urlscan.io logo urlscan.io
SecurityTrails logo

newks.com Open in urlscan Pro
104.26.7.66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.newks.com/
Effective URL: https://newks.com/
Submission: On October 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 6 countries across 39 domains to perform 131 HTTP transactions. The main IP is 104.26.7.66, located in United States and belongs to CLOUDFLARENET, US. The main domain is newks.com. The Cisco Umbrella rank of the primary domain is 781385.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 15th 2022. Valid for: a year.
This is the only time newks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 37 104.26.7.66 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 9 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 216.58.212.162 15169 (GOOGLE)
1 108.138.17.96 16509 (AMAZON-02)
1 2 142.250.184.230 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.147.47 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 18.66.147.29 16509 (AMAZON-02)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 108.138.7.99 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 79.125.47.26 16509 (AMAZON-02)
1 18.66.112.79 16509 (AMAZON-02)
2 5 193.0.160.128 54312 (ROCKETFUEL)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f11... 32934 (FACEBOOK)
1 1 142.251.39.66 15169 (GOOGLE)
1 2 185.89.210.153 29990 (ASN-APPNEX)
1 69.173.144.138 26667 (RUBICONPR...)
1 2 54.77.35.16 16509 (AMAZON-02)
1 18.184.216.10 16509 (AMAZON-02)
1 23.35.228.23 16625 (AKAMAI-AS)
1 18.196.127.253 16509 (AMAZON-02)
1 1 108.138.17.76 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
1 54.204.254.230 14618 (AMAZON-AES)
1 2 185.80.39.216 27381 (CASALE-MEDIA)
1 69.192.160.219 16625 (AKAMAI-AS)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 34.250.137.124 16509 (AMAZON-02)
1 52.48.197.119 16509 (AMAZON-02)
1 2 52.58.8.248 16509 (AMAZON-02)
2 2 151.101.130.49 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
4 34.192.146.113 14618 (AMAZON-AES)
131 48
37    104.26.7.66 (United States)

ASN13335 (CLOUDFLARENET, US)
www.newks.com
newks.com
4    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400d:80c::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:400d:806::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
3    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
www.googleadservices.com
1    108.138.17.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-96.fra56.r.cloudfront.net
static.hotjar.com
2    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
12881027.fls.doubleclick.net
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    18.66.147.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-47.fra60.r.cloudfront.net
script.hotjar.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
9    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    18.66.147.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-29.fra60.r.cloudfront.net
vars.hotjar.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    108.138.7.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-99.fra56.r.cloudfront.net
pix.pub
1    2600:9000:223c:ee00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)
c1.rfihub.net
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    79.125.47.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-47-26.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net
vc.hotjar.io
5    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
20841350p.rfihub.com
a.rfihub.com
p.rfihub.com
1    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:400d:806::2016 (Ireland)

ASN15169 (GOOGLE, US)
i.ytimg.com
6    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.251.39.66 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net
cm.g.doubleclick.net
2    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    54.77.35.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-35-16.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    18.196.127.253 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-127-253.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
1    108.138.17.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-76.fra56.r.cloudfront.net
live.rezync.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    54.204.254.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-254-230.compute-1.amazonaws.com
bpi.rtactivate.com
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2600:1f18:612b:4264:562f:45f1:d263:2a9f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
1    34.250.137.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-137-124.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    52.48.197.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-197-119.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    52.58.8.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-8-248.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    34.192.146.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-146-113.compute-1.amazonaws.com
api.tattleapp.com
Apex Domain
Subdomains		 Transfer
37 newks.com
www.newks.com
newks.com — Cisco Umbrella Rank: 781385
5 MB
11 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
12881027.fls.doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
static.doubleclick.net — Cisco Umbrella Rank: 402
cm.g.doubleclick.net — Cisco Umbrella Rank: 304
6 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 90
799 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 19
adservice.google.com — Cisco Umbrella Rank: 136
region1.analytics.google.com — Cisco Umbrella Rank: 3900
16 KB
9 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1198
68 KB
7 google.de
www.google.de — Cisco Umbrella Rank: 3460
adservice.google.de — Cisco Umbrella Rank: 5221
2 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 115
281 B
5 rfihub.com
20841350p.rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 4490
p.rfihub.com — Cisco Umbrella Rank: 1227
7 KB
4 tattleapp.com
api.tattleapp.com
97 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 336
30 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
48 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 203
279 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 874
script.hotjar.com — Cisco Umbrella Rank: 1166
vars.hotjar.com — Cisco Umbrella Rank: 1268
in.hotjar.com — Cisco Umbrella Rank: 2355
70 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 358
62 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 154
18 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 930
609 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 430
1 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 835
1 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908
2 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 596
107 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 293
2 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 334
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
156 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 757
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 791
377 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1822
183 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 2094
191 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 3219
109 B
1 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2742
777 B
1 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1595
105 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 841
616 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1457
344 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 493
239 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 109
17 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 205
4 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3058
258 B
1 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 7508
6 KB
1 pix.pub
pix.pub — Cisco Umbrella Rank: 9981
411 B
131 39
Domain Requested by
35 newks.com newks.com
cdnjs.cloudflare.com
9 www.youtube.com newks.com
www.youtube.com
9 unpkg.com 4 redirects newks.com
6 www.facebook.com newks.com
6 www.google.de newks.com
6 www.google.com 2 redirects newks.com
www.youtube.com
5 googleads.g.doubleclick.net 2 redirects www.googleadservices.com
www.youtube.com
4 api.tattleapp.com unpkg.com
4 jnn-pa.googleapis.com www.youtube.com
4 connect.facebook.net newks.com
connect.facebook.net
4 cdnjs.cloudflare.com newks.com
3 p.rfihub.com 2 redirects newks.com
3 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 sync-tm.everesttech.net 2 redirects
2 x.bidswitch.net 1 redirects newks.com
2 sync.search.spotxchange.com 1 redirects newks.com
2 dsum-sec.casalemedia.com 1 redirects newks.com
2 idsync.rlcdn.com newks.com
2 dpm.demdex.net 1 redirects newks.com
2 ib.adnxs.com 1 redirects newks.com
2 fonts.gstatic.com www.youtube.com
2 region1.analytics.google.com www.googletagmanager.com
2 12881027.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.googletagmanager.com newks.com
www.googletagmanager.com
2 www.google-analytics.com newks.com
www.google-analytics.com
2 www.newks.com 2 redirects
1 beacon.krxd.net newks.com
1 aa.agkn.com newks.com
1 partners.tremorhub.com newks.com
1 x.dlx.addthis.com newks.com
1 bpi.rtactivate.com newks.com
1 live.rezync.com 1 redirects
1 bs.serving-sys.com newks.com
1 contextual.media.net newks.com
1 ps.eyeota.net newks.com
1 pixel.rubiconproject.com newks.com
1 a.rfihub.com newks.com
1 cm.g.doubleclick.net 1 redirects
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 20841350p.rfihub.com c1.rfihub.net
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 c1.rfihub.net newks.com
1 pix.pub newks.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 adservice.google.de adservice.google.com
1 adservice.google.com 12881027.fls.doubleclick.net
1 static.hotjar.com www.googletagmanager.com
131 53
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-15 -
2023-05-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-15 -
2022-10-13		 3 months crt.sh
pix.pub
Amazon		 2022-01-11 -
2023-02-08		 a year crt.sh
*.rfihub.net
Amazon		 2021-12-29 -
2023-01-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.hotjar.io
Amazon		 2022-07-18 -
2023-08-16		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
bs.serving-sys.com
Amazon		 2022-04-10 -
2023-05-09		 a year crt.sh
rtactivate.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
gettattle.com
Amazon		 2021-11-08 -
2022-12-07		 a year crt.sh

