newsbluewin.net Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newsbluewin.net/
Effective URL:
https://newsbluewin.net/
Submission Tags: @phish_report
Submission: On September 16 via api (September 16th 2024, 12:51:52 pm UTC) from FI — Scanned from NL

Summary HTTP 117 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 18 domains to perform 117 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is newsbluewin.net.
TLS certificate: Issued by WE1 on September 12th 2024. Valid for: 3 months.

This is the only time newsbluewin.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 82	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:278d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	2001:1600:13:... 2001:1600:13:101::4a2	29222 (INFOMANIA...) (INFOMANIAK-AS)
1	2606:4700:440... 2606:4700:4400::ac40:9473	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700::68... 2606:4700::6812:fae9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::ac40:96d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3b5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:20a... 2600:9000:20ae:9400:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2620:1ec:29:1... 2620:1ec:29:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	23.96.124.68 23.96.124.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:440... 2606:4700:4400::6812:2528	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	52.3.163.102 52.3.163.102	14618 (AMAZON-AES) (AMAZON-AES)
117	22

82 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

newsbluewin.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:278d (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:1600:13:101::4a2 (Switzerland)

ASN29222 (INFOMANIAK-AS, CH)

sherlockhomes.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9473 (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:fae9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

conversations-widget.sendinblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:96d8 (United States)

ASN13335 (CLOUDFLARENET, US)

conversations-widget.brevo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
in-automate.brevo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3b5b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ae:9400:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.96.124.68 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

s.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2528 (United States)

ASN13335 (CLOUDFLARENET, US)

conversations-widget.brevo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.4 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.163.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-163-102.compute-1.amazonaws.com

api.cobrowse.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	newsbluewin.net 1 redirects newsbluewin.net	4 MB
8	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 682 s.clarity.ms — Cisco Umbrella Rank: 6853	30 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327 px4.ads.linkedin.com — Cisco Umbrella Rank: 6795	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 361	16 KB
3	brevo.com conversations-widget.brevo.com — Cisco Umbrella Rank: 99548 in-automate.brevo.com — Cisco Umbrella Rank: 11878	16 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	311 KB
2	cobrowse.io api.cobrowse.io — Cisco Umbrella Rank: 45181	2 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	319 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4054	24 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 178	73 KB
2	sibautomation.com sibautomation.com — Cisco Umbrella Rank: 11129	4 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 12570	408 B
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 5413	12 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 782	14 KB
1	cdn-cookieyes.com cdn-cookieyes.com — Cisco Umbrella Rank: 7199	34 KB
1	sendinblue.com 1 redirects conversations-widget.sendinblue.com — Cisco Umbrella Rank: 208732	363 B
1	sherlockhomes.ch sherlockhomes.ch	29 KB
117	18

	Domain	Requested by
82	newsbluewin.net	1 redirects newsbluewin.net
5	s.clarity.ms	www.clarity.ms
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	www.clarity.ms	newsbluewin.net www.clarity.ms bat.bing.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com newsbluewin.net
3	www.googletagmanager.com	newsbluewin.net www.googletagmanager.com
2	api.cobrowse.io	newsbluewin.net
2	www.facebook.com	newsbluewin.net
2	conversations-widget.brevo.com	newsbluewin.net conversations-widget.sendinblue.com
2	connect.facebook.net	newsbluewin.net connect.facebook.net
2	sibautomation.com	newsbluewin.net sibautomation.com
1	www.google.nl	newsbluewin.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	newsbluewin.net
1	www.google.com	1 redirects
1	in-automate.brevo.com	sibautomation.com
1	px4.ads.linkedin.com	newsbluewin.net
1	www.dwin1.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	cdn-cookieyes.com	www.googletagmanager.com
1	conversations-widget.sendinblue.com	1 redirects
1	sherlockhomes.ch	newsbluewin.net
117	23

This site contains no links.

Subject Issuer	Validity	Valid
newsbluewin.net WE1	`2024-09-12` - `2024-12-11`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
sibautomation.com WE1	`2024-08-05` - `2024-11-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-25` - `2024-09-23`	3 months	crt.sh
sherlockhomes.ch R11	`2024-07-26` - `2024-10-24`	3 months	crt.sh
cdn-cookieyes.com WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-09-11` - `2025-03-11`	6 months	crt.sh
brevo.com WE1	`2024-08-19` - `2024-11-17`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.nl WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
cobrowse.io Amazon RSA 2048 M03	`2024-06-16` - `2025-07-14`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://newsbluewin.net/
Frame ID: BCA3F7543EE269AC46AFA22159607D92
Requests: 114 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=nb68vhnqwf1217z9ofyt33bf
Frame ID: 68D923A691705B19B0CADD6FAB521D01
Requests: 1 HTTP requests in this frame

Frame: https://conversations-widget.brevo.com/?isModern=true
Frame ID: 4BCABED8C2616803A5A5B39C40ECA082
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Locataire : que faire si un équipement électroménager tombe en panne ? SherlockHomes

Page URL History Show full URLs

http://newsbluewin.net/ HTTP 307
https://newsbluewin.net/ Page URL
https://newsbluewin.net/cdn-cgi/phish-bypass?atok=ZLJFCGYb_Fb_n6nAlB7bbxp7x8fRPeRBdSrU63hKM7Q-172649... HTTP 301
https://newsbluewin.net/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

117
Requests

97 %
HTTPS

71 %
IPv6

18
Domains

23
Subdomains

22
IPs

5
Countries

4673 kB
Transfer

8427 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newsbluewin.net/ HTTP 307
https://newsbluewin.net/ Page URL
https://newsbluewin.net/cdn-cgi/phish-bypass?atok=ZLJFCGYb_Fb_n6nAlB7bbxp7x8fRPeRBdSrU63hKM7Q-1726491094-0.0.1.1-%2F HTTP 301
https://newsbluewin.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://newsbluewin.net/ HTTP 307
https://newsbluewin.net/

Request Chain 84

https://conversations-widget.sendinblue.com/sib-conversations.js HTTP 301
https://conversations-widget.brevo.com/sib-conversations.js

Request Chain 96

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3402828&time=1726491103264&url=https%3A%2F%2Fnewsbluewin.net%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3402828&time=1726491103264&url=https%3A%2F%2Fnewsbluewin.net%2F&e_ipv6=AQKqOV1Px287iAAAAZH645DCCHtuhVNZNWrD-BzqpVYwc2zZQx5ckVX09iJLXfD8w1z6jYY

Request Chain 106

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3l2l5l1&tag_exp=0&rnd=1476818599.1726491105&url=https%3A%2F%2Fnewsbluewin.net%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He4990n815PGFZR7v846155930za200&auid=417256067.1726491105 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l2l5l1&tag_exp=0&rnd=1476818599.1726491105&url=https%3A%2F%2Fnewsbluewin.net%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He4990n815PGFZR7v846155930za200&auid=417256067.1726491105

117 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
newsbluewin.net/
Redirect Chain

http://newsbluewin.net/
https://newsbluewin.net/

4 KB
2 KB

80ms
23ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsbluewin.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e01077d164f9a8f54d71df8056107c4306cdba00e910025272b712d40b63578a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-ray: 8c40fd1b6bbb6670-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 16 Sep 2024 12:51:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q4yvDobnVNuYv4muqSpMOlkvzCT7Y93keuk11%2BChtP%2F669j%2BhMmid1slPrTx4ToGs69wmmbnBvaMJzJDJ%2FtLLcEZV4g%2F9KXa6XIPUgB%2BPJ6VW4rgnKIVrX0gW5VQ4irnyvc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Location: https://newsbluewin.net/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 cf.errors.css
newsbluewin.net/cdn-cgi/styles/ 23 KB
5 KB 20ms
15ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsbluewin.net/cdn-cgi/styles/cf.errors.css

Requested by

Host: newsbluewin.net
URL: https://newsbluewin.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Sep 2024 18:11:09 GMT
server: cloudflare
etag: W/"66e08bbd-5df3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 8c40fd1babfd6670-AMS
expires: Mon, 16 Sep 2024 14:51:34 GMT

GET
H3 200 icon-exclamation.png
newsbluewin.net/cdn-cgi/images/ 452 B
634 B 21ms
20ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsbluewin.net/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: newsbluewin.net
URL: https://newsbluewin.net/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://newsbluewin.net/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Sep 2024 18:11:09 GMT
server: cloudflare
etag: "66e08bbd-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8c40fd1dee1c6670-AMS
content-length: 452
expires: Mon, 16 Sep 2024 14:51:34 GMT

GET
H3 404 favicon.ico
newsbluewin.net/ 555 B
558 B 112ms
112ms Other
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DH9t780NW0plqpCfhfMSqqGr%2FmeBtC1YUR0ywCuxp0GaqJAGMaOilxNFO%2BWaH20LhyTzxp8NXbMhuc5pyxuz7o2O5adD0Jg7hBZ9bdKZpGgx%2BlThbl6UREYmxZcVImx5ve0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8c40fd1e9ec16670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

Primary Request / Show response
newsbluewin.net/
Redirect Chain

https://newsbluewin.net/cdn-cgi/phish-bypass?atok=ZLJFCGYb_Fb_n6nAlB7bbxp7x8fRPeRBdSrU63hKM7Q-1726491094-0.0.1.1-%2F
https://newsbluewin.net/

167 KB
20 KB

1156ms
1156ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 98e6b3a96596ad42b6b334bb611e486633a5ce0018e3b4ef5c0d05f924501a19

Request headers

Referer: https://newsbluewin.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8c40fd3e09356670-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 16 Sep 2024 12:51:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O4nvwmsAqdd83en4UZoZwbKAZLo9PU6RkPDying9oEMLPEIe%2BRc4n%2FCTG7O7z5sdi18%2Fc3ZVDwEln6DMyBkR%2BC1oS2T67r4QbaguCbqnA9eV%2FI5XLoGy6N8l%2Fqy57562emQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

cache-control: private, no-cache
cf-ray: 8c40fd3dd9136670-AMS
content-length: 167
content-type: text/html
date: Mon, 16 Sep 2024 12:51:39 GMT
location: https://newsbluewin.net/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 /
newsbluewin.net/ 160 KB
24 KB 301ms
300ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?_=%2Fnpm%2Fbootstrap%405.1.3%2Fdist%2Fcss%2Fbootstrap.min.css%23KJWqMdlUlBnoL%2BNbWg7kgof8bpMuFVq1
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Request headers

Referer: https://newsbluewin.net/
Origin: https://newsbluewin.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Da0TZP3wf3p4G%2FsZfKbtFA6FUrS4K0T8NiIkFbtuMFPv6zY1vTHVLYViQPX%2FRQ9Cr3pEctqsrgnhwMLMpzPAqARrESXprwdlerxzge7rLw2M43T%2Bb8IFJwl%2BjRx7jrDsn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cf-ray: 8c40fd45a9546670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 75 KB
14 KB 391ms
389ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?33775940464=&_=%2Ffront%2Fcss%2Ffragments.crush.css%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: a45e0f11dc211da63de03b5e1b7bbb22594afc805fb3d15985333a797fd53b3d

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BVxgzGWm6VFZSB6Lpdk%2BW%2F%2Bah3hjQZchaTBHilyqRv3mbvZUttl31FWglTIpKGcm7R3cIpznHMKSF%2FioB20wjXuE9Fpprwvv0OW3jDn4YGHfqMH0%2Bd%2F4xd4UMff1QDoluJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cf-ray: 8c40fd45a9556670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 84 KB
15 KB 301ms
299ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?35451279366=&_=%2Ffront%2Fcss%2Fpage.crush.css%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 74c9aa944fda734c855240ec682164c378aaa3b2c7bad02ff2c628832c3e13c0

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cMKMMQlpYGKFbBHuTvWcwYnJWw3IzptahUEDcBTFXPmn0fR%2BWTHYelPfeTqL5SON3AqrHQI8rnm2oT1sywMb1xxZMz3Ilma8s1OzG3sTF7jG%2FNJd6aOzD7BUpmSyihr97uU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cf-ray: 8c40fd45a9566670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 704 B
805 B 293ms
291ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fuser-single-black.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ceef63490eb46b628dcf1b65346f06b432f88b10adfc28a51545afd8ee987ab3

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h63o5efSohbCIXWluNbfVhs%2BShkuqZDhbPjbPjL90YXWouT1hX1ShwWGH1jGpPNU4a2LRZfFzGOZFXjngtYLdG6etb%2B7swHa8d8ji8Y9par2gDAEi0YQOjlXqmZh0AWVdwA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd45c97c6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 510 B
732 B 400ms
399ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fuser-single.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 94d2cf656348018697351d04eeca5f0112c911b1037860dd541f525ae24b943c

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Sr3HmtJzfe34iElofjzSKn6pvOELsBEuBtQ0sL65wl6fQik8W7vlz8oRKg1yLwkxX9DrpIpecufk8pxySChsE%2FTV4Pqcyh%2B%2BZQB%2FYP8EtJ7uaPMu6QhSfil5NWuKHoxHfw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd45c97d6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 213 B
583 B 274ms
248ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fvendor%2Fflags%2F4x3%2Fsuisse.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 900a0befb655721c1b52b5ec2754f2f553f52b230443aaf016cc224e6a0707ce

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FsOOnkmRBTHffADVryMfm1uegaCRc0rT7rFBBOKWMdCFCRm6%2B58jK0Fg0t6WD%2BVmj5r7xDGCaaJo6%2FCHGPgYRakeRN%2B%2F1KiAlPXSwoVrbIGxIGCaiof7VQIUl4XaKJ4kYKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd481b9c6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 864 B
870 B 265ms
255ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fvendor%2Fflags%2F4x3%2Fen.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e86f8ccbe612e1f4030f3c12d45bb312cc860156e44b9a8639729416eacc2e8e

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OfmAws7xrejQLdRB9VSG7bTNi%2Bti8HoypaKR7FfqtSW7ZkbW9ldE6FgHBLyV0IK%2BSD3jx5mDwGMspS6m62REC9hxbI0tawSN%2B86D8Wj7IAFfEBvfJsiiqBw64n7L6FUnyIs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd485bd36670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 7 KB
3 KB 1597ms
1594ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fnew-logo-green.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 0bfce7c225acf629ffc5f847cf93d524d317deda353d31c009eeb75604d5e9c7

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PAkXQ71IWT0R1dgDt4%2BYptjs1j5DADok5lLhIhQsffyevvnBoRRsIdVyifN%2Fo41fxpWSP3utfoArtM1DxEKXA02Z%2F0ab9h0OaEFONMr0vCtzWD4I1MDoRSKjQvv3jEXo0N4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd4ffb1e6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 7 KB
3 KB 1527ms
1523ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fnew-logo-white.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: a6e22417fb05246577c1a8e0e14ca5c4671f9e2c934a723548f22a0a81050d54

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QIn50%2BMcIPiOrve2%2BqXGdx1by7cEhTqksmerITSk%2FDnZQOYbgA8kdfL2kl1opSI%2BhwsUgXzhxaRlrffJtSjN1FLaRlc4vkwHHSsisJZx8wDsu53Qf22gZakhp78vmwzNOYU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd4ffb216670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 3 KB
2 KB 1168ms
1163ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Flogo_negative.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 021d2a139f09c1bcdfe053b1de778665c5b1811595dfd33a7ecde6de4a00f46a

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=efyRqD0NXBmPBPmgWOXFSZ755cnaOmJpfG173x8o3I7IrcyRl9HCQ1Pl48N4A9aNx7LelskwHlpCAeXOrojJhEKAFmksdpS8oma%2BeZ3du3dnTApWdlmLiTIEdEczY%2BFKQss%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd4ffb226670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 4 KB
2 KB 1616ms
1610ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Flogo.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: c6dbbd5e88b613e404ff8d391b43d0b21fb5d36f65974eae3b4bc22292bd5e0c

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FsWinlVKkJMlSRYTINSJrP8GpBNlsEhvju%2BrfzjBXCG5gRrWP5qHGfBso35AbL9wVRvWRSuUHpE0dPiKYZd8WfX8Q9OT4BnyygIdOBlDUp5%2BSQzc5iUxcA3k6gdye%2B1wcw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd4ffb246670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 513 B
731 B 1490ms
1483ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Farrow-black.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: f6e91066445a9e34cd677ee0d9190e63136338f4e0bc213ff2be121a261f5c4e

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qj78IpY9du64hlchr4nFgKJbk%2FO%2By65WCEmyAbXneXsZ1JodIrOEFnRxW1TiWtV0NjxtfJIaN%2BW9vp3dd84ol3kfMdkNEKVHOGM6bAm1OJIuo2K%2FZH%2Ff9IxN2E4CStbBc%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd4ffb256670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 10 KB
5 KB 1597ms
1589ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fsearch-icon-wh.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: bc979d99cf3acfef59bce803eba7d0ca4eb91a53203c830d76d7f696b716ee31

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UBgX3bKmG4%2BXSo6%2BvQuCW%2FQxqT07oD8bp8T2cdWqt9sK7rsoqi4VWnn0fVpXsUUpMpVkGZiWdpavrG%2FZa4ot53voYIjMhRhHTyCoF83ZiEjavyJcbHO%2BL%2F4%2Fq%2FWUFTCoUsA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd4ffb276670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 7 KB
3 KB 1470ms
1460ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Flocal-city.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: df7d6e56761f168341e47eb86fae45585e11274c9bb1927db718f10f70038100

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OjjOW5cMNC2%2FrMbmloWRlRAeUeDg6qmEd8lJSBzW2HwI0lGpouMZ14euGt0wDRjel2XSFqfxWytvL2O%2FR%2FTXMxq1PUFf1j2FY%2BH3vMCcZYauzcxGQFl0IVRse1cQtU%2FhW6k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd4ffb296670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 51 KB
51 KB 1638ms
1628ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fjunction-creative.png%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e807f60a0069b0d2cd4afca3d11f29a725022590ae06543864dfeaad22f27ba6

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ohxXyx2R2l18Brg9oLflZK9NCIdxMY9NvET8FvaIBA3LzQpoymjMuTFzpsX4oe0P7Tbk%2B96oktd5iTRIyrrgHT%2BRMQmoorAew1vwmh%2BlyK3G3CrZVF0SDJ6GUwLegY8Eu5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cf-ray: 8c40fd4ffb2a6670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 52178

GET
H3 200 /
newsbluewin.net/ 524 B
730 B 1576ms
1566ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Farrow-white.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 77f3224c03bcbb6774e55d034746acc45c861545edd402797d5fecb04bc39cdd

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vT%2FwSMSOfgE7IHmXdvD1wM1vLsSamZbRynWeRl9zhjUMmTOEfkS8ZtsrGIamGuVRahpeFdEazV1l00mBtGv8OTspFjmHHVymIxZi2GnrCAfpQ4nNncVJXjvQ78wKylQTHP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd4ffb2d6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 58 KB
58 KB 1534ms
1524ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fjunction-creative-1.png%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 1c2c871c42284bd9c085c9c7fc43d64f916dcf32bea4efdf0528a75cc5588dac

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BHU9p1xFxU0hB87XtkCwptuD6wOxxn9E4%2B5KzYJG4hOxGuMfKkVjRAqq1VUHplGeKzo11iyvP7GSc8RVI8iHNeFRto2m0dQ2rhkXKgpzsYeeIO3OZmbOeIdd6E%2B6Lk9Zrbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cf-ray: 8c40fd4ffb2e6670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 59397

GET
H3 200 /
newsbluewin.net/ 60 KB
60 KB 1621ms
1611ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fjunction-creative-2.png%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e9a9a6f9419e10e9fa33ec1f3ab5b7001118276c2a10f6b71a844a7479667947

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EfZXefgUy76HX%2B%2BRKVX5bKihxdjWc4joW%2BR3wKTbTYaaUkVKK68ieKRbMbXLsKbg4SozL4to2N5z8TzrFHq7dcb7HUr8vWLxYPcVNEXn4KjnVLbFv%2BOVukiMpEFqQvtJ1Wg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cf-ray: 8c40fd4ffb2f6670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 61499

GET
H3 200 /
newsbluewin.net/ 57 KB
57 KB 1556ms
1542ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fjunction-creative-3.png%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 33a4f3107605c69501a3b56c56dea8d519e2b4fed699b48093f45319dba736ef

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7XO0eX6i6h87NK0LXJDSzIsp3Tc5TfW%2FAJTQv%2B5UDBy5tP1cOvTSH5Ff1x5cXFCNdFuJ059mPU1fRj9nyRU1VGqP9rZLEpdOWLmBEUC1I418Rmu816scdlnygftwuq7kwIc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cf-ray: 8c40fd500b326670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 58281

GET
H3 200 /
newsbluewin.net/ 6 KB
2 KB 1602ms
1587ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia-library%2F157482%2Fnotif-ala.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ef0c0bf2f9482f97ec5a5263e95cae13293e977021db73abbfe547d38e08c8f5

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CNESFb6AW3vHasW4Tt3%2Fc4DpiyZB8mr%2B3wcXDAomv0dUFPY1iUjiXiT4ZNEPa8jgHBL7zSsJlv1sm9nl2C1CWptCUQNUslU%2BERxIgNRQXP70Jpnhn0QH2EIgNF%2Bw7bUhbjs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b346670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 19 KB
8 KB 1638ms
1624ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia-library%2F124649%2Fsearch_vacansy_employee_user_human_avatar.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: af10ce3b0808c1c9e38d6c4c6b46de5a8245d6dd7acf78ffb2812f6a19642abc

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pFOUdcllOHHGHQ0DPlyoeN1OXFP03UEAlRjCEUJWXLCAVW79IMuLWvk2ZVfHYgdeabMFAVeu5XL6smlgRZpIQAZQtoQUSb3xRHbv9okcYnetoQAtQTrU6ejZBQoDJNKmJD8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b356670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 404 /
newsbluewin.net/ 3 KB
3 KB 2269ms
2254ms Image
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia-library%2F157484%2Fmail-email-envelope-message-ok-check-final-step-verification-%281%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 89c380a55a182befdfe33916554cc9580ea8c8d6f534cb1ccbca9d7256bd7bed

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=In5f0WP%2Br%2FVA2a9KgwUiPIrMkLdaKg69Dkd%2BV4nT7yyxjmkpnu7dgldE1mmnpWlub9haX3DwudTts6gNEhPu%2BbGnHTq%2BOderVOHiiLD%2BreUlC5NdugmT0e0zc20CVvjxxDM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8c40fd500b366670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 6 KB
3 KB 1557ms
1542ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia-library%2F157485%2Fshield-check-protect-protection-security-secure-guard-guardian-defense-firewall.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 62510114e08a0136d1d77cc118a3dc0154db23f0f52c809f90b084ddb1b9e820

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1GDX0vsrGugC9Qct8y2%2FM9y7WS609JLN%2BTIimMZQumSlQb26Nf1TTrvtAIsL8j4YbrhEbb0iJmtPRAwxc43Pu2VOjLNDQFovUJMLMCiLwVgoFmF1apsMm6apD8EyLPy8vkg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b386670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 29 KB
11 KB 1602ms
1587ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia-library%2F157483%2Fsport-prize-award-top-achievement-trophy-cup.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: d977ce9bc7ad52caca7e8041934fb143923347da46ba312816d3d38497f58e7f

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bok1aQKAg9F2ewArSr6Lsucb3sIeH3R3IdU%2Fxj48hy799b8VGxYL6FTf2%2B3luQM2hOx9pc0YrIw648XukzXslL4ki%2FTwB0g%2FPnyoOQmyIYDqKkqzLEoKuKX2ZS%2FhAdS9RyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b3a6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 10 KB
4 KB 1602ms
1587ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fmsg-envelope.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44d5b782d736ee7720d1d0d8fb95c98d85f413ed75bf95d26d1401a0a571a3a7

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LKcLHDYO%2F8fBymGOLPpnPOJvzYi7Q7TiaZPhCHQVfHgVwWG7Zd1ZtxTJ3NQNSVRyGMU%2BS1TRuAL7MPLb%2FoP4qkSUWjssVk%2BRpJPPrZtY8jPOnFVQeynvNty%2FigeKERguj20%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b3d6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 11 KB
12 KB 1644ms
1629ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Ffirst-caution.png%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 6b01e8f634986d14c1fcc4f380ceac952adddc4f47e7e008c7b0d7595c826069

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2FifGwp20Nh2Dz4hBLBycNFvMk8%2BIaWou%2FtMCatIBrFvJAx81ftUt91SzHgwPp2w2tBMlqc9vsfLmosTxY8haXwZu4pvdE3h%2F79QU%2Fl%2BxmGEpKsTCMGO0ZtcGqptspDxRS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cf-ray: 8c40fd500b3e6670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11406

GET
H3 200 /
newsbluewin.net/ 16 KB
6 KB 1613ms
1598ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fkey-house.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 9add8a2735ab7b70dd627dd080c813f4e42b2baab8e1891fcd8b2bd12aa722ed

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FYvNO9QRvzkLUuTA8s87GZj8vB3gwsQd5CD4l9ODAVjHDoRsu2UFEbhIAeXDriYAFmjP7pozAdrW5s1FKkBtiPdRd%2BKbg7yCl6s4kccUb1ZZ4fXeGq%2FJLp44OGFgJdtLRdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b3f6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 5 KB
3 KB 1601ms
1586ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fplan-move.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: b507f43bb325998d6326b0adddd60ad7f63f1b9925a840641881af46389f4281

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tbFTa%2Bn9%2BzzmTAh0wTyg7guCFDFMmGsv%2BLN%2FWPNoDlQqLdLOV2I8BNqlV5%2FakXls83jVBFi%2B5mzqNEXK12AtCSpAXJPiZsy7mMYs8%2BnDXkeaVsUnXOwsck%2FlexMyYDYF8M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b406670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 6 KB
2 KB 1602ms
1587ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fbox-cover.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 898a2b982cfdc4ee57d372ac3199a920633a15e207b299a786945280ae291ff3

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W96x0UXvXLX76IrvA0Vn%2F1dkTPUyLsa6quAndLXhdHok3M%2BdDHNGrGgibExMVVKB%2B0VqNiBkcabWZlN%2BLXehu%2B9Bll%2FtgfnTnPE9MvcH%2Bvjn8KRt1Jj7HhJWMUsdDVcMd6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b426670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 13 KB
13 KB 1513ms
1498ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia%2FrKmOxH0Q%2FtmrRpN.webp%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 6bfa8ae5441c6aa304b23ebcbf2360e6e718536e15d2fb6ca0ce4f632b0e15b2

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MTU4rHhkhL1iRiH1iCz1hxfnlNIJ9ZNdunoLYoW1BoDkoLBYxY9sjZLsIOEzxP4scN5b%2Bklum9J9DFTQHV7tJwT5eR5iju%2Bu72tBjayy2KtBo%2FsyYFPII%2BCWX2RjPsj2zpU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-ray: 8c40fd500b436670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13306

GET
H3 200 /
newsbluewin.net/ 13 KB
13 KB 1648ms
1634ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia%2FlZaw31DP%2FtR6oOM.webp%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 56cbcec06e49e956cab7b9dd8c5e18437304166900326119b9fdb4f0f4cb2657

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kcrBck5NPJ2ao6PXuAlKfT3uoZjAby8ZnP4MnX2Ga67ueU9LNHFRP0rnKOM3lPP%2FeP2TiRi6ATXpcUoGx5UnNMmmHQ9%2FI6UPa0Zy6XN%2B6zvgD7Bf44vuKJPOF0gEI%2F3ijNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-ray: 8c40fd500b446670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13278

GET
H3 200 /
newsbluewin.net/ 22 KB
22 KB 1536ms
1522ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia%2F4LXdo1rf%2FGmJAgy.webp%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 1e3c1e6798f390a9b96627d4929e303e0185d5ba1fa8c2456a24dee40d6bf692

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=llFXjucOq6xqmndh3fw9JBS%2BMKV%2B9OVbBfEMfrarTrEQP48lWOI6VOJ9DC%2Fvg54m%2BK%2BeMZu2ovYiTh3gJ3LOkLVDbzy7k78%2Fmt%2Fv9r%2FnnY%2FVEdDzRiiGJL7t8vSZdPKULIM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-ray: 8c40fd500b456670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 22540

GET
H3 200 /
newsbluewin.net/ 12 KB
13 KB 1513ms
1498ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia%2Ftw3GT07D%2FIUn5oq.webp%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 9cf7d7857708b908b6fc4ff55300b6ae53014de882fddb92de49ab9a6493f0d2

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=husU9ex%2B5G0WakdGYdqm09yWC6ML0tXwBZmMXpPpjh4s5BJSL8rkwi30pGfVgYjypxNMuIwMrtvBJAzCcG6%2F6B3WLiqSsPmPmeNbbcmhgcgmtU5z%2Fcm1yhdV4o5v%2BY5XA1E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-ray: 8c40fd500b476670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 12684

GET
H3 200 /
newsbluewin.net/ 8 KB
4 KB 1601ms
1586ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Ffolder-file.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 1534c4b93f6087898fd458876414fd4c5d30374d1536de48eae0cf93eb8542d3

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rfELCWSzBbko56YoU0UZfj8d4DXH7jthTUNSTIQue5yrZGKLIuGVYf1gthORWP%2B9JtFk%2Bpjy3LXVQ%2Fa%2Brot4PPHuRs2y9Jdiu2o0egLknrTCgeUr87mHcPc1BFqOSYDws%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b486670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 215 KB
215 KB 1662ms
1647ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fipad01.png%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: a8d6d3afc4890653c2d8c4e745f9a351f01ba066ab72d95c2db93fc0bdb8d232

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wc9cMsupRDkIs2YU2cwZ0lIsBRiP0j%2BBIGY65PLH2BbOHJifCa56GZPuAi8C%2FzR5kvPL4VWLZRgEo8L9OSg%2F1lnvtgcqBUqiN0Ke4XKBNMT31vXIIF%2FIbbUKLxHoQyF3q8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cf-ray: 8c40fd500b496670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 220166

GET
H3 200 /
newsbluewin.net/ 623 B
744 B 1704ms
1690ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fadd-expand.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ba6419b3de55d13b22d6caadbb08f8accd35dcb4ef850f70a8ecbc57c8fd0a74

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yREgJuosd4SgCKGJYjKk8Vzr1pI6Uw9i%2BhDnrYDvaVXs6RI7jGce5P5a8nwjwyYb%2BucfUk3f9ruaomuHEqRgjMs2oT7%2BWZeyvYk7k9isST2clmmQUAOxXpVcDELIeMXNum0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b4a6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 2 MB
1 MB 1977ms
1963ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia-library%2F157486%2Fwoman-house.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 3d6a55d424a78cf1eace6759ea4a1ae1cd044cf33b6ea32e9a6b9e2b4a0d58e4

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hCi2n%2FAuPuE0vLE3D77UbeLXCzG1d9QTQ73VpSxF13PCu8VHSoMHVToCDwmuJOOOwhUNqCwxOMc5OVmGYzaFj%2Fgk1LFaay0%2FbusnJ5fzyhIBKHyd%2FxcnznnfPZ7qqxqGdUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b4b6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 2 MB
1 MB 1789ms
1774ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia-library%2F157487%2Fman-house.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 3996029cc779bc2eff6dbed4050ff5c4e308ea8ef6809e5b86110566ce514a12

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CTMDXk7G0lxS62kU5HRkU2jdr7h3UOULOkwzx2ZSAcIaBn9rrjDhEX3GAL4iMXUIIRv2vD3umOXAxluX75N2SuXzeRhMupiSvRzoi8C6Upp2hUlkndFr5hGXZKTIxKBK7tc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b4d6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 6 KB
3 KB 1527ms
1513ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fhomegate_logo.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 39529a386116b04eda2c85357eb524080c5506ea5f22f153a8ce13be2c0498a7

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PhkcmA0Ai8yxMXMPVkFNKLXZPZU1Zn2ZrOE2z0PY7oXz90E%2FeRKfbVSkZlbLE1zuoCgksw%2BLR%2BTy88gK2UBgMoZG%2Bs00AgktvTdlFjHKAQVgXDSLCmhHK4uxfwJVw%2FQZlvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b4f6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 7 KB
5 KB 1701ms
1687ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fimmoscout.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 6e4a8aeb8897f06ede99800e86b0feae44b05eff174094750fe3866d50d0639a

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ifw3ZEPYF5wSlkf4TVcPctq%2FQrQttoHRzu1Qe9G7EzXqiGTxdxmWIIyGLVb97owo4hd1Sc%2BtRxl2Lyjchdu4twoyKj44B7xQNOcPA46Q8RI98W%2FP87yrVtyOqIW5D4DFKx0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b506670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 7 KB
7 KB 1703ms
1689ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fimmoscout24-logo-vector-1.png%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 912efaa09e3646c3d0d801c627f2dcec733625742b3d535c0db8965625098fc6

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xzASaOHjC%2BBZz34CxgATy%2BYfzv9%2BCC8ztK0QTjvTMD4yYj7z0A%2B0cPgh9YrCZnqdu14ulAGp4uDcPuSEryZEKIAtBopLMZIUU9y3cec3fF5q9aLcccSPt3PzAeFNf0FuvKY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cf-ray: 8c40fd500b526670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 7194

GET
H3 200 /
newsbluewin.net/ 526 B
755 B 1502ms
1488ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Farrow_white.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: c7eea383dc5486a0a1b17020cb270ad1b55da14396363482f1cfd1268d6edcf9

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ERl0m%2BvDj063hmXGT9S35uMpMJ3tvexJ1U6YtHJSZxzQ2tPxkyFatUnI5UXBq1bx6NwoOP9M6pEOJK7Ih%2BcHdOoB6DD8jkIZvrtcNSuqH0QWOEFBYPgNj63kEfKlfZHQYoM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b536670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 17 KB
18 KB 2940ms
2926ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia%2FEul7Pmkq%2FglWIN4.webp%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 758442952c61f390d8c226aa8ff7370ce986ac64228886279fbaa8e585295bab

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A9MvDtneiHiXg1U%2BTUYZOgcjiedZU5Gv%2BMvypdp3Wgn7vZD6uJIAI3IyoVLqh1KSvnVQpbvGl28%2F0qbFqBob1rqNtEj00WHo7x7x%2FKC%2FdS5Cwxk5IXdX7IzMWKzyvtXhRt0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-ray: 8c40fd500b556670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17902

GET
H3 200 /
newsbluewin.net/ 51 KB
51 KB 2942ms
2928ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia%2FhUOYOkKM%2FjbDylO.webp%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 14dead41a25900142e8998bfd2191a28954aceb1bfa3bc70733b685207090dec

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHckAcLhKTBrkxJD3xbX0wlq%2B3r12QBYzMVth6fo%2BLJNQat8qrKWTtpYvnexcQx9G16md9do%2B6tdQ107VIAR%2FCS%2FMadijgRfQEzD7iZ%2FXWZCzuRCPegaeRXVN50Q4luWRws%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-ray: 8c40fd500b576670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 51884

GET
H3 200 /
newsbluewin.net/ 9 KB
9 KB 2949ms
2935ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia%2F3c1AWZui%2F12RTxg.webp%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: fa92d758fa91c4aac9ff9ebf8663a71f9ada0fd0632d92d03e2fcd801afc20ee

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2FceuVmX2xVp9o0QY51v9xPZv9aiMegLlltsulmFDCy2IFKOLFcZOmYeCv0axRgldc%2FMCyeigdEeQqdfcQ6D4eHgu1pRw7WrFnJJqauGBC6rfqj1FGnbAl%2F5RyjCIY84BRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-ray: 8c40fd500b586670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 9302

GET
H3 200 /
newsbluewin.net/ 26 KB
26 KB 1553ms
1539ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia%2FU5nute3o%2F1zeVEq.webp%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: a64b9b8fe8dac882547aa8b4a41bf7d7684ef6f6b9f2935e91c764e86ec9a89b

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mz7UXXRHwWzjKZDHaB5r0QBb%2B1yGw06ptgegU5N2GgTzg6FVg7Z0a0JcWpDNTXp4r46WwOTq1%2F1DzCYdkkS6x0yuO2M3SFkPYBe%2BIkJuSIwRM3CowxpXyPIIVfEl4hX5m5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-ray: 8c40fd500b596670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 26664

GET
H3 200 /
newsbluewin.net/ 5 KB
5 KB 1494ms
1480ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fmedia%2FPttbm25q%2FHlZUJg.webp%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 054486164ab04bcfb5341f2f9653eb7523710ebf03862f087aca2775fd95c7ac

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xKAEsFvDPhm%2Fr6Jg7O%2BUAzsG36nDOwFdtyr%2FL8Xxoh44ukngmE5L1ZpRDxw4iK2F7IFdy9Qto%2FpHkxwJPjHYKtp%2F39M7mO6A5Y5KhPA%2BgddpOVuisYlT5ZT46UuAG3%2Bq5N4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-ray: 8c40fd500b5c6670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4678

GET
H3 200 /
newsbluewin.net/ 6 KB
3 KB 2972ms
2959ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fsecure.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: c91faf613a96ec9c48bd936ddd7c16e4cb2f55f378ca26cc57962ef08ae0a24e

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XaUCQJfTV4W%2FxeeBWW6SvcdEFHU0EJoT9gFQrCXYNWbYotiSJyifQXPFAbgSV%2B1tcV1n46rvIgBPgDX6xSYU6YmJpTAGXw5zRbnOqlUwtbrOpoBtNGDQx4d%2FwhbIFS1JaXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b5d6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 13 KB
4 KB 2979ms
2965ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fpayment-icon.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 72f93ff1193492a608ab4bd738702e2f6beeca02a201876230b8fd7ba1db4124

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MdGhAWkiLoYyLak6kGP3qgvlC3qEMHgEbTBZB5PZ%2BNJvgOd9th4VLJliLa38S8cfNj9lssT%2BnEpZ3JOf0crfcfXmfSS91RQCaUDY9JoBBSB9wISxNuvdE9q9CJa%2BMC7dNgo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b5e6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 10 KB
4 KB 2979ms
2965ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fphone-call-daily.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 27772212cf666e06e50544ae8fcf047de7e1e9f2d85f527cb35b1f51c7c75537

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uEKfZBz%2FfUj4wRYefbqSTcpk%2BypWSQSwF8hvyFEHZmCqY2R3oOIpYFrLq1tZeWbwX3b5NUssfYc90kCqVraJoO3JaoM3hMHy0TnbnsY8H5vKIzcmBnnhE%2Fkxr0X5jTnGM70%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b5f6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 7 KB
3 KB 2979ms
2965ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Flogo_full_negative.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: fa2bcf099df5f460c1b6f7d838f5d01dc014cb592d1420ab636ed6a6788c9bb1

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8W14M%2BPzrsV0nFSkOrJw%2FRsN2oqKb5hzcs9KsmnKOwWoSF%2FsdjDFVSnTS%2FU%2BtOtfzDvFzZYtZRwsc1q3JMj%2FTmae%2BcR%2BnK2YClYL2zpO%2ByI5f8sHpX20LSDjPr1Ds9hxUKU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b606670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 593 B
763 B 3059ms
3045ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Ffacebook.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 2207e8d7b396a13c8097e3f4a571c19b53f360503c59229d8617198f0600ca2a

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U0X9MFhMJ65V2aYCFKvAYlQ3Z6x9yo647lBbkhFhnCxZUQS7UzojTCvchkphaolC73pE9TglyU5HEnTTNbMG3YHXY5Rj%2Byahr2cimMJhKLtXqyJ%2BgT8KXEiP9V3mv%2Bt8304%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b626670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 2 KB
1 KB 3053ms
3039ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Ftwitter.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: b26438f177b783ec256e661412b68349565f70da78e29dfe8e4f81c2d69d1910

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1cx19QuAe2Von2GQAwq5JIKlNTrq37N4QAh%2B71G6YP5DBK2fk6s7O1WlBjKn%2FZ9FQ%2BH9g4AN5u8VufirFCIHgnIqWHCIda201d35uN%2F1%2Fi%2FgS0kuHtuBvJdp%2Brba8tlZuBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b646670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 3 KB
2 KB 1484ms
1470ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Finstagram.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 0a0f0b28b221cd939a29728b049d45b38a78eeab04de123ae31dd871f1bc2735

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DfyhE5%2Fn6f2G9H0YUot9L1VOjea%2F8XHtRwX6Z1IIGv7jcsJWzlg4NpoaAhMUpiKkHK9fqOaOK54GuDbLv31pO686OlCGz%2FgD0li19VD1tSEYNVt6Z1uR66e15qgusNzkwKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b656670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 1 KB
1 KB 3057ms
3043ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Flinkedin.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: cf421eb6cbf6cef9b54876161b73b5de9d8ed46d18d840bf9cfcce4e4d93eaa0

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FPeNIt1votCCpH5F3wx7SNvw82H9ailkVR%2BBAsV0y%2BgSKcZPmFEvfAlmccQujxOZiq%2F9M7uYXXiSzRffhqgHfLfO3aIyBH0EFbZ9st4kLAutjKCPfQcTVhHY%2BrA6ho2xhlg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b666670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 564 B
724 B 3054ms
3039ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fmessage-outline.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 75c08c678366766c616a05e00efd1733611c87226f9b53ea36cf470f8c61e89f

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XF6imJNepPxNNkpQGeijzaAk0NumC3ezxoO5kMuibXK9wHnSNnFwAvGeZ2kygBTKg1QAGDfcbpcO5aMkGVOQimnKpgsEJINFCIN3pIaxBnI2etsn7yPjQI%2Bw0uswT3Yo35E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b686670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 1 KB
943 B 3053ms
3038ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fmedia%2Fphone-outline.svg%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 1831c424ab66a4b3451df386f457313498328adaaac86eb420ec6cdc814ffc83

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FK87YRhEv8xFNz%2BSEy6X6AE5%2Fv0I3MEdB6ZB71p4RGTtaXqlw11PTNhEYfY9ddRtY9bE80tgJvuSTV6HqAz4OuzoRpcKZavD4CGyo%2BrnxU2rWn98MLPZl0LhMCarcdp6XJo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b6a6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 258 B
624 B 3057ms
3043ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsbluewin.net/?_=%2Fimages%2Fcore%2Femoji%2F13.1.0%2Fsvg%2F1f1e8-1f1ed.svg%23KJWqMdlUlBn4ZfpbXw%2Fn
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: a8dd74c5a29474b0f704b6b7aa652002e84390200e3412a4e18db24bce86e86c

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CYRxLJi5iQQh%2B6%2BImq9obiBgHPxRkEbN3uk6JpNOvpmTStjf4wAYCTsuv0DoKRLchPtOeI4r2yRN0X9yiTopoEv2GowU58w%2B0F8h0ZTlDOoUfOA9Nye%2FaO%2BtqLchJeNejxs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8c40fd500b6b6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
newsbluewin.net/ 87 KB
31 KB 186ms
167ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?_=%2Fnpm%2Fjquery%403.6.0%2Fdist%2Fjquery.min.js%23KJWqMdlUlBnoL%2BNbWg7kgof8bpMuFVq1
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2o1qeSsfbCOyDdU7Ea%2BuHRr9kQbJkLbroXVqmMqdydcV1igr1TOS3jmUizhqRTs3vCiusSIxrgDehtlAY7arWlITxhHQ49tdMFjOlMTASMNK23A9SC96qG8AhyiOT%2Fyv3Ak%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 8c40fd49bd3a6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
newsbluewin.net/ 76 KB
23 KB 237ms
214ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?_=%2Fnpm%2Fbootstrap%405.1.3%2Fdist%2Fjs%2Fbootstrap.bundle.min.js%23KJWqMdlUlBnoL%2BNbWg7kgof8bpMuFVq1
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Request headers

Referer: https://newsbluewin.net/
Origin: https://newsbluewin.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IV4wLlCiwy87Bqo6n2Sh4%2FBGRZ%2Biu3I25nLoPftTfm0P0LBg%2FGfl5fja58iga2WnJSifFixbnMkI0ysVRBPelRZYO69xhikC33%2F3xNghnpA8eRj46cA2tWFSkq%2BEFsdhBRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 8c40fd4a3db56670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
newsbluewin.net/ 3 KB
2 KB 198ms
174ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?_=%2Fnpm%2Flozad%2Fdist%2Flozad.min.js%23KJWqMdlUlBnoL%2BNbWg7kgof8bpMuFVq1
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTiqvH%2F5AvmfcoLDB2BF7qi%2F3rHRd2uOITTLI0Z7XjNCR1jZKkvar5jJOZPJdQxbh%2BL3Lj2uLtwZYZPbGwCPmK34%2Br1hA4kovhw50FN5MmCz31wz6D4iLHiGyAnK321Ygwg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 8c40fd4b8efc6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
newsbluewin.net/ 6 KB
3 KB 235ms
235ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?_=%2Fupp%2Fpayment%2Fjs%2Fdatatrans-2.0.0.min.js%23KJWqMdlUlBn7KvRbVBz0hp%2FneY9zVVyupg%3D%3D
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 91f218c3a0d230d09ac33c0cd6986db093d82fd4f333dcb9d7c8a400fa711b28

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QRPCBy%2FBx5KFn9xoGu7Vyqlw2U%2BhvKZxZG4IBa8FrXSMc0d6pIywj179V0bR2xZJvG%2BWK8L7Mcjzdr%2Fvu3mgC6XOd8dAZo5adFwJYXrxFQlGj0h1egB3ajqWpbSEb7gE8c4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cf-ray: 8c40fd4bef5e6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
newsbluewin.net/ 1 KB
984 B 222ms
220ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?3Z85R7gkeHOrEE=&_=%2Ffront%2Fjs%2Fguards.js%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 25cd58e8f5336df4b048ac4b5ae5942a160994d50ace856b5bc151775276e5e5

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WG3soFJ4b6IP4wFTFuMehkwaxnHXl4OLl%2BrYBHnGgCwhhzjt%2B9OwAHTBv5cypQePfnF5XFs1sXabDAFZYm3x815fHozhheJvpQGvlLsvglbO1eYfvBSdOD0YMahZPpVn1J4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8c40fd4cc8466670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
newsbluewin.net/ 8 KB
4 KB 3058ms
3043ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fjs%2Flazysizes.min.js%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 7d35b4cbabcbdce184ea0d2224d452da34974dab0144d65c82ed428fb4ed343e

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3m4ayhk09nOLqicXEjTx1vItW2HlzyLNSWdV6lEA%2FEIvmdNEw3z%2FbtMFjIdoi2gKyxycr3e0H2nF4yNO6EAEphHmGRxB5HSjLUmF650aLsZ1OrBB1xpo6wlHOgAFUbw4swE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8c40fd500b6c6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
newsbluewin.net/ 11 KB
3 KB 224ms
224ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?3Z85R7gkeHOrEE=&_=%2Ffront%2Fjs%2Fsellable.js%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: d37bd64406c1e58f9641f15ed3d5604a35e75187ce8631b2b0bd5e3b5e30b29c

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qdd39x79%2F8YE7e01qWohdMKDPx%2FEhddPZzZia0ibX0RM5EGHSV9Pz8u%2FS4VdiB2JrmjYpivJ0uNnJ9m%2Bs9SAklZUvfCOVlwNwu5MAP1VRJtHYpJ%2BLY%2B4KkrA83AP8xdye08%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8c40fd4d79016670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
newsbluewin.net/ 13 KB
5 KB 234ms
233ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?3Z85R7gkeHOrEE=&_=%2Fjs%2Fcommon.js%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 271c9fa156b8995fa139f0be4b287a2f144d1f28e859af1274bd5440ccb3c6e4

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wGPuBHJ9AgCo2dYaI4fi7acJJ%2Fl0YQ7RZeHuWB6Wy3YroHLFKO0f0nzaC0pw%2Fld%2F46hHmIc5EIEs5MwEIIo8AB0yTGb9gTOaBQlKdNrAo7t75JnlBiOK5bVtveNSJSGt9g8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8c40fd4e299c6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
newsbluewin.net/ 4 KB
1 KB 224ms
224ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?3Z85R7gkeHOrEE=&_=%2Ffront%2Fjs%2Fcommon.js%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ea20e99c11d460255011a94d21ab3a9c95659a07203af0f4854553391e91d13b

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uqkhX6JwJa65%2FAeD2g72c4rLAGDGpqFLPU%2B7fq%2BKEJyEjdx00ldYGHs5gSGiX4IYXtDe4rcmIurBkrKHR88MTVnnY2rn7Y1RIooxOBAxBO5zLe6pTMuGGAiMMl2yN%2BOTe0g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8c40fd4eda2b6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 102 KB
22 KB 233ms
233ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?_=%2Fajax%2Flibs%2Ffont-awesome%2F6.2.1%2Fcss%2Fall.min.css%23KJWqMdlUlBnoL%2BMfQ1Pji4TgfIdsGk2k5eA%2FIw%3D%3D
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: fbfc5cf054df13f9243ce32a27bf13029d9d7ae741aa421b327ca3e3559a1269

Request headers

Referer
Origin: https://newsbluewin.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XRegPIZzNBo99Sw9WON17%2BfpyxDPqDivwlgmSud50kRy14bmOBLS3bHSeg462KyYpXAHFLQwq1ryBmlUZiBUsN5qLVTB2A2zdL8oK9%2FmCbqBdmtwhwqoTxdBgItJ52OMjN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cf-ray: 8c40fd4faadd6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
newsbluewin.net/ 30 KB
7 KB 1220ms
1219ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fjs%2Fjquery.validate.min.js%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: c08420829004a6a683afbe331ec5d762878c6ef85e2470065c18eb4dc64b96a4

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tRmZfn5syRDedxr%2BJSzTBiB%2FJ6%2Fn0j%2FhHocHnNFHdxe1lpk8sDTsv2Ht7Ny8x2tSj0HaOIiEy4UZeICddQYGeBkJL6gtcj5P%2FMVVKOU9TTdteZ7NZMFC5zwiLPVCWTdl5Y8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8c40fd4feb136670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
newsbluewin.net/ 2 KB
941 B 1122ms
1120ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?%3FLxiZjuSDQmt4Tv=&_=%2Ffront%2Fjs%2Fcontact-service.js%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 204ab4ae202b4161a9044a00507e70cd0abde90769764913c3514fffa40fd5f2

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BNzAqaaOrOO30uOS1cPQN%2ByFkK8sKbpwo1v%2Fj9uUvUuD8JaCGWErrkNsP8PmjPWaDYjs3nuvK8iN7%2BClXCVTjNdECFgEWjT7LNhaPlM7Jt4%2F0Wj8BM8Jr4%2FD3xG8kZPn0GM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8c40fd4feb146670-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
newsbluewin.net/ 167 KB
20 KB 1168ms
1164ms Stylesheet
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?family=Inter%3Awght%40100%3B200%3B300%3B400%3B500%3B600%3B700%3B800%3B900&display=swap&_=%2Fcss2%23KJWqMdlUlBntJOMBQ1PniITydIRhC1ay5eA%2FIw%3D%3D
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/?35451279366=&_=%2Ffront%2Fcss%2Fpage.crush.css%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ecd2baf7c7747fc1a32d0679445f9a0678219a4681ad295e923b5a7aee173a8d

Request headers

Referer: https://newsbluewin.net/?35451279366=&_=%2Ffront%2Fcss%2Fpage.crush.css%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ezSQ%2BvAUeLX9yzA53TvWkBsWxvw6lgyejEJj2WxJKjNDSSfccyFZTLW%2BTrDMMux7XcMUJohbCd0mFGAcvcdPCePkrKGgg3vvSXdAvvEGv3hfMbTc7Q20HWSI8AkviZqHvF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store
cf-ray: 8c40fd488c076670-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 357 KB
110 KB 191ms
52ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5PGFZR7

Requested by

Host: newsbluewin.net
URL: https://newsbluewin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb7b779f9ba2db3110a5e61dbbf8d9dff8a127fbedeb2a9a0175cc9199b8624e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111806
x-xss-protection: 0
last-modified: Mon, 16 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Sep 2024 12:51:42 GMT

GET
H2 200 sa.js Show response
sibautomation.com/ 10 KB
4 KB 120ms
42ms Script
text/javascript 2606:4700:4400::6812:278d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/sa.js?key=nb68vhnqwf1217z9ofyt33bf
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:278d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash: d0b3f90e7ad02ff459416650b171d621b01970873fbca6e1fa19d9c84f42d2f1

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:42 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 5962
cf-polished: origSize=13285
etag: W/"33e5-cp80vCCd5Eeblizsjkg6lINMoWY"
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 8c40fd507c620a4f-AMS
expires: Mon, 16 Sep 2024 12:52:42 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 102ms
27ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: newsbluewin.net
URL: https://newsbluewin.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 16 Sep 2024 12:51:42 GMT
document-policy: force-load-at-top
x-fb-server-load: 56
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58953
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=23, mss=1232, tbw=4422, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: wH04jx8BTmP5hy2a+4xupUr5LAUYDPJnf2b2KyDPWROej6qGE7HG+5U+lKNYudNj5efnKr1l6N2wK0eCfw41Lg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
newsbluewin.net/ 708 KB
167 KB 3057ms
3043ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?_=%2FCobrowseIO.js%23KJWqMdlUlBnhOKMWXx%2FyiJzmfc9pFA%3D%3D
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 6e3b5e3d67fba210f29603391408ae8c48a51f2bcb251c8946b87f02e0f2f67c

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rag1xQDjd4HeJ1h5RvEpBxGDK1cZR67TGHJe0Z%2BLbovn0c9TpG4Bb5WLcwmHcAYBn5y1pURaX3MVGsLBgqFxarkKClZhzdyV1513Gyuf4Z04rjPoBm%2F7V9Yl9EJXBdgcEbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cf-ray: 8c40fd500b6d6670-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 5LcTc7.webp
sherlockhomes.ch/media/t95xrpTx/ 29 KB
29 KB 177ms
46ms Image
image/webp 2001:1600:13:101::4a2
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sherlockhomes.ch/media/t95xrpTx/5LcTc7.webp

Requested by

Host: newsbluewin.net
URL: https://newsbluewin.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:13:101::4a2 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

nginx /

Resource Hash

ee2fce3ac89d2f86c521261e369e65bb4cc1b80c9c5de7eced9ddda1ccec5d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://sherlockhomes-pro.ch

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:42 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 31 Jul 2023 09:33:07 GMT
server: nginx
etag: "64c77fd3-7220"
x-frame-options: ALLOW-FROM https://sherlockhomes-pro.ch
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 29216
expires: Wed, 16 Oct 2024 12:51:42 GMT

GET
H3 200 /
newsbluewin.net/ 20 KB
20 KB 3126ms
3125ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fcss%2F..%2Ffonts%2FAlmarenaRegular.woff%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/?33775940464=&_=%2Ffront%2Fcss%2Ffragments.crush.css%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 9470e5df00ca14e3d32af3c6805a4fe5d832d0c4a439279591704bd4cfbd8c3c

Request headers

Referer: https://newsbluewin.net/?33775940464=&_=%2Ffront%2Fcss%2Ffragments.crush.css%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Origin: https://newsbluewin.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9RYbGu%2BonLoaeqLg0iEoA76O1sfYSHdXAfp%2FM1VGTDKyxE9TClvOOpgjoMIdQazB2EVBkzllMCoKPaVt8SjHvivgA8vSYb26T%2FwX5K%2B9sIATnyi2jRptc7uzY%2BrthSNav5I%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cf-ray: 8c40fd50ac0c6670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 20044

GET
H3 200 /
newsbluewin.net/ 19 KB
20 KB 3204ms
3204ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fcss%2F..%2Ffonts%2FAlmarenaBold.woff%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/?33775940464=&_=%2Ffront%2Fcss%2Ffragments.crush.css%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 7a7390a9ba3fe721e72d4487f307f5ed17ab0e8756b4a155c4d535c7f3b98975

Request headers

Referer: https://newsbluewin.net/?33775940464=&_=%2Ffront%2Fcss%2Ffragments.crush.css%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Origin: https://newsbluewin.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rA%2BTKwOCtdxeia8YTkYrVx3e0zoyNW0Xv3%2B%2FIlTD6m65v5JlhLeTOeXFvcPgAV8qob0ncvzPfbnznaGdbAH9Iwu75vVGRECXWC9L%2FCE4NRvVFcNqF2bt3Svx4O2yaRfEU2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cf-ray: 8c40fd50ac0e6670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 19712

GET
H3 200 /
newsbluewin.net/ 19 KB
19 KB 3099ms
3098ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fcss%2F..%2Ffonts%2FAlmarenaLight.woff%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/?33775940464=&_=%2Ffront%2Fcss%2Ffragments.crush.css%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 1ff050979aaf7532b6363084599f642f819b2c9c07b88061be6aa55a7cd12ffd

Request headers

Referer: https://newsbluewin.net/?33775940464=&_=%2Ffront%2Fcss%2Ffragments.crush.css%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Origin: https://newsbluewin.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owTI3ZzE%2BB3%2BiXmIAtE0HzxDGYJIA0W32pePhztVqX3RjJyArgWuTL4g49FxYVicgNNQzjtfMSH%2BmOA4YcoJcrRAl3%2Bp9nnqYcc2yLBFXu%2BP6Gjo5muFXRlsA4S5GmZH8g0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cf-ray: 8c40fd514ca06670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 19076

GET
H2 200 cm.html
sibautomation.com/ Frame 68D9 0
0 106ms
56ms Document
text/html 2606:4700:4400::ac40:9473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/cm.html?key=nb68vhnqwf1217z9ofyt33bf
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=nb68vhnqwf1217z9ofyt33bf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash

Request headers

Referer: https://newsbluewin.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 10875
cache-control: public, max-age=7200
cf-cache-status: HIT
cf-ray: 8c40fd51ffbdb96f-AMS
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 16 Sep 2024 12:51:43 GMT
expires: Mon, 16 Sep 2024 14:51:43 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>

GET
H2

200

sib-conversations.js Show response
conversations-widget.brevo.com/
Redirect Chain

https://conversations-widget.sendinblue.com/sib-conversations.js
https://conversations-widget.brevo.com/sib-conversations.js

67 KB
16 KB

160ms
44ms

Script
text/javascript

2606:4700:4400::ac40:96d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conversations-widget.brevo.com/sib-conversations.js
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H2
Server: 2606:4700:4400::ac40:96d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ad6888a019e01ade98dbaba40903ff97fc0ffb6e50c8ac0df2981697955d5ac

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Sep 2024 10:53:01 GMT
server: cloudflare
age: 277
etag: W/"10daa-191c1d0eec8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=300, stale-if-error=1800
cf-ray: 8c40fd534ea4b734-AMS

Redirect headers

date: Mon, 16 Sep 2024 12:51:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
location: https://conversations-widget.brevo.com/sib-conversations.js
cache-control: max-age=3600
cf-ray: 8c40fd5218b7662d-AMS
content-length: 167
expires: Mon, 16 Sep 2024 13:51:43 GMT

GET
H3 200 499835941234956 Show response
connect.facebook.net/signals/config/ 75 KB
15 KB 99ms
98ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/499835941234956?v=2.9.167&r=stable&domain=newsbluewin.net&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

55f0e9cb2493cace4a6bf1cf77e2acd3f0ace5274a61ecc626de032834199389

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 16 Sep 2024 12:51:43 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=68, mss=1232, tbw=67094, tp=62, tpl=0, uplat=75, ullat=0
pragma: public
x-fb-debug: sSy2GX80ILegyPUW0eJpSGYYxgbgBp5sVCmEBjXIKv0xBtu1FC1QbQmYHyw2YxsdFe50BsGhGJis4FDPfo2QJQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 script.js Show response
cdn-cookieyes.com/client_data/a81c6ed40ebbee0502feb14c/ 98 KB
34 KB 102ms
54ms Script
application/javascript 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/a81c6ed40ebbee0502feb14c/script.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PGFZR7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44795c68b829202b68394da33ec112aa75d1fdd31f9ae0062eaa6e516c63593e

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 11 Sep 2024 08:57:52 GMT
server: cloudflare
age: 445819
etag: "188d9-621d42f68e33c-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
accept-ranges: bytes
cf-ray: 8c40fd52ace9b918-AMS
content-length: 34534

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 334 KB
109 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P4T0KQBEJ4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PGFZR7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

767825eac501187fb154ca3a9126288612008c5e1d95533b882fd53a434d70a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 16 Sep 2024 12:51:43 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 135ms
35ms Script
application/javascript 2a02:26f0:3500:10::210:a99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PGFZR7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=13067
accept-ranges: bytes
content-length: 14628

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 267 KB
92 KB 74ms
74ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-307283420&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PGFZR7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9af940af52895c6bb66392586177757f5866697b007d79326b1f47d1a681a8d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94345
x-xss-protection: 0
last-modified: Mon, 16 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Sep 2024 12:51:43 GMT

GET
H2 200 46259.js Show response
www.dwin1.com/ 41 KB
12 KB 172ms
45ms Script
application/javascript 2600:9000:20ae:9400:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/46259.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PGFZR7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:9400:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfd05dd766209b88808d137a5ea8eb6962f6334a11451124b305eeb495e1cc36

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: K3C4u4hInpwjIGNPJUjWX1q6gPp_1xu2
content-encoding: gzip
via: 1.1 8a0110b64ead65f0aff7193e350b2c52.cloudfront.net (CloudFront)
date: Mon, 16 Sep 2024 12:49:42 GMT
x-amz-cf-pop: MUC50-P5
age: 122
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 16 Aug 2024 08:46:34 GMT
server: AmazonS3
etag: W/"611143c4413b95c61e18b2dc018ec95f"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: cGLLDeWxoAbd5qpYOGeVQBR3cpuM9QMRt5Ic64YutU2Yy0l58qZ2Xg==

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 186ms
41ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PGFZR7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 16 Sep 2024 12:51:42 GMT
last-modified: Fri, 06 Sep 2024 21:17:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3DC58D241EDD44C3B8E68A0CF44FA8BE Ref B: AMS231032608049 Ref C: 2024-09-16T12:51:43Z
etag: "016326a20db1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14305

GET
H2 200 b8oj3dk99r Show response
www.clarity.ms/tag/ 519 B
776 B 345ms
196ms Script
application/x-javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/b8oj3dk99r?ref=gtm2
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 12650272b3994cd1fe64bfb050830afb3360a225c05d3e3b380e64918194e8bd

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
date: Mon, 16 Sep 2024 12:51:43 GMT
x-azure-ref: 20240916T125143Z-r1c9c9c9f5fj95qkg9md8rvbkw00000005pg00000000g80m
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 519
expires: -1

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 131ms
33ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=499835941234956&ev=PageView&dl=https%3A%2F%2Fnewsbluewin.net%2F&rl=https%3A%2F%2Fnewsbluewin.net%2F&if=false&ts=1726491103206&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726491103198.558579316781553825&cs_est=true&cdl=API_unavailable&it=1726491103002&coo=false&rqm=GET

Requested by

Host: newsbluewin.net
URL: https://newsbluewin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 16 Sep 2024 12:51:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 299ms
201ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=499835941234956&ev=PageView&dl=https%3A%2F%2Fnewsbluewin.net%2F&rl=https%3A%2F%2Fnewsbluewin.net%2F&if=false&ts=1726491103206&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726491103198.558579316781553825&cs_est=true&cdl=API_unavailable&it=1726491103002&coo=false&rqm=FGET

Requested by

Host: newsbluewin.net
URL: https://newsbluewin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 16 Sep 2024 12:51:43 GMT
document-policy: force-load-at-top
x-fb-server-load: 54
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415222826256542818", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1297, tbw=3102, tp=-1, tpl=-1, uplat=173, ullat=0
pragma: no-cache
x-fb-debug: z+pnq8TCOOlp+dSHUfTMajT1XdxZvXbtQ3mZ+tuK1ZmsAVUId+cJZ9vxCQssgAuE/LLltgMdw6J/edrARP5Ozw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415222826256542818"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
815 B 351ms
279ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=3402828&time=1726491103264&url=https%3A%2F%2Fnewsbluewin.net%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:43 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 227B22BCF2654204A6BFDF3EBCF64AAB Ref B: AMS04EDGE3315 Ref C: 2024-09-16T12:51:43Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYiPAjtk05qvn4q5hDq7g==
x-fs-uuid: 0006223c08ed934e6abe7e2ae610eaee

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3402828&time=1726491103264&url=https%3A%2F%2Fnewsbluewin.net%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3402828&time=1726491103264&url=https%3A%2F%2Fnewsbluewin.net%2F&e_ipv6=AQKqOV1Px287iAAAAZH645DCCHtuhVNZNWrD-BzqpVYwc2zZQx5ckVX09iJLXfD8w1z6jYY

0
266 B

230ms
162ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3402828&time=1726491103264&url=https%3A%2F%2Fnewsbluewin.net%2F&e_ipv6=AQKqOV1Px287iAAAAZH645DCCHtuhVNZNWrD-BzqpVYwc2zZQx5ckVX09iJLXfD8w1z6jYY
Requested by: Host: newsbluewin.net
URL: https://newsbluewin.net/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:43 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9A335CE6615B4B5A804B773C3FE855BD Ref B: AMS04EDGE3020 Ref C: 2024-09-16T12:51:43Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYiPAjxO4aix4JPalmYCQ==

Redirect headers

date: Mon, 16 Sep 2024 12:51:42 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 0FD5048E31474764B08086E0A2DB19E8 Ref B: AMS04EDGE1618 Ref C: 2024-09-16T12:51:43Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3402828&time=1726491103264&url=https%3A%2F%2Fnewsbluewin.net%2F&e_ipv6=AQKqOV1Px287iAAAAZH645DCCHtuhVNZNWrD-BzqpVYwc2zZQx5ckVX09iJLXfD8w1z6jYY
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYiPAjtXM5zfBDfPLku6A==

GET
H2 204 p Show response
in-automate.brevo.com/ 0
99 B 108ms
54ms XHR
text/plain 2606:4700:4400::ac40:96d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.brevo.com/p?key=nb68vhnqwf1217z9ofyt33bf&cuid=c3b48c1c-645c-4172-8628-0d430e5ac3f7&ma_url=https%3A%2F%2Fnewsbluewin.net%2F&sib_type=page&ma_title=Locataire%20%3A%20que%20faire%20si%20un%20%C3%A9quipement%20%C3%A9lectrom%C3%A9nager%20tombe%20en%20panne%E2%80%89%3F%20SherlockHomes&sib_name=Locataire%20%3A%20que%20faire%20si%20un%20%C3%A9quipement%20%C3%A9lectrom%C3%A9nager%20tombe%20en%20panne%E2%80%89%3F%20SherlockHomes&ma_referrer=https%3A%2F%2Fnewsbluewin.net%2F&ma_path=%2F
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=nb68vhnqwf1217z9ofyt33bf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Sep 2024 12:51:43 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8c40fd54ede06625-AMS

GET
H2 200 187037355.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 36ms
36ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187037355.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

95f30d3025f9dbaa93016b3a91ce019e3ccc5befc8de4039100c5f176afc98eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 16 Sep 2024 12:51:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D565548703E643EF8B89AD68BDAD97F0 Ref B: AMS231032608049 Ref C: 2024-09-16T12:51:43Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.46/ 64 KB
27 KB 49ms
49ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.46/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/b8oj3dk99r?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4ac65dcc5ed84285cfd19c18f2b715a53f07f708f34198aa96ed8b846a78ef58

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:43 GMT
content-encoding: br
last-modified: Thu, 12 Sep 2024 19:33:15 GMT
etag: W/"0x8DCD361BF61C3C9"
vary: Accept-Encoding
x-azure-ref: 20240916T125143Z-r1c9c9c9f5fj95qkg9md8rvbkw00000005pg00000000g80s
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 262bed80-301e-0000-0a86-052edb000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 187037355 Show response
www.clarity.ms/tag/uet/ 680 B
935 B 316ms
316ms Script
application/x-javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/187037355
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/187037355.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b759c7e3c0cc3d4b4939130037f743df2bc914faedc8b4748e5034f8914ba104

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
date: Mon, 16 Sep 2024 12:51:43 GMT
x-azure-ref: 20240916T125143Z-r1c9c9c9f5fj95qkg9md8rvbkw00000005pg00000000g80u
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 680
expires: -1

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
279 B 372ms
111ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.46/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://newsbluewin.net
Date: Mon, 16 Sep 2024 12:51:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
197 B 158ms
154ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 16 Sep 2024 12:51:43 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: CE5961184B964EC2BB5944EF72BB042E Ref B: AMS04EDGE1618 Ref C: 2024-09-16T12:51:43Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://newsbluewin.net
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYiPAjz+uQkoAUO4bPNgQ==

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
279 B 349ms
216ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.46/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://newsbluewin.net
Date: Mon, 16 Sep 2024 12:51:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 /
conversations-widget.brevo.com/ Frame 4BCA 0
0 99ms
55ms Document
text/html 2606:4700:4400::6812:2528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://conversations-widget.brevo.com/?isModern=true

Requested by

Host: conversations-widget.sendinblue.com
URL: https://conversations-widget.sendinblue.com/sib-conversations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2528 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; script-src 'self' https://d13sozod7hpim.cloudfront.net; child-src 'none'; img-src https://d13sozod7hpim.cloudfront.net 'self' data: blob: https://ucarecdn.com; connect-src 'self' data: https://upload.uploadcare.com ws://conversations-widget.brevo.com/ wss://conversations-widget.brevo.com/; style-src 'self' 'unsafe-inline' https://d13sozod7hpim.cloudfront.net; font-src 'self' data: https://designsystem.brevo.com; media-src data:; form-action 'none'; block-all-mixed-content; frame-src 'none'

Strict-Transport-Security

max-age=31536000

Request headers

Referer: https://newsbluewin.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 1535
cache-control: public, max-age=300, s-maxage=300, stale-while-revalidate=300, stale-if-error=1800
cf-cache-status: HIT
cf-ray: 8c40fd58587c6649-AMS
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' https://d13sozod7hpim.cloudfront.net; child-src 'none'; img-src https://d13sozod7hpim.cloudfront.net 'self' data: blob: https://ucarecdn.com; connect-src 'self' data: https://upload.uploadcare.com ws://conversations-widget.brevo.com/ wss://conversations-widget.brevo.com/; style-src 'self' 'unsafe-inline' https://d13sozod7hpim.cloudfront.net; font-src 'self' data: https://designsystem.brevo.com; media-src data:; form-action 'none'; block-all-mixed-content; frame-src 'none'
content-type: text/html; charset=utf-8
date: Mon, 16 Sep 2024 12:51:44 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 204 0
bat.bing.com/action/ 0
179 B 34ms
34ms Image
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187037355&tm=gtm002&Ver=2&mid=f42655a9-4d34-48d1-b118-af06b4a6eb83&gtm_tag_source=1&pi=918639831&lg=nl-NL&sw=1600&sh=1200&sc=24&tl=Locataire%20%3A%20que%20faire%20si%20un%20%C3%A9quipement%20%C3%A9lectrom%C3%A9nager%20tombe%20en%20panne%E2%80%89%3F%20SherlockHomes&p=https%3A%2F%2Fnewsbluewin.net%2F&r=https%3A%2F%2Fnewsbluewin.net%2F&lt=4230&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=150587

Requested by

Host: newsbluewin.net
URL: https://newsbluewin.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 16 Sep 2024 12:51:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A7F7689B6124BF1A535603A6BB872DD Ref B: AMS231032608049 Ref C: 2024-09-16T12:51:44Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3l2l5l1&tag_exp=0&rnd=1476818599.1726491105&url=https%3A%2F%2Fnewsbluewin.net%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He4990n815PGFZR7v846155930...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l2l5l1&tag_exp=0&rnd=1476818599.1726491105&url=https%3A%2F%2Fnewsbluewin.net%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He4990n815PGF...

42 B
65 B

228ms
86ms

Ping
image/gif

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l2l5l1&tag_exp=0&rnd=1476818599.1726491105&url=https%3A%2F%2Fnewsbluewin.net%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He4990n815PGFZR7v846155930za200&auid=417256067.1726491105

Requested by

Host: newsbluewin.net
URL: https://newsbluewin.net/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 12:51:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Sep 2024 12:51:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l2l5l1&tag_exp=0&rnd=1476818599.1726491105&url=https%3A%2F%2Fnewsbluewin.net%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He4990n815PGFZR7v846155930za200&auid=417256067.1726491105
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 516ms
85ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P4T0KQBEJ4&gtm=45je4990v881588929z8846155930za200zb846155930&_p=1726491102692&_gaz=1&gcs=G111&gcd=13t3tPl2l5l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&gdid=dY2Q2ZW&cid=1430273395.1726491105&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726491103&sct=1&seg=0&dl=https%3A%2F%2Fnewsbluewin.net%2F&dr=https%3A%2F%2Fnewsbluewin.net%2F&dt=Locataire%20%3A%20que%20faire%20si%20un%20%C3%A9quipement%20%C3%A9lectrom%C3%A9nager%20tombe%20en%20panne%E2%80%89%3F%20SherlockHomes&en=page_view&_fv=1&_nsi=1&_ss=1&ep.user_language=FR&ep.step=&tfd=5658
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4T0KQBEJ4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 12:51:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsbluewin.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 588ms
57ms Ping
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P4T0KQBEJ4&cid=1430273395.1726491105&gtm=45je4990v881588929z8846155930za200zb846155930&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPl2l5l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4T0KQBEJ4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 12:51:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsbluewin.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 578ms
62ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P4T0KQBEJ4&cid=1430273395.1726491105&gtm=45je4990v881588929z8846155930za200zb846155930&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPl2l5l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=260173130

Requested by

Host: newsbluewin.net
URL: https://newsbluewin.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 12:51:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
279 B 180ms
110ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.46/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://newsbluewin.net
Date: Mon, 16 Sep 2024 12:51:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

PUT
H2 200 d7a867d9-ec38-41ce-a4b7-d5ac2e8c4d6a Show response
api.cobrowse.io/api/1/devices/ 1 KB
2 KB 173ms
156ms Fetch
application/json 52.3.163.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cobrowse.io/api/1/devices/d7a867d9-ec38-41ce-a4b7-d5ac2e8c4d6a

Requested by

Host: newsbluewin.net
URL: https://newsbluewin.net/?_=%2FCobrowseIO.js%23KJWqMdlUlBnhOKMWXx%2FyiJzmfc9pFA%3D%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.163.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-163-102.compute-1.amazonaws.com

Software

Resource Hash

06e118430fa7bcb5de6cd48d793bcf715b6efa8c8f64c5709e5e98d8b203858c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000000
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
X-CobrowseSDKVersion: 2.43.2
Content-Type: application/json
X-CobrowseDevice: d7a867d9-ec38-41ce-a4b7-d5ac2e8c4d6a
Referer: https://newsbluewin.net/
X-CobrowseLicense: G_Dx02CwAdaukQ
X-CobrowseAPIVersion: 1.2.0
X-CobrowsePlatform: web

Response headers

date: Mon, 16 Sep 2024 12:51:48 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=7776000000
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
referrer-policy: no-referrer
etag: W/"59e-tqFjmqGrO47TWjCXPtgGl9jCtGQ"
x-download-options: noopen
expect-ct: max-age=0
x-ratelimit-remaining: 1999
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
cache-control: no-cache, no-store, must-revalidate
x-ratelimit-cost: 1
x-ratelimit-limit: 2000
vary: Accept-Encoding
expires: 0

OPTIONS
H2 204 d7a867d9-ec38-41ce-a4b7-d5ac2e8c4d6a
api.cobrowse.io/api/1/devices/ Frame 0
0 372ms
98ms Preflight 52.3.163.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cobrowse.io/api/1/devices/d7a867d9-ec38-41ce-a4b7-d5ac2e8c4d6a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.163.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-163-102.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=7776000000
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cobrowseapiversion,x-cobrowsedevice,x-cobrowselicense,x-cobrowseplatform,x-cobrowsesdkversion
Access-Control-Request-Method: PUT
Origin: https://newsbluewin.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-cobrowseapiversion,x-cobrowsedevice,x-cobrowselicense,x-cobrowseplatform,x-cobrowsesdkversion
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-resource-policy: cross-origin
date: Mon, 16 Sep 2024 12:51:48 GMT
expect-ct: max-age=0
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=7776000000
vary: Access-Control-Request-Headers
x-dns-prefetch-control: off
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H3 200 /
newsbluewin.net/ 1 KB
2 KB 246ms
242ms Other
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbluewin.net/?_=%2Ffront%2Fimages%2Ffavicon.png%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 3a1c3b7c5a73bd39fab7a97b86d25c0e9dfc7169cb296099cc02099d8c709456

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 12:51:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7B4Rtcpm1T3vBwTjHWEr7eClyhZD88HcWrDYjuYZmLx%2FQd5Do0TIFGULf3DmLAOx5Plmc6WR8TpstV4hkos8ikGs7H7mdrZ2ATrsn%2FeF4LMZeWfbxfkomrThsaZtnFUD9PA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cf-ray: 8c40fd70bd9b6670-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1481

POST
H/1.1 204
No Content collect
s.clarity.ms/ 0
0 427ms
230ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.46/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: application/x-clarity-gzip
Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://newsbluewin.net
Date: Mon, 16 Sep 2024 12:51:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
279 B 182ms
164ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.46/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newsbluewin.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://newsbluewin.net
Date: Mon, 16 Sep 2024 12:51:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.newsbluewin.net/	1970-01-20 23:36:17	Name: __cf_mw_byp Value: ZLJFCGYb_Fb_n6nAlB7bbxp7x8fRPeRBdSrU63hKM7Q-1726491094-0.0.1.1-/
.newsbluewin.net/	1970-01-21 03:56:09	Name: sib_cuid Value: c3b48c1c-645c-4172-8628-0d430e5ac3f7
sibautomation.com/	1970-01-21 03:56:09	Name: uuid Value: 13fb1be6-40ad-409e-9f83-0ff070f1fa9e
.newsbluewin.net/	1970-01-21 01:44:27	Name: _fbp Value: fb.1.1726491103198.558579316781553825
.linkedin.com/	1970-01-21 08:20:27	Name: bcookie Value: "v=2&c1158103-e8a4-481c-8b91-2d0717226f0a"
.linkedin.com/	1970-01-21 03:54:03	Name: li_gc Value: MTswOzE3MjY0OTExMDM7MjswMjHxLLr5ENV87d5zZ+/uxo5J7GMmAOnaeUBmBxxT3eoNMQ==
.linkedin.com/	1970-01-20 23:36:17	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3428:u=1:x=1:i=1726491103:t=1726577503:v=2:sig=AQHiXiz_vwN-6DvJUawUVI-eGWIiSFUl"
.newsbluewin.net/	1970-01-21 01:44:27	Name: _gcl_au Value: 1.1.417256067.1726491105
.newsbluewin.net/	1970-01-21 09:10:51	Name: _ga_P4T0KQBEJ4 Value: GS1.1.1726491103.1.0.1726491103.60.0.0
.newsbluewin.net/	1970-01-21 09:10:51	Name: _ga Value: GA1.1.1430273395.1726491105
.doubleclick.net/	1970-01-20 23:34:52	Name: test_cookie Value: CheckForPermission

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://newsbluewin.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://newsbluewin.net/(Line 1840) Message: Failed to find a valid digest in the 'integrity' attribute for resource 'https://newsbluewin.net/?_=%2Fajax%2Flibs%2Ffont-awesome%2F6.2.1%2Fcss%2Fall.min.css%23KJWqMdlUlBnoL%2BMfQ1Pji4TgfIdsGk2k5eA%2FIw%3D%3D' with computed SHA-512 integrity 'HY5NdyhxDn3ctuvpO/CWEPrd7+SrToKi0p4R4DgPO3JsDdmnrpdkfshEw+m05sFhk3ZOgGBuPCBqmq6iiLt3+Q=='. The resource has been blocked.
network	error	URL: https://newsbluewin.net/?_=%2Fmedia-library%2F157484%2Fmail-email-envelope-message-ok-check-final-step-verification-%281%23KJWqMdlUlBn4I%2BgHXBLjjIP6dYRzVVyp Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cobrowse.io
bat.bing.com
cdn-cookieyes.com
connect.facebook.net
conversations-widget.brevo.com
conversations-widget.sendinblue.com
googleads.g.doubleclick.net
in-automate.brevo.com
newsbluewin.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.clarity.ms
sherlockhomes.ch
sibautomation.com
snap.licdn.com
stats.g.doubleclick.net
www.clarity.ms
www.dwin1.com
www.facebook.com
www.google.com
www.google.nl
www.googletagmanager.com
13.107.42.14
142.250.185.226
157.240.251.9
172.217.18.4
188.114.97.3
2001:1600:13:101::4a2
2001:4860:4802:34::36
23.96.124.68
2600:9000:20ae:9400:f:8ce2:fb80:93a1
2606:4700:10::6816:3b5b
2606:4700:4400::6812:2528
2606:4700:4400::6812:278d
2606:4700:4400::ac40:9473
2606:4700:4400::ac40:96d8
2606:4700::6812:fae9
2620:1ec:21::14
2620:1ec:29:1::45
2620:1ec:33::10
2a00:1450:4001:810::2003
2a00:1450:4001:829::2008
2a00:1450:400c:c02::9d
2a02:26f0:3500:10::210:a99
2a03:2880:f176:84:face:b00c:0:25de
52.3.163.102
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
021d2a139f09c1bcdfe053b1de778665c5b1811595dfd33a7ecde6de4a00f46a
054486164ab04bcfb5341f2f9653eb7523710ebf03862f087aca2775fd95c7ac
06e118430fa7bcb5de6cd48d793bcf715b6efa8c8f64c5709e5e98d8b203858c
0a0f0b28b221cd939a29728b049d45b38a78eeab04de123ae31dd871f1bc2735
0bfce7c225acf629ffc5f847cf93d524d317deda353d31c009eeb75604d5e9c7
12650272b3994cd1fe64bfb050830afb3360a225c05d3e3b380e64918194e8bd
14dead41a25900142e8998bfd2191a28954aceb1bfa3bc70733b685207090dec
1534c4b93f6087898fd458876414fd4c5d30374d1536de48eae0cf93eb8542d3
1831c424ab66a4b3451df386f457313498328adaaac86eb420ec6cdc814ffc83
1c2c871c42284bd9c085c9c7fc43d64f916dcf32bea4efdf0528a75cc5588dac
1e3c1e6798f390a9b96627d4929e303e0185d5ba1fa8c2456a24dee40d6bf692
1ff050979aaf7532b6363084599f642f819b2c9c07b88061be6aa55a7cd12ffd
204ab4ae202b4161a9044a00507e70cd0abde90769764913c3514fffa40fd5f2
2207e8d7b396a13c8097e3f4a571c19b53f360503c59229d8617198f0600ca2a
25cd58e8f5336df4b048ac4b5ae5942a160994d50ace856b5bc151775276e5e5
271c9fa156b8995fa139f0be4b287a2f144d1f28e859af1274bd5440ccb3c6e4
27772212cf666e06e50544ae8fcf047de7e1e9f2d85f527cb35b1f51c7c75537
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf
33a4f3107605c69501a3b56c56dea8d519e2b4fed699b48093f45319dba736ef
39529a386116b04eda2c85357eb524080c5506ea5f22f153a8ce13be2c0498a7
3996029cc779bc2eff6dbed4050ff5c4e308ea8ef6809e5b86110566ce514a12
3a1c3b7c5a73bd39fab7a97b86d25c0e9dfc7169cb296099cc02099d8c709456
3d6a55d424a78cf1eace6759ea4a1ae1cd044cf33b6ea32e9a6b9e2b4a0d58e4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44795c68b829202b68394da33ec112aa75d1fdd31f9ae0062eaa6e516c63593e
44d5b782d736ee7720d1d0d8fb95c98d85f413ed75bf95d26d1401a0a571a3a7
4ac65dcc5ed84285cfd19c18f2b715a53f07f708f34198aa96ed8b846a78ef58
55f0e9cb2493cace4a6bf1cf77e2acd3f0ace5274a61ecc626de032834199389
56cbcec06e49e956cab7b9dd8c5e18437304166900326119b9fdb4f0f4cb2657
60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438
62510114e08a0136d1d77cc118a3dc0154db23f0f52c809f90b084ddb1b9e820
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
6b01e8f634986d14c1fcc4f380ceac952adddc4f47e7e008c7b0d7595c826069
6bfa8ae5441c6aa304b23ebcbf2360e6e718536e15d2fb6ca0ce4f632b0e15b2
6e3b5e3d67fba210f29603391408ae8c48a51f2bcb251c8946b87f02e0f2f67c
6e4a8aeb8897f06ede99800e86b0feae44b05eff174094750fe3866d50d0639a
72f93ff1193492a608ab4bd738702e2f6beeca02a201876230b8fd7ba1db4124
74c9aa944fda734c855240ec682164c378aaa3b2c7bad02ff2c628832c3e13c0
758442952c61f390d8c226aa8ff7370ce986ac64228886279fbaa8e585295bab
75c08c678366766c616a05e00efd1733611c87226f9b53ea36cf470f8c61e89f
767825eac501187fb154ca3a9126288612008c5e1d95533b882fd53a434d70a7
77f3224c03bcbb6774e55d034746acc45c861545edd402797d5fecb04bc39cdd
7a7390a9ba3fe721e72d4487f307f5ed17ab0e8756b4a155c4d535c7f3b98975
7d35b4cbabcbdce184ea0d2224d452da34974dab0144d65c82ed428fb4ed343e
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
898a2b982cfdc4ee57d372ac3199a920633a15e207b299a786945280ae291ff3
89c380a55a182befdfe33916554cc9580ea8c8d6f534cb1ccbca9d7256bd7bed
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8ad6888a019e01ade98dbaba40903ff97fc0ffb6e50c8ac0df2981697955d5ac
900a0befb655721c1b52b5ec2754f2f553f52b230443aaf016cc224e6a0707ce
912efaa09e3646c3d0d801c627f2dcec733625742b3d535c0db8965625098fc6
91f218c3a0d230d09ac33c0cd6986db093d82fd4f333dcb9d7c8a400fa711b28
9470e5df00ca14e3d32af3c6805a4fe5d832d0c4a439279591704bd4cfbd8c3c
94d2cf656348018697351d04eeca5f0112c911b1037860dd541f525ae24b943c
95f30d3025f9dbaa93016b3a91ce019e3ccc5befc8de4039100c5f176afc98eb
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
98e6b3a96596ad42b6b334bb611e486633a5ce0018e3b4ef5c0d05f924501a19
9add8a2735ab7b70dd627dd080c813f4e42b2baab8e1891fcd8b2bd12aa722ed
9af940af52895c6bb66392586177757f5866697b007d79326b1f47d1a681a8d5
9cf7d7857708b908b6fc4ff55300b6ae53014de882fddb92de49ab9a6493f0d2
a45e0f11dc211da63de03b5e1b7bbb22594afc805fb3d15985333a797fd53b3d
a64b9b8fe8dac882547aa8b4a41bf7d7684ef6f6b9f2935e91c764e86ec9a89b
a6e22417fb05246577c1a8e0e14ca5c4671f9e2c934a723548f22a0a81050d54
a8d6d3afc4890653c2d8c4e745f9a351f01ba066ab72d95c2db93fc0bdb8d232
a8dd74c5a29474b0f704b6b7aa652002e84390200e3412a4e18db24bce86e86c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af10ce3b0808c1c9e38d6c4c6b46de5a8245d6dd7acf78ffb2812f6a19642abc
b26438f177b783ec256e661412b68349565f70da78e29dfe8e4f81c2d69d1910
b507f43bb325998d6326b0adddd60ad7f63f1b9925a840641881af46389f4281
b759c7e3c0cc3d4b4939130037f743df2bc914faedc8b4748e5034f8914ba104
ba6419b3de55d13b22d6caadbb08f8accd35dcb4ef850f70a8ecbc57c8fd0a74
bb7b779f9ba2db3110a5e61dbbf8d9dff8a127fbedeb2a9a0175cc9199b8624e
bc979d99cf3acfef59bce803eba7d0ca4eb91a53203c830d76d7f696b716ee31
c08420829004a6a683afbe331ec5d762878c6ef85e2470065c18eb4dc64b96a4
c6dbbd5e88b613e404ff8d391b43d0b21fb5d36f65974eae3b4bc22292bd5e0c
c7eea383dc5486a0a1b17020cb270ad1b55da14396363482f1cfd1268d6edcf9
c91faf613a96ec9c48bd936ddd7c16e4cb2f55f378ca26cc57962ef08ae0a24e
ceef63490eb46b628dcf1b65346f06b432f88b10adfc28a51545afd8ee987ab3
cf421eb6cbf6cef9b54876161b73b5de9d8ed46d18d840bf9cfcce4e4d93eaa0
d0b3f90e7ad02ff459416650b171d621b01970873fbca6e1fa19d9c84f42d2f1
d37bd64406c1e58f9641f15ed3d5604a35e75187ce8631b2b0bd5e3b5e30b29c
d977ce9bc7ad52caca7e8041934fb143923347da46ba312816d3d38497f58e7f
df7d6e56761f168341e47eb86fae45585e11274c9bb1927db718f10f70038100
dfd05dd766209b88808d137a5ea8eb6962f6334a11451124b305eeb495e1cc36
e01077d164f9a8f54d71df8056107c4306cdba00e910025272b712d40b63578a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e807f60a0069b0d2cd4afca3d11f29a725022590ae06543864dfeaad22f27ba6
e86f8ccbe612e1f4030f3c12d45bb312cc860156e44b9a8639729416eacc2e8e
e9a9a6f9419e10e9fa33ec1f3ab5b7001118276c2a10f6b71a844a7479667947
ea20e99c11d460255011a94d21ab3a9c95659a07203af0f4854553391e91d13b
ecd2baf7c7747fc1a32d0679445f9a0678219a4681ad295e923b5a7aee173a8d
ee2fce3ac89d2f86c521261e369e65bb4cc1b80c9c5de7eced9ddda1ccec5d68
ef0c0bf2f9482f97ec5a5263e95cae13293e977021db73abbfe547d38e08c8f5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f6e91066445a9e34cd677ee0d9190e63136338f4e0bc213ff2be121a261f5c4e
fa2bcf099df5f460c1b6f7d838f5d01dc014cb592d1420ab636ed6a6788c9bb1
fa92d758fa91c4aac9ff9ebf8663a71f9ada0fd0632d92d03e2fcd801afc20ee
fbfc5cf054df13f9243ce32a27bf13029d9d7ae741aa421b327ca3e3559a1269
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

newsbluewin.net Open in urlscan Pro 188.114.97.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

97 %HTTPS

71 %IPv6

18 Domains

23 Subdomains

22 IPs

5 Countries

4673 kBTransfer

8427 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newsbluewin.net Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

97 %
HTTPS

71 %
IPv6

18
Domains

23
Subdomains

22
IPs

5
Countries

4673 kB
Transfer

8427 kB
Size

11
Cookies

117 HTTP transactions
0 data transactions