response
connect.facebook.net/signals/config/ 66 KB
14 KB 226ms
212ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/682327702617354?v=2.9.158&r=stable&domain=newsdirect.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e5629bc189410a5be2fd28e3bea77fe9f0e1658f1f79363980f6bc92302a778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 17:24:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=65, mss=1297, tbw=63585, tp=-1, tpl=-1, uplat=172, ullat=0
pragma: public
x-fb-debug: 2Ew2VlmpuWsZnuNc5tGHNXrp1GMPgW7K5F1ruPq63IAe1YhmmcgNeGBDZtH1/ANCDQb80/ULBA6TdLPYc6oCBA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 317ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=682327702617354&ev=PageView&dl=https%3A%2F%2Fnewsdirect.com%2Fguest-content%2F5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023&rl=&if=false&ts=1718990699169&sw=1600&sh=1200&ud[external_id]=3ab3995d63b79a2ec64eab2044da9ad5&v=2.9.158&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1718990699166.999109135637672572&cs_est=true&ler=empty&cdl=API_unavailable&it=1718990698908&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2810, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 17:24:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 470ms
193ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=682327702617354&ev=PageView&dl=https%3A%2F%2Fnewsdirect.com%2Fguest-content%2F5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023&rl=&if=false&ts=1718990699169&sw=1600&sh=1200&ud[external_id]=3ab3995d63b79a2ec64eab2044da9ad5&v=2.9.158&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1718990699166.999109135637672572&cs_est=true&ler=empty&cdl=API_unavailable&it=1718990698908&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xb1ba34873d5d5be2","source_keys":["1","2"]},{"key_piece":"0x374f969a8b43ef0c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 17:24:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383008834727790682", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3128, tp=-1, tpl=-1, uplat=153, ullat=0
pragma: no-cache
x-fb-debug: xh9VZ4q2IwyFLVkLQR/TV9bsA5KapvUXnbTqflTqtRSrjmWVZVQAPaWLBeoGQbeMfntVq+cuKuZoh5GKiVSMYQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383008834727790682"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 49ms
48ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N1Y6E58C0N&gtm=45je46j0v9185603694za200zb9185602117&_p=1718990697192&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=777084970.1718990698&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1718990697&sct=1&seg=0&dl=https%3A%2F%2Fnewsdirect.com%2Fguest-content%2F5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023&dt=&en=scroll&epn.percent_scrolled=90&_et=12&tfd=6863&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N1Y6E58C0N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsdirect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 17:25:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsdirect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.newsdirect.com/	1970-01-20 23:39:26	Name: _gcl_au Value: 1.1.61725590.1718990698
.newsdirect.com/	1970-01-21 07:05:50	Name: _ga_17876VYMX9 Value: GS1.1.1718990697.1.0.1718990697.60.0.0
.newsdirect.com/	1970-01-20 21:31:17	Name: _gid Value: GA1.2.1599448163.1718990698
.newsdirect.com/	1970-01-20 21:29:50	Name: _gat_gtag_UA_160062440_1 Value: 1
.newsdirect.com/	1970-01-21 07:05:50	Name: _ga Value: GA1.1.777084970.1718990698
.newsdirect.com/	1970-01-21 07:05:50	Name: _ga_N1Y6E58C0N Value: GS1.1.1718990697.1.0.1718990697.0.0.0
.hubspot.com/	1970-01-20 21:29:52	Name: __cf_bm Value: ySmMzb7i5rPWZJZ9f_Zy9CprLNVknwBbcFta4ulX.YA-1718990697-1.0.1.1-6x0fmcULI5xg4bV_GH.12LvCClYPrwaLjgadUzDmXZZGIoH1E_Bg_gpQfy3FqilYajOu_ZW9kKzwgzEQe39BHA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Wi2eVz6zBzvxM2WrucQyREeWL0T4UECxvKo5BsMZaXY-1718990697820-0.0.1.1-604800000
newsdirect.com/	1970-01-20 22:13:02	Name: _pbjs_userid_consent_data Value: 6683316680106290
.hsforms.com/	1970-01-20 21:29:52	Name: __cf_bm Value: ICPohaoI8BEjvLoylx4hSowsrSyIfWnlbWBzMrlbOGA-1718990698-1.0.1.1-LEzs9PAgxJrqeq34rzilmAPRbJO7f0dLIsvJ3sGNat76.fv8bVYVlL48hPt4_8CV6BsSO.x1IE2y4H0.IRmCMg
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 5eOqi1oIla0KenEqTa202VPWjbEvRu595DbDLCplM2Y-1718990698184-0.0.1.1-604800000
.newsdirect.com/	1970-01-21 06:51:26	Name: usprivacy Value: 1N--
.newsdirect.com/	1970-01-21 01:49:02	Name: __hstc Value: 16499497.3ab3995d63b79a2ec64eab2044da9ad5.1718990698676.1718990698676.1718990698676.1
.newsdirect.com/	1970-01-21 01:49:02	Name: hubspotutk Value: 3ab3995d63b79a2ec64eab2044da9ad5
.newsdirect.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.newsdirect.com/	1970-01-20 21:29:52	Name: __hssc Value: 16499497.1.1718990698676
.newsdirect.com/	1970-01-20 23:39:26	Name: _fbp Value: fb.1.1718990699166.999109135637672572

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://newsdirect.com/guest-content/5-best-same-day-loans-online-with-no-credit-check-and-quick-approval-in-2023 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5691062.fs1.hubspotusercontent-na1.net
ad-delivery.net
ad.doubleclick.net
api.btloader.com
api.cmp.inmobi.com
api.hubapi.com
app.hubspot.com
btloader.com
c.amazon-adsystem.com
cdn.fuseplatform.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn2.hubspot.net
cdnjs.cloudflare.com
cmp.inmobi.com
config.aps.amazon-adsystem.com
connect.facebook.net
cta-service-cms2.hubspot.com
f.hubspotusercontent10.net
fonts.googleapis.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
newsdirect.com
perf-na1.hsforms.com
region1.analytics.google.com
region1.google-analytics.com
securepubads.g.doubleclick.net
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
unpkg.com
www.ameritas.co.uk
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.newsdirect.com
104.17.25.14
104.18.91.62
104.19.175.188
108.138.6.136
130.211.23.194
142.250.185.131
142.250.185.162
142.250.185.228
142.250.185.70
172.67.147.5
18.157.128.118
2001:4860:4802:32::36
2600:9000:275b:9800:1b:cadc:ef40:93a1
2606:4700:10::6816:3556
2606:4700:10::6816:4ad8
2606:4700:20::681a:246
2606:4700:4400::6812:22e5
2606:4700:4400::6812:297c
2606:4700::6810:4c8e
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:a0a8
2606:4700::6811:80ac
2606:4700::6811:af5b
2606:4700::6811:f6cb
2606:4700::6812:561e
2606:4700::6812:8911
2606:4700::6812:f16c
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:81d::200a
2a00:1450:400c:c06::9c
2a02:26f0:3500:12::1730:17a6
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::485
3.212.102.32
99.86.4.71
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
0c46dd569fd343033bf8b4d282c7394c7628756dabd3f5ae5a1ca5db4365ce27
1199deed4086cac3beaab066c39d29685ceb66e6fd19b8effd79fcbcc71c17cf
21edbf5f1ea58c709f2b16fa8223533a366dc03d4565ad6e9148f5f54b17bb25
2504d825349e7f5c3600432a1d60d201651a1dfd24485eaf33d84d5efabd1985
2b58b4a64351def938af665d8684ba06a6c25eeac186b26335a9c621c16234b1
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881
34b76c3158df6c6b0eb558464af7edfc168ef5df32bf9d8a9f4120ee69a20a35
381e93c86f89f1c31e414c96ad2a4e78d7a85ab5ad30ced4e6bde9a0dc9d4f65
3a5daaa6ad4414ce23cf44631d6bd0fb55138eef51e5b89c9ac4fc4d18ef8f09
3abfa3d338c3b3ebf7c77bd878e58951526066711d48cc16816f9838ef169262
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
4e5629bc189410a5be2fd28e3bea77fe9f0e1658f1f79363980f6bc92302a778
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b9c9a65c75a19e22ae5ebd87d6b04f1e1088d0ef0ff4802367301619c610638
61aff923266332028d28b1f75a0cd9e7f2d5216e2f7fea7b68c53f2c1e90156a
646c9a5e26298716cf6be079e693aced43687f7a6e0cc88ee5eb8cd0e8c89629
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c5440d741ee863978d732a5e52fdd3978283992324bf47887431b25432795ac
706942656eb9d47aba1a60229b27acc14a95a7f81fd8f7227d2c4e2ab9687207
74be25be6ad3ce39c502e146bfb58d42ed3b8ef9050814fae09065f61e2eb7ed
753b5d77684b20581dddd43b3a944bca93a44da9e6dee0c8232ca6ed8a40ead5
783648f50f42c58fc95c2b5d93f5296a12e6c3bf350d55bf8b7df431bd4cc88a
7a6f59c93d2a3daaf97137639b5a3144859d90a8a809c6f01478e75e5b643200
7e709868f7e590e8ef8ea2d0347d65148dce4cc0d9e938a06af5f1f27b8e3015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85453a1cce484e49145f0a66596a7a51b3e2278b54a62b718a1ec4ce993a4af4
870081c102495df88cbdfad8de12f5070ed18fab6ee2382e22403940a5f368b0
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f
8bc45f7842e583bd510859d672ca63742ccff74ce6abb012d60b2734558fbf27
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8fae0d734a5139904ecbccc1257e5d3236179daa602dc0ed06d0616b051b88e7
90f428eb104131a5f76713300dbbf38dfecf62f53a19ff10c8bb14fe5a2b46b1
93f62f58c1b2bfbe94bb13e1e5cca57f6c27baddf7787c47f37b5914be180433
959a9634f70d3b541ff63f77a8025b1fb507a0a57438cbcfa6c5d6ea2ce2e9e2
98dfeb1d061e8788b320a130a84723813efed0b2518921f30b40cc8a09bf8ecf
9f0dc15253c79e35ffeb35b079b9913b0588525ee7b970dfb2fe94d6a960b8b5
a3de2cf08070f0039b6a0fdfa14b554a29c670c716071eeff76598d1ff8e18f2
a79086333dd884effafca5b9935e773da7257e25a5b6041fd4fc69e0799325bd
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab1fca31f7e7a89c198881e69c42c6bb3578b7d55f2cee7463b96360feaf7eaa
b82ae1ebe6e9f83f73cb754e044fa16d9637f7939bdabfaeaf76cfdcbab81125
baef0c93793c961aa71b11750fff903e0385d97366a725e3d4a446928da0f2eb
c06cb08a61962254d6e4841b4664004ddf0f52b9f95f7d8577f0cdef0e129fe3
c114a5641b9988aecb7a00c47bd1d37d912883ff4ef9c3b9fe6ad21603ab1066
c1ee48fdc9c11e6866e86ddc8c850aceff697a6e0b1ee20f1dd2d1877b3c66cd
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c4f9ff10be3eeaff61855fb05c3cec1825ad0ff84708e9795e024835b344f54f
c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d7bdc608132b8246ddf7ced6c0f78de99f6c3676390e5dbb7aba126cf1f128
d68977567a0c4addd185885a269395ba99a650e6b9920119e9868babffc28b80
d7b92b7143625ae61e8690fe18bbd51b7cbb72539d715062a583ac00c461ea82
d893f50ac9990642d48b701e82f1e9984fafd049cfb54ab9815b15b21fe6fada
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd26d9d88899d0587c9377964b7d1ab478a318b0fdbee7b9d6a084e4aa6425f7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2db8deb6e51f3c2a04cf60a0420bc305122df58418be8fa3f8230f482b06828
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112
f826bcac220a5475477ee65fae659b0d8292d038d180a122df67fadb6742ed52
f85ad9df8d71ac4417a1691718a9dd7997a7889297f851efb65f2a246cef1fe1
fc971dde9b3794d5ce272ed459e185ae920f60e823beb83c364a6a63a316424c

newsdirect.com Open in urlscan Pro 3.212.102.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

85 Requests

99 %HTTPS

66 %IPv6

31 Domains

43 Subdomains

37 IPs

4 Countries

2679 kBTransfer

7635 kBSize

17 Cookies

13 Outgoing links

Page URL History

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

newsdirect.com Open in urlscan Pro
3.212.102.32 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

99 %
HTTPS

66 %
IPv6

31
Domains

43
Subdomains

37
IPs

4
Countries

2679 kB
Transfer

7635 kB
Size

17
Cookies

85 HTTP transactions
0 data transactions