This page contains 7 frames:

Primary Page: https://newks.com/
Frame ID: 70A3F72D54647CE52ACC879469282FD4
Requests: 89 HTTP requests in this frame

Frame: https://12881027.fls.doubleclick.net/activityi;dc_pre=CJD-sKu2y_oCFdhjFQgdTN0F5A;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fnewks.com%2F
Frame ID: B2E5C8AB78B69425FF9F49BFEC72D842
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJD-sKu2y_oCFdhjFQgdTN0F5A;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fnewks.com%2F
Frame ID: 69D627CB0FF55880684A09AC55757789
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJD-sKu2y_oCFdhjFQgdTN0F5A;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fnewks.com%2F
Frame ID: 50276468798EA3589CC0BD03EE0AE684
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EkWFDUnlX_A
Frame ID: 01B7FF630DC210ADEE8BF4BC7038664C
Requests: 21 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 57AAD090D96DDDCE726887C66A2D9355
Requests: 1 HTTP requests in this frame

Frame: https://20841350p.rfihub.com/ca.html?ver=9&rb=46722&ca=20841350&_o=46722&_t=20841350&pe=https%3A%2F%2Fnewks.com%2F&pf=&ra=2907835288931966
Frame ID: 18E0F9ED8613AD3CBACFD7885B333B58
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Homepage - Newks

Page URL History Show full URLs

  1. http://www.newks.com/ HTTP 301
    https://www.newks.com/ HTTP 301
    https://newks.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

131
Requests

89 %
HTTPS

44 %
IPv6

39
Domains

53
Subdomains

48
IPs

6
Countries

6548 kB
Transfer

10922 kB
Size

37
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.newks.com/ HTTP 301
    https://www.newks.com/ HTTP 301
    https://newks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/tttl-embed-survey.js HTTP 302
  • https://unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/tttl-embed-survey.js
Request Chain 28
  • https://12881027.fls.doubleclick.net/activityi;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fnewks.com%2F HTTP 302
  • https://12881027.fls.doubleclick.net/activityi;dc_pre=CJD-sKu2y_oCFdhjFQgdTN0F5A;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fnewks.com%2F
Request Chain 42
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/434748839/?random=1920724750&cv=9&fst=1665053148218&num=1&value=0&label=N6RZCMrH9YsCEKf7ps8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&auid=510435470.1665053148&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3LE-Y8zcJOeQ9fgP-v-ikAM&sscte=1&crd=CJqqsQI&eitems=ChEI8Pn5mQYQqq24rZr9oIrHARIdAGVc4phv0B3MoK5Xuiip0H3lFr-hn_797v9p6-g&pscrd=Ek5DaEVJOFBuNW1RWVFzX0dEZ3EtRm44dlJBUklsQUt6SEZLbFQ1bkpzYVZXTERhZlFiUm91MnB6emxkWUF5VVFzUkZPOVpFNmtwb09FVXcaWENoRUk4UG41bVFZUW5MN0NzTzJseHI3T0FSSXRBTlZUQmxyX2Z2NlFrNUljT1NQM3V1cXI3U1FqMkZTazcwRlJjTmV2TGxONXo3NmZ0QUdobnVfWjJPMTM HTTP 302
  • https://www.google.com/pagead/1p-conversion/434748839/?random=1920724750&cv=9&fst=1665053148218&num=1&value=0&label=N6RZCMrH9YsCEKf7ps8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&auid=510435470.1665053148&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEVJOFBuNW1RWVFzX0dEZ3EtRm44dlJBUklsQUt6SEZLbFQ1bkpzYVZXTERhZlFiUm91MnB6emxkWUF5VVFzUkZPOVpFNmtwb09FVXcaWENoRUk4UG41bVFZUW5MN0NzTzJseHI3T0FSSXRBTlZUQmxyX2Z2NlFrNUljT1NQM3V1cXI3U1FqMkZTazcwRlJjTmV2TGxONXo3NmZ0QUdobnVfWjJPMTM&is_vtc=1&ocp_id=3LE-Y8zcJOeQ9fgP-v-ikAM&cid=CAQSKQCsnQUxQ6z0_bjOXI_gVJuVE2pyHI6707ad_DFBd55zqt8rM-HoZyIcIBM&eitems=ChEI8Pn5mQYQqq24rZr9oIrHARIdAGVc4pgb1UdmiEo2ZPeD9-JH0CcuZV_EKdoOKXQ&random=535266717&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/434748839/?random=1920724750&cv=9&fst=1665053148218&num=1&value=0&label=N6RZCMrH9YsCEKf7ps8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&auid=510435470.1665053148&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEVJOFBuNW1RWVFzX0dEZ3EtRm44dlJBUklsQUt6SEZLbFQ1bkpzYVZXTERhZlFiUm91MnB6emxkWUF5VVFzUkZPOVpFNmtwb09FVXcaWENoRUk4UG41bVFZUW5MN0NzTzJseHI3T0FSSXRBTlZUQmxyX2Z2NlFrNUljT1NQM3V1cXI3U1FqMkZTazcwRlJjTmV2TGxONXo3NmZ0QUdobnVfWjJPMTM&is_vtc=1&ocp_id=3LE-Y8zcJOeQ9fgP-v-ikAM&cid=CAQSKQCsnQUxQ6z0_bjOXI_gVJuVE2pyHI6707ad_DFBd55zqt8rM-HoZyIcIBM&eitems=ChEI8Pn5mQYQqq24rZr9oIrHARIdAGVc4pgb1UdmiEo2ZPeD9-JH0CcuZV_EKdoOKXQ&random=535266717&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 45
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/372717222/?random=2021208387&cv=9&fst=1665053148222&num=1&value=0&label=auHjCJCjo5ICEKbt3LEB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&auid=510435470.1665053148&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3LE-Y7fhLYOL9fgPkc2PsAw&sscte=1&crd=CJqqsQI&eitems=ChEI8Pn5mQYQqq24rZr9oIrHARIdAGVc4pgtoXUBc91e7_NQVNLAd--9qOH8w52XWBM&pscrd=Ek5DaEVJOFBuNW1RWVFzX0dEZ3EtRm44dlJBUklsQUt6SEZLbFQ1bkpzYVZXTERhZlFiUm91MnB6emxkWUF5VVFzUkZPOVpFNmtwb09FVXcaWENoRUk4UG41bVFZUW5MN0NzTzJseHI3T0FSSXRBTlZUQmxxQmZaSTc1bGRtdWFMRXo5OUFla3BQV2tOc3FSREF6YWV1ZWZvams0eTczal9rbG1KMWwydlM HTTP 302
  • https://www.google.com/pagead/1p-conversion/372717222/?random=2021208387&cv=9&fst=1665053148222&num=1&value=0&label=auHjCJCjo5ICEKbt3LEB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&auid=510435470.1665053148&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEVJOFBuNW1RWVFzX0dEZ3EtRm44dlJBUklsQUt6SEZLbFQ1bkpzYVZXTERhZlFiUm91MnB6emxkWUF5VVFzUkZPOVpFNmtwb09FVXcaWENoRUk4UG41bVFZUW5MN0NzTzJseHI3T0FSSXRBTlZUQmxxQmZaSTc1bGRtdWFMRXo5OUFla3BQV2tOc3FSREF6YWV1ZWZvams0eTczal9rbG1KMWwydlM&is_vtc=1&ocp_id=3LE-Y7fhLYOL9fgPkc2PsAw&cid=CAQSKQCsnQUxAtfEcYH7_62L4e7z0PC2tWCMNL1gDM1uKNlEL4D_bOVY6kMnIBM&eitems=ChEI8Pn5mQYQqq24rZr9oIrHARIdAGVc4phCgblCh0nsocOfKhYDzw5hEcjXG4AAYn4&random=1732543672&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/372717222/?random=2021208387&cv=9&fst=1665053148222&num=1&value=0&label=auHjCJCjo5ICEKbt3LEB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&auid=510435470.1665053148&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEVJOFBuNW1RWVFzX0dEZ3EtRm44dlJBUklsQUt6SEZLbFQ1bkpzYVZXTERhZlFiUm91MnB6emxkWUF5VVFzUkZPOVpFNmtwb09FVXcaWENoRUk4UG41bVFZUW5MN0NzTzJseHI3T0FSSXRBTlZUQmxxQmZaSTc1bGRtdWFMRXo5OUFla3BQV2tOc3FSREF6YWV1ZWZvams0eTczal9rbG1KMWwydlM&is_vtc=1&ocp_id=3LE-Y7fhLYOL9fgPkc2PsAw&cid=CAQSKQCsnQUxAtfEcYH7_62L4e7z0PC2tWCMNL1gDM1uKNlEL4D_bOVY6kMnIBM&eitems=ChEI8Pn5mQYQqq24rZr9oIrHARIdAGVc4phCgblCh0nsocOfKhYDzw5hEcjXG4AAYn4&random=1732543672&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 46
  • https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-a71d192a.system.js HTTP 302
  • https://unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/p-a71d192a.system.js
Request Chain 85
  • https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-71352b19.system.js HTTP 302
  • https://unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/p-71352b19.system.js
Request Chain 98
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMjA1ODk5NzA0Ng==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEGB1R-qrnN6kbFs3LHfme2k&google_cver=1
Request Chain 99
  • https://ib.adnxs.com/setuid?entity=18&code=5140084922058997046 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084922058997046
Request Chain 101
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084922058997046&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084922058997046&redir=
Request Chain 102
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=5140084922058997046&bid=omt9pi0
Request Chain 105
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084922058997046&referrer=https%3A%2F%2Fnewks.com%2F HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=c68d65ae-1c05-44a1-a826-a58d1eba92ca%3A1665053151.3735616&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc68d65ae-1c05-44a1-a826-a58d1eba92ca%253A1665053151.3735616 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c68d65ae-1c05-44a1-a826-a58d1eba92ca%3A1665053151.3735616
Request Chain 107
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922058997046&forward= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922058997046&forward=&C=1
Request Chain 110
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922058997046&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922058997046&img=1&__user_check__=1&sync_id=0bbb3e44-4564-11ed-bd49-129210fe0306
Request Chain 114
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084922058997046&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084922058997046&expires=30
Request Chain 115
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Yz6x3wAAC_zJOwAr HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=Yz6x3wAAC_zJOwAr&_test=Yz6x3wAAC_zJOwAr
Request Chain 123
  • https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-49b4469c.system.entry.js HTTP 302
  • https://unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/p-49b4469c.system.entry.js

131 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newks.com/
Redirect Chain
  • http://www.newks.com/
  • https://www.newks.com/
  • https://newks.com/
27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Craft CMS
Resource Hash
a629dac8bcf0687dfbe519be1036eda9e6fe4e9c8087725aa7c185f26683f73d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
755dcf36d948bbaf-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 06 Oct 2022 10:45:47 GMT
link
<https://newks.com/>; rel="canonical"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qes%2BDx%2BMl3zOyWigrcQbhDQYb%2BUqRtxQObzc0BtdaQ0HaBufRv0iXtZ7WnLeUd6d%2FsSXzo0g4225UkoTNmeVUsNAlkhpa%2F9P09upZw7Xj52Ox8dtO6sr57a17Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Craft CMS
x-xss-protection
1; mode=block

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
755dcf352d84bbaf-FRA
content-type
text/html; charset=iso-8859-1
date
Thu, 06 Oct 2022 10:45:46 GMT
location
https://newks.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBvRUTocDgBPolTVV6CLRSDfy5sa5y7CwAzyu1qo14WGnJwC9ZGVUqXAVEQePd6Tl8nML7iDpn8%2FIRfrywdS%2B4GltUTiFAma8FobFSq6S1uAM65JgYU4ql7DZtawBbk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
main-344171c723.css
newks.com/assets/css/ 		157 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newks.com/assets/css/main-344171c723.css
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85c388efd8b76b17e49c4d99b6da0e64e64303de769bcf2ec4067cd9e73102d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 19 Oct 2021 22:06:16 GMT
server
cloudflare
age
90326
cf-polished
origSize=160625
etag
W/"616f4158-27371"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTKiSNzVcaqKTZLyTqygD7pcj1kbDaoTFNty3sznQJ%2BrxDqtDvDXSud1QG6zmdD7XwWNGiZY55TFscoDtcSDSbtq%2FLtNNl60J5QpEiGf%2BefBUvdqvc1rHW6Hhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
cf-ray
755dcf3a2fe8bbaf-FRA
utility.css
newks.com/assets/css/ 		133 B
396 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newks.com/assets/css/utility.css
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c7056d94ca3664fb8d539523819753b9e3d947b6ee5a1166505969a4fe9e43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 12 Sep 2022 17:51:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"631f71b0-85"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0M5xSl%2FUxkjBQjUIHctv2%2FoJgr%2FmJAABOOBRVZYCfqMaAh%2BLTatUPFlRSbYx786HidSFjTz0Q53yib%2F67akm5O1e9WUkjo7qT5z87tc6uZawyBcZCngvkQ5uA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
755dcf3a2feebbaf-FRA
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 		70 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
49573
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4216
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4tcnvGQbNu1Ngn377ahpcQMNh538ih8GwDLRFy5HHA0ogF92UqE3IE6hcBkUeSUVuygi%2Fnajl%2BJXNURWQcsb5fCW5auUfwe3KJNTZqefE41N%2FfauKM52nk%2FdxSIoocuPKpvWc%2BD9IDGoPuoihl6xDKq"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
755dcf3a4a5d9028-FRA
expires
Tue, 26 Sep 2023 10:45:47 GMT
owl.carousel.min.css
newks.com/owlcarousel/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newks.com/owlcarousel/owl.carousel.min.css
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 10 Aug 2021 00:07:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6111c359-d17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxZvpqtnEJs1OjA%2FPZEJqYZaKym0rY3sk6tWZ5MjhfRdFU5hpd9iQIE0X5o5LqyqFJg2rT8WqpW7V3NNi2UTDtcarmJqBQ%2FoWv2CsuHe8kI7o74tdo1WrNlJ1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
755dcf3a2ff0bbaf-FRA
owl.theme.default.min.css
newks.com/owlcarousel/ 		1013 B
698 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newks.com/owlcarousel/owl.theme.default.min.css
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 10 Aug 2021 00:07:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6111c359-3f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8a7vbbioWUWHjiu%2F53atlEqBWAMbPmwGwZXgc1fbOjMpZ0t8MQ77TdGKK8RY0ngbhk30tWi9eoDemTptT5%2F9tCBEodzSkPRNYw9q6J%2BZEwH9S2qZaXi9njW2oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
755dcf3a2ff1bbaf-FRA
modernizr-custom.js
newks.com/assets/js/scripts/vendor/ 		54 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newks.com/assets/js/scripts/vendor/modernizr-custom.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e4d7a564b9fa4ea91c98069b144720415f53b57ffae33e522f9b96ef6488cbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 19 Oct 2021 22:06:19 GMT
server
cloudflare
age
90326
cf-polished
origSize=54960
etag
W/"616f415b-d6b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jm4bqaiMB4Ai9pKGtDghKedgLP8zrTcUztd5xX5YlN%2FHVxsngQiZthEbBWxvQS3rOSRmmObWzhd7Tx6U%2BAHS7c2icTRXXFRDGCKYSRa5G4gi5hXWaSK3HCiAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
cf-ray
755dcf3a2ff4bbaf-FRA
tttl-embed-survey.js
unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/
Redirect Chain
  • https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/tttl-embed-survey.js
  • https://unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/tttl-embed-survey.js
120 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/tttl-embed-survey.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3d563c9835949c03d69342e5f107618510c2e49eb0561d2c9047bb07dee4b14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GEPEDG77XB1YDEKAVBBZ9DTR-fra
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
server
cloudflare
etag
W/"1ded1-gshnFQmva96fqEvCzEH/VpY/INI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
755dcf3ae959921d-FRA

Redirect headers

date
Thu, 06 Oct 2022 10:45:47 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
fly-request-id
01GEPEDG43ZVJN5C0E8RTBK5Z9-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/tttl-embed-survey.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
755dcf3a4871921d-FRA
email-decode.min.js
newks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 Oct 2022 15:38:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633c5360-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3%2FG3wD%2FiZdxBUq30P18FpYxp9CQdd8KzeOU2IDVKkfArIeL0j1DMYbx0l%2FTaGN9tSWzBOvVEgYnFT0FZ4i7rrkWCMMYXFFt2Y4CxGRSBUTwR9ubPnPhE8hwcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
755dcf3a2ff6bbaf-FRA
expires
Sat, 08 Oct 2022 10:45:47 GMT
fslightbox.js
newks.com/assets/js/scripts/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newks.com/assets/js/scripts/fslightbox.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c35f26ded7d21acd288910e2e746bf932bb7fe94b2b9815d552690b535f764d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 19 Oct 2021 22:06:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616f415a-7771"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48CtZKTdHl%2BHFE4t0la147isYvnuSGJ6V7cfcdAUoQPko%2F7VEQO1tZJ5E6ewVG1PN%2FEfsoEVMDCSOkZIFcEJ9hlojqpzXLP8wF4FcZDYX6xhPkLbpyr2jXMvYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
755dcf3a2ff8bbaf-FRA
lightgallery.js
newks.com/assets/js/scripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://newks.com/assets/js/scripts/lightgallery.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Craft CMS
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-powered-by
Craft CMS
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIc4Fm9l2Y1y58gtzHvin0XcKQNEz%2Bs5wg1slYh%2BRR2BDV7yoLdoTh9s58XsN2zWWqVUP7ew6zjJsdGI42MgfwGd3yoXbN4s62eBdP7o0yoyGeFwGWigv4kx2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
755dcf3a2ffbbbaf-FRA
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6895022
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZP6%2BOvTPBDELfMOYIeVEGTKECv73cweQols735eiFxFCs2Ra0%2FmvWabm7pYmTo%2BTlCclTB4HkNJc25CjZCNG98%2F8I%2FDwBdentv7pWYtaUPZqEE928LR1k26TKoYuUM%2Fz7QswgASqnqo3iS0NMb3378T8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
755dcf3a4a5f9028-FRA
expires
Tue, 26 Sep 2023 10:45:47 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/ 		60 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/gsap.min.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5931296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21845
last-modified
Wed, 26 Aug 2020 23:14:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f46ecc0-eeae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unmEBvISPRnD4k5k4%2BL1WJLmAXKg6hmkQ7dYAEkWSvJ3lsIXjIqtCFCMB1jHwrNAopWI9%2FkbyPE0XNJlHqcyJbFJmlfsRS%2FabKjXoHqmhnxfN4h%2BIjTlyB8WvJHOWWgqQdYILcGUxHz6KULwvXk31fiT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
755dcf3a4a609028-FRA
expires
Tue, 26 Sep 2023 10:45:47 GMT
ScrollTrigger.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/ScrollTrigger.min.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a913c910e1c2d698dfd4d4df819e4cc58831640f8799a8cdad0f77f4d1d70f1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2394378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7892
last-modified
Wed, 26 Aug 2020 23:14:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f46ecc0-4ccb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duTiWMiX%2BTBygCCL7qFWS8ZDXCfktXAhivtLez9cIL2z8vs1DmHrWITJoVgcLRN%2FOeAeGlmIXcQqKziawYGXiFqAa6hhgYONCR78bi4XmxcMxXAgj249ArOF6R27kmfvbrasowWXFbae2QIOORgYWk9K"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
755dcf3a4a619028-FRA
expires
Tue, 26 Sep 2023 10:45:47 GMT
smoothscroll.min.js
unpkg.com/smoothscroll-polyfill@0.4.4/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/smoothscroll-polyfill@0.4.4/dist/smoothscroll.min.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19eab772c8cb2919d14d563774b249919f4989295f54cf64443470c9964931c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
21949402
last-modified
Tue, 26 Mar 2019 18:21:19 GMT
fly-request-id
01FT89TWRWJY2EXRAAERB21VG7
server
cloudflare
etag
W/"f80-XQhYfU01oooGWe3xRfk6+DFXark"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
755dcf3c9b56921d-FRA
owl.carousel.min.js
newks.com/owlcarousel/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newks.com/owlcarousel/owl.carousel.min.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Aug 2021 00:07:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
90326
etag
W/"6111c359-ad36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXTnJjYFsfC1mGK%2BKZrHdd30B0g2yt06SIcTpOTr3aUeY%2FoKCt2ZBTqxkRLzQTWbVgKQhRslOJHmWbd4NKr4hoOeGKxBWDhAga3AslA3vwSDaBbIYMa8Ai0UzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
755dcf3a2ffdbbaf-FRA
main-bd2ecaab8f.js
newks.com/assets/js/ 		452 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newks.com/assets/js/main-bd2ecaab8f.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a279372028690ecbcefdc632dc4df9d96e9348978fd29424817eaf13958463a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 19 Oct 2021 22:06:18 GMT
server
cloudflare
age
90326
etag
W/"616f415a-71189"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6Mm%2BSfKbc492kR3Vx5Htjh6a3i%2FkBvK2VQB%2BSDdmoZfBilzvgSPaGzhqhmPak5RhqHKEb4kWrpsD4yzaXQOzrWMd%2Bx1K1tajxv%2Bj4nmXqmrJzBSm%2B6A8s2pSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
755dcf3a2800bbaf-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 06 Oct 2022 10:27:31 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1096
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 06 Oct 2022 12:27:31 GMT
gtm.js
www.googletagmanager.com/ 		257 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e784b6433f66d0a6380e5633b36f1bf6466b9a718b8c55f4a8964aac0818aff3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84076
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 06 Oct 2022 10:45:47 GMT
Oswald-Regular.ttf
newks.com/assets/fonts/ 		79 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newks.com/assets/fonts/Oswald-Regular.ttf
Requested by
Host: newks.com
URL: https://newks.com/assets/css/main-344171c723.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3324614698f72cc606e4f62ba931a65931727fe4b28b2625784948cd669813ed

Request headers

Referer
https://newks.com/assets/css/main-344171c723.css
Origin
https://newks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:47 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Aug 2021 00:15:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
90326
etag
"6111c511-13cb4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAL9DDubbHmZYWXswfd6jyGhYfSru2VkPgI3zQTHSswSpVIkjSHv4NanS3ikqSyw%2BvK%2FkaJj5x6vGGelkC4QFkCPP94FE%2Fv5nvysLrvTuT7vdA3NSgJAL5%2BJFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
755dcf3c3c84bbaf-FRA
content-length
81076
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		203 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/jp2
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/webp
collect
www.google-analytics.com/j/ 		4 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1897552559&t=pageview&_s=1&dl=https%3A%2F%2Fnewks.com%2F&ul=en-us&de=UTF-8&dt=Homepage%20-%20Newks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1786533914&gjid=642970746&cid=876811676.1665053148&tid=UA-49026823-1&_gid=310591647.1665053148&_r=1&_slc=1&z=1963612650
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-49026823-1&cid=876811676.1665053148&jid=1786533914&gjid=642970746&_gid=310591647.1665053148&_u=IEBAAEAAAAAAACAAI~&z=13851546
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 06 Oct 2022 10:45:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-49026823-1&cid=876811676.1665053148&jid=1786533914&_u=IEBAAEAAAAAAACAAI~&z=1631286671
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-49026823-1&cid=876811676.1665053148&jid=1786533914&_u=IEBAAEAAAAAAACAAI~&z=1631286671
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15192
x-xss-protection
0
server
cafe
etag
699633608045481581
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 10:45:48 GMT
hotjar-2830751.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2830751.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-96.fra56.r.cloudfront.net
Software
/
Resource Hash
a291aafce47b2761dba387ec9a4bb9ecf4653e0078bdb9203c9bc65dbb24a7fb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:48 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/ddea3c9eed7da5a9a9e3fae828c4f979
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
rWyFwLYVUCfTlmM0-OEQvQvYHpCjjkCReGoCSJffSPzPC0Mtds-5GQ==
activityi;dc_pre=CJD-sKu2y_oCFdhjFQgdTN0F5A;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fnewks.com%2F
12881027.fls.doubleclick.net/ Frame B2E5
Redirect Chain
  • https://12881027.fls.doubleclick.net/activityi;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fnewks.com%2F?
  • https://12881027.fls.doubleclick.net/activityi;dc_pre=CJD-sKu2y_oCFdhjFQgdTN0F5A;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fn...
476 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12881027.fls.doubleclick.net/activityi;dc_pre=CJD-sKu2y_oCFdhjFQgdTN0F5A;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fnewks.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
70deafd8ecb7cb8ed814554445de61ee2aca9a6ac4a8ae9f803beff93613f20c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
380
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 10:45:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 10:45:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12881027.fls.doubleclick.net/activityi;dc_pre=CJD-sKu2y_oCFdhjFQgdTN0F5A;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fnewks.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TQHBZDF37S&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc64950bc352ec1e390cfb2ce8ca6cfa604d236495369bba67c24919521a5e5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75487
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 06 Oct 2022 10:45:48 GMT
dc_pre=CJD-sKu2y_oCFdhjFQgdTN0F5A;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fnewks.com%2F
adservice.google.com/ddm/fls/i/ Frame 69D6 		475 B
847 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CJD-sKu2y_oCFdhjFQgdTN0F5A;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fnewks.com%2F
Requested by
Host: 12881027.fls.doubleclick.net
URL: https://12881027.fls.doubleclick.net/activityi;dc_pre=CJD-sKu2y_oCFdhjFQgdTN0F5A;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fnewks.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
074e6a5ef0e5c14a75389c6265b1b135c27dc1ab286413174999cbc26e421fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12881027.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
378
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 10:45:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/434748839/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/434748839/?random=1665053148214&cv=9&fst=1665053148214&num=1&userId=https%3A%2F%2Fnewks.com%2F&value=https%3A%2F%2Fnewks.com%2F&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&data=event%3DPage%20Visits&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&auid=510435470.1665053148&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9244ca1c1e490ccaf60ad2f49c4bb103b85497b97605fdd2d01671a5d74d5ca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1040
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/434748839/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/434748839/?random=1665053148218&cv=9&fst=1665053148218&num=1&value=0&label=N6RZCMrH9YsCEKf7ps8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&auid=510435470.1665053148&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
2d500e7c95e4059260b1446554f0d5d6f6adab02bf9730d5655e15f46a5ffe72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1408
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/372717222/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/372717222/?random=1665053148222&cv=9&fst=1665053148222&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&auid=510435470.1665053148&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21cb3f065add4039f5a761d158814f72042661bfc737017159ec193591deb238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1000
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/372717222/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/372717222/?random=1665053148222&cv=9&fst=1665053148222&num=1&value=0&label=auHjCJCjo5ICEKbt3LEB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&auid=510435470.1665053148&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
6566e0b49a0a4072930227baded9c1bccf5f7477c764c7d5740f0164561e7cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1407
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CJD-sKu2y_oCFdhjFQgdTN0F5A;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fnewks.com%2F
adservice.google.de/ddm/fls/i/ Frame 5027 		194 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CJD-sKu2y_oCFdhjFQgdTN0F5A;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fnewks.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJD-sKu2y_oCFdhjFQgdTN0F5A;src=12881027;type=invmedia;cat=newks0;ord=2987879526824;gtm=2wga50;auiddc=510435470.1665053148;~oref=https%3A%2F%2Fnewks.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 10:45:48 GMT
expires
Thu, 06 Oct 2022 10:45:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
modules.cbd9768ba80ba0be5b17.js
script.hotjar.com/ 		254 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.cbd9768ba80ba0be5b17.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2830751.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-47.fra60.r.cloudfront.net
Software
/
Resource Hash
5b3c6e212cbb3b9f4f28b09cfdc53990e809792192d7d8639d3311f0551c2010
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 18:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
143922
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
66229
last-modified
Tue, 04 Oct 2022 18:46:48 GMT
etag
"483a48bedf96c50163b542fb95446039"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
OMKd6Q9cQSWlI3w0kRZERSfoHg2Pq8K0zrFOQl4Ki6yr8Kwr7iONmQ==
collect
region1.analytics.google.com/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TQHBZDF37S&gtm=2oea50&_p=1897552559&_gaz=1&cid=876811676.1665053148&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665053148&sct=1&seg=0&dl=https%3A%2F%2Fnewks.com%2F&dt=Homepage%20-%20Newks&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TQHBZDF37S&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TQHBZDF37S&cid=876811676.1665053148&gtm=2oea50&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TQHBZDF37S&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TQHBZDF37S&cid=876811676.1665053148&gtm=2oea50&aip=1&z=927783023
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/434748839/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/434748839/?random=1665053148214&cv=9&fst=1665050400000&num=1&userId=https%3A%2F%2Fnewks.com%2F&value=https%3A%2F%2Fnewks.com%2F&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&data=event%3DPage%20Visits&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&async=1&fmt=3&is_vtc=1&random=2567100770&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/434748839/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/434748839/?random=1665053148214&cv=9&fst=1665050400000&num=1&userId=https%3A%2F%2Fnewks.com%2F&value=https%3A%2F%2Fnewks.com%2F&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&data=event%3DPage%20Visits&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&async=1&fmt=3&is_vtc=1&random=2567100770&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/434748839/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/434748839/?random=1920724750&cv=9&fst=1665053148218&num=1&value=0&label=N6RZCMrH9YsCEKf7ps8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
  • https://www.google.com/pagead/1p-conversion/434748839/?random=1920724750&cv=9&fst=1665053148218&num=1&value=0&label=N6RZCMrH9YsCEKf7ps8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
  • https://www.google.de/pagead/1p-conversion/434748839/?random=1920724750&cv=9&fst=1665053148218&num=1&value=0&label=N6RZCMrH9YsCEKf7ps8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/434748839/?random=1920724750&cv=9&fst=1665053148218&num=1&value=0&label=N6RZCMrH9YsCEKf7ps8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&auid=510435470.1665053148&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEVJOFBuNW1RWVFzX0dEZ3EtRm44dlJBUklsQUt6SEZLbFQ1bkpzYVZXTERhZlFiUm91MnB6emxkWUF5VVFzUkZPOVpFNmtwb09FVXcaWENoRUk4UG41bVFZUW5MN0NzTzJseHI3T0FSSXRBTlZUQmxyX2Z2NlFrNUljT1NQM3V1cXI3U1FqMkZTazcwRlJjTmV2TGxONXo3NmZ0QUdobnVfWjJPMTM&is_vtc=1&ocp_id=3LE-Y8zcJOeQ9fgP-v-ikAM&cid=CAQSKQCsnQUxQ6z0_bjOXI_gVJuVE2pyHI6707ad_DFBd55zqt8rM-HoZyIcIBM&eitems=ChEI8Pn5mQYQqq24rZr9oIrHARIdAGVc4pgb1UdmiEo2ZPeD9-JH0CcuZV_EKdoOKXQ&random=535266717&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H3
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/434748839/?random=1920724750&cv=9&fst=1665053148218&num=1&value=0&label=N6RZCMrH9YsCEKf7ps8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&auid=510435470.1665053148&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEVJOFBuNW1RWVFzX0dEZ3EtRm44dlJBUklsQUt6SEZLbFQ1bkpzYVZXTERhZlFiUm91MnB6emxkWUF5VVFzUkZPOVpFNmtwb09FVXcaWENoRUk4UG41bVFZUW5MN0NzTzJseHI3T0FSSXRBTlZUQmxyX2Z2NlFrNUljT1NQM3V1cXI3U1FqMkZTazcwRlJjTmV2TGxONXo3NmZ0QUdobnVfWjJPMTM&is_vtc=1&ocp_id=3LE-Y8zcJOeQ9fgP-v-ikAM&cid=CAQSKQCsnQUxQ6z0_bjOXI_gVJuVE2pyHI6707ad_DFBd55zqt8rM-HoZyIcIBM&eitems=ChEI8Pn5mQYQqq24rZr9oIrHARIdAGVc4pgb1UdmiEo2ZPeD9-JH0CcuZV_EKdoOKXQ&random=535266717&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/372717222/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/372717222/?random=1665053148222&cv=9&fst=1665050400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&async=1&fmt=3&is_vtc=1&random=3567163195&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/372717222/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/372717222/?random=1665053148222&cv=9&fst=1665050400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&async=1&fmt=3&is_vtc=1&random=3567163195&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/372717222/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/372717222/?random=2021208387&cv=9&fst=1665053148222&num=1&value=0&label=auHjCJCjo5ICEKbt3LEB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
  • https://www.google.com/pagead/1p-conversion/372717222/?random=2021208387&cv=9&fst=1665053148222&num=1&value=0&label=auHjCJCjo5ICEKbt3LEB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
  • https://www.google.de/pagead/1p-conversion/372717222/?random=2021208387&cv=9&fst=1665053148222&num=1&value=0&label=auHjCJCjo5ICEKbt3LEB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/372717222/?random=2021208387&cv=9&fst=1665053148222&num=1&value=0&label=auHjCJCjo5ICEKbt3LEB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&auid=510435470.1665053148&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEVJOFBuNW1RWVFzX0dEZ3EtRm44dlJBUklsQUt6SEZLbFQ1bkpzYVZXTERhZlFiUm91MnB6emxkWUF5VVFzUkZPOVpFNmtwb09FVXcaWENoRUk4UG41bVFZUW5MN0NzTzJseHI3T0FSSXRBTlZUQmxxQmZaSTc1bGRtdWFMRXo5OUFla3BQV2tOc3FSREF6YWV1ZWZvams0eTczal9rbG1KMWwydlM&is_vtc=1&ocp_id=3LE-Y7fhLYOL9fgPkc2PsAw&cid=CAQSKQCsnQUxAtfEcYH7_62L4e7z0PC2tWCMNL1gDM1uKNlEL4D_bOVY6kMnIBM&eitems=ChEI8Pn5mQYQqq24rZr9oIrHARIdAGVc4phCgblCh0nsocOfKhYDzw5hEcjXG4AAYn4&random=1732543672&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H3
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/372717222/?random=2021208387&cv=9&fst=1665053148222&num=1&value=0&label=auHjCJCjo5ICEKbt3LEB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnewks.com%2F&tiba=Homepage%20-%20Newks&auid=510435470.1665053148&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEVJOFBuNW1RWVFzX0dEZ3EtRm44dlJBUklsQUt6SEZLbFQ1bkpzYVZXTERhZlFiUm91MnB6emxkWUF5VVFzUkZPOVpFNmtwb09FVXcaWENoRUk4UG41bVFZUW5MN0NzTzJseHI3T0FSSXRBTlZUQmxxQmZaSTc1bGRtdWFMRXo5OUFla3BQV2tOc3FSREF6YWV1ZWZvams0eTczal9rbG1KMWwydlM&is_vtc=1&ocp_id=3LE-Y7fhLYOL9fgPkc2PsAw&cid=CAQSKQCsnQUxAtfEcYH7_62L4e7z0PC2tWCMNL1gDM1uKNlEL4D_bOVY6kMnIBM&eitems=ChEI8Pn5mQYQqq24rZr9oIrHARIdAGVc4phCgblCh0nsocOfKhYDzw5hEcjXG4AAYn4&random=1732543672&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p-a71d192a.system.js
unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/
Redirect Chain
  • https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-a71d192a.system.js
  • https://unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/p-a71d192a.system.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/p-a71d192a.system.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc7b2d54973e1e66db80ce2595f6dd381ec463b0663113e3a771892345c86f67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GEPEDKMKN3Z3CD85CXXFAYE3-fra
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
server
cloudflare
etag
W/"124b-KMWlMM2oCU/zTgHk4MVhSpYYyvs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
755dcf50dfc4921d-FRA

Redirect headers

date
Thu, 06 Oct 2022 10:45:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
fly-request-id
01GEPEDKJRSSBVZ8QX9X4BWAN0-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/p-a71d192a.system.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
755dcf507f30921d-FRA
Montserrat-Black.otf
newks.com/assets/fonts/ 		225 KB
225 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newks.com/assets/fonts/Montserrat-Black.otf
Requested by
Host: newks.com
URL: https://newks.com/assets/css/main-344171c723.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
265c987d31386e86de49089c55d9298a004e7d659d6f890e2e8e849ea12e8e3c

Request headers

Referer
https://newks.com/assets/css/main-344171c723.css
Origin
https://newks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
cf-cache-status
MISS
last-modified
Tue, 10 Aug 2021 00:15:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6111c512-382ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xT8yFujwIOW2iSMWqisfYbjh52HTWRdca5hr00dotj0POH52nYZnOv8P6oLhMgeCUzQmxTeItz7SXimRvp20ljtWWOxg2XVY509ME3TNUjRtzOb92wlsxGa2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
755dcf507851bbaf-FRA
content-length
230124
x-icon.svg
newks.com/media/icons/ 		2 KB
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/icons/x-icon.svg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548d5aa30dba9d2558aab6ee5b17c3edad47d4eb153a645be0a3656023864232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Aug 2021 04:27:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
90328
etag
W/"6112002e-628"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8NYn36KbAnW2nhldDc6YD6bD8HWmt6g8R%2B%2FBpSZTQpoP%2B7ukY1Ds5afJ0wLJm0S80FPnt5HiJwFXM2ndxQtIsj1F6nRV4v7pMruuSRVsftypiinJO%2FNkF1JJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
755dcf50885cbbaf-FRA
user.svg
newks.com/media/icons/ 		969 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/icons/user.svg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d59bc03ab9ef9372d28f6853e6d2e9850d1ad010e04e95035f5474968e61efdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Aug 2021 04:27:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
123908
etag
W/"6112002d-3c9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhToTjqNQmDDiXH%2BuabfBrQwHXcqUuWix1L6v7jy2k5KSEx5JdM290eKfQwjDwQQaBGLSgcOm7qcBHXJYqPfvn8B%2FIWXLlULEkaGSno86t75M0Qr34pkK4tsKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
755dcf508860bbaf-FRA
down-arrow.svg
newks.com/media/icons/ 		1 KB
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/icons/down-arrow.svg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a70867f76c962969aa6a586ba86580a7a760edd7808fe52d500d7e8e7972e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 10 Aug 2021 04:27:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6112002e-477"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BayVUZYXI3r4oQAqBWdLRQca4eh1Ibqz3RUiHBcg%2BbrYCH%2FkPNGUkeZtjAJWJo3cSRbpMhWqRFPub403zX3Pqv5A3p7UzUhbGgeqi4ohDGMwms3uDpwQJTS4Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
755dcf508861bbaf-FRA
FeaturedSoups_home-short-block-template-800x500_2-1.png
newks.com/media/home/ 		573 KB
574 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/home/FeaturedSoups_home-short-block-template-800x500_2-1.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/ScrollTrigger.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
594d6ab7604225d0409b086e22502a495b29ed45f8b9b66fbd8be2fb3c7e6183

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
cf-cache-status
MISS
last-modified
Tue, 17 Aug 2021 15:02:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"611bcf82-8f443"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNzekcS%2Buv99M8Uk3NdSlA%2BJDBd5gz1omj44v0yPj1NqU50ud7FrteHA%2F2d%2BX%2FrX4AZvgXe6dz4%2FtQkFETOiDJ2gBqOIRS0YGUJ8rdpdBBrwTlaPDQPWX78m6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
755dcf509891bbaf-FRA
content-length
586819
leaf-2.svg
newks.com/media/home/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/home/leaf-2.svg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e19dad4cab71dbb5a84c24db7bd82753079c038a30e17fe157b59faf0e45f596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 10 Aug 2021 04:27:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6112001a-5e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Nqk%2BQvdBbdFyCajmC40zYq56%2BWLBAhH8Azm2pviz668d%2BXAzJo7VanLDb7ypD8IWdeWDekxrAYbVESNNN7jvn6%2B%2B6R6yMH3HXmDtc07GDO20ZsoMVC0fxY0GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
755dcf509893bbaf-FRA
ribbon_2021-07-12-192141_byzp.png
newks.com/media/home/ 		320 KB
321 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/home/ribbon_2021-07-12-192141_byzp.png
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
052fa301c507a71ff8f04d1314c830840f9eafb86ffa92beace1d65e1a8ef9c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90329
cf-polished
origSize=372888
content-length
327498
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Aug 2021 04:27:23 GMT
server
cloudflare
etag
"6112002b-5b098"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXDNjlCcB8sZJeu5IB%2By%2BfhnPQSD%2Br8RfJdtR0bgXP1SbdYZSGJ7Arf%2BOdh%2BvuwpSqWa5jhxcOFlPW71JsLoa63WsivQjjbB5zX5J0cEFai0%2BBnCfLwNn3Nobg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
755dcf542f67bbaf-FRA
video-back-2.jpg
newks.com/media/home/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/home/video-back-2.jpg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fba20c39e3db90f5ded3eb9c5a9513004627b8b6ee188950c1a7a269dfdff67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90329
cf-polished
origSize=110726
content-length
102652
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Aug 2021 04:27:23 GMT
server
cloudflare
etag
"6112002b-1b086"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ee66eCN%2BFLXG%2FbQ9bEDW1hXunUivvOuJycKYLnUyrYNgDwQyXhiMthxBVM%2FKXz4XjtHnBgGndF8w8CLq7Qw5VuFDauhaR6C%2FcWrqSbse2YX7UxIgCws0V4V62w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
755dcf545fbcbbaf-FRA
Montserrat-SemiBoldItalic.otf
newks.com/assets/fonts/ 		237 KB
238 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newks.com/assets/fonts/Montserrat-SemiBoldItalic.otf
Requested by
Host: newks.com
URL: https://newks.com/assets/css/main-344171c723.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d22da964305fbc6f6d9e1bec2946110f2b479d684e05a029c93a68eea15db03f

Request headers

Referer
https://newks.com/assets/css/main-344171c723.css
Origin
https://newks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
cf-cache-status
MISS
last-modified
Tue, 10 Aug 2021 00:15:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6111c511-3b3f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZF6tPX3X%2FCSjYBwkzedHJnA9rxsyv0P32RnmoES4xHxRlMKrkPqYmRj%2BU3vnC58DfIZJ0hFCA0atmQLpeWY5gW6uIsmKbEIKfw%2FokALDbTiNN318Bl6Mk2WjnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
755dcf50989cbbaf-FRA
content-length
242672
Oswald-Medium.ttf
newks.com/assets/fonts/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newks.com/assets/fonts/Oswald-Medium.ttf
Requested by
Host: newks.com
URL: https://newks.com/assets/css/main-344171c723.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0012c21f87120d46a70f61fd79206f486e929a8b08db7d486ff56822a8e7b77

Request headers

Referer
https://newks.com/assets/css/main-344171c723.css
Origin
https://newks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
cf-cache-status
MISS
last-modified
Tue, 10 Aug 2021 00:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6111c510-16600"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYWsN0MtMF0o2n%2F6E1dYR2Wo968uFm7YhJsjhJRlX0QIsIZQe756GbKBwEgWlkoCOzhgmNgP982SUKa%2F%2Fv31BMlLb7ZHb5HHxdIdpzhR8eJfHtaxmAtoC3Ijig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
755dcf50989dbbaf-FRA
content-length
91648
OurStory_home-tall-block-template-900x450.png
newks.com/media/home/ 		250 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/home/OurStory_home-tall-block-template-900x450.png
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a56838a9945bcc7f2ac3996f3ccb3c0b264e26dc96842ff23deed0e8263d2aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
cf-cache-status
MISS
last-modified
Tue, 10 Aug 2021 04:27:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6112002b-3e868"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxM7Q6hAF1UFmPHcXYIkonHo2LUY1G3rjctFfn%2FpFcAzC6HlO%2FplJ4L9VraPuiJgRYg0ZWATie6d8%2B5hVQmtZ4gpJ45QZV3QX4kHautstcxdXx%2BQQvbi7QnvVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
755dcf50e90bbbaf-FRA
content-length
256104
gift-cards-new.png
newks.com/media/home/ 		399 KB
400 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/home/gift-cards-new.png
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3cb33015d9ee73c4cc4873a618ef8b192c1b0f8f7bfe2eb730f130ca246b3bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
cf-cache-status
MISS
last-modified
Tue, 10 Aug 2021 04:27:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61120019-63c69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Se959olZHx2lQ2hgf8AcdbHB5XpZ6FRIQIa%2BmIfM6MjMZycjm%2BerP2D7udOeDuUQtU9%2F%2BWolHHToOqQcKvtELqWcwe6MbN2TNy2Gq7FWfLmK5hZxiNyw5kPEmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
755dcf50d909bbaf-FRA
content-length
408681
top.svg
newks.com/media/globals/ 		389 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/globals/top.svg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a6a70589d9d9f1b1e957a0fb225558ce5c5ea0d1aa30d32a68dc14d5f8f354b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 10 Aug 2021 04:26:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6112000e-185"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IRL3y9KjgGag7a0Sfb2OdcNmM0w%2FjVEKKOB3vk6PfmAncu5q3Q0m0oSCqXiTcL%2FF9cIwa1vZ4aLJ2I3%2BPw4p3n2TraWJCV%2FzNXCNgVvAR5BlExZmvX3NmnAGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
755dcf545fc8bbaf-FRA
contact.svg
newks.com/media/globals/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/globals/contact.svg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ebeb8f82195bd4c9c6143d6183fed33be01d922ff94c384850bd603803e64a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 10 Aug 2021 04:26:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6111fff1-10c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPkUJGICU1qhXkpq7q%2Buqplbbe7p3duG%2B2b4bGlJh0yLVgaqmAZVOmKu6mWrRqIcxyhuXH%2Fzo1i%2F6Vs3L4Lyg4qidxtQNVxXpSLwVBhVfSF1%2FP578x%2FQHA5Big%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
755dcf54781ebbaf-FRA
facebook.svg
newks.com/media/globals/ 		1 KB
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/globals/facebook.svg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
393ea5d6182d4324217627c1cc78f7805116b67bbd24e5390a5d1f2b1aa1c960

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Aug 2021 04:26:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
90329
etag
W/"6111fffe-528"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jARU7loF3zA3WQPPqy71s0XadqPakvXjOONwicqOpcpzGI8MHZGoVnkkziVK5AUpl7p2BajBlZmj9%2BYOpjARi4%2BEswTQZh6twcMsp1nmfGyKwIxCKwnq0kADMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
755dcf54883abbaf-FRA
instagram.svg
newks.com/media/globals/ 		2 KB
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/globals/instagram.svg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d467f28ef6d7bbe9eb9991542a11302f5874486c40c861c32cc3fc365b85340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 10 Aug 2021 04:26:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6111fff7-88d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGtHKMdMZMwTeoFKZgSqYuJoI%2BjsC6oy5u7R%2BPf661vViFLhnm00cSlTZIwlb2x%2FK0ovmP5TGyKIGMCY9%2Fp9Wm%2FUDQH%2Br61MpnmvtSWrgTK9%2Fv0%2BRw%2FdaalLdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
755dcf54a864bbaf-FRA
twitter.svg
newks.com/media/globals/ 		2 KB
1011 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/globals/twitter.svg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c182918d2f7aabb51276d7279f393a74699a128232e6ed557d1cae4fa0fd4fa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 10 Aug 2021 04:26:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"61120008-76a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwiSsmadq9yin9zQnJJT0IdwldMDWYAmgiPv3U6ThKqrQKVGtpgSNe7sE3ioRdwm8ziqsMEAz05%2FnwpELkg%2BOXcBu7fGqdlu%2FbZdQcd8RvFcoTwesrQp9KrNhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
755dcf54c8ecbbaf-FRA
you2.svg
newks.com/media/globals/ 		2 KB
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/globals/you2.svg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdbf79dc4db79ed651cdbbd4a07d898518057578c353cfe6b7ff8da8a01f619a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Aug 2021 04:26:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
90329
etag
W/"61120006-6a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BPRVI6KK7bsWifYBjzbktexw8AV49Rl1hVNLSn7ZPYZUoMkaVOQy6tWjRkDaPcA0YAPPgcMoFy1ZlSjlkYX3xi5KAnRCenDPLB1bsAdhiOAQnFnS2ShNQ9icw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
755dcf55197cbbaf-FRA
EkWFDUnlX_A
www.youtube.com/embed/ Frame 01B7 		68 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/EkWFDUnlX_A
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f7ef7450b38940d37d1a68a25cdce2a9296ebda53b82674cd232da2543cd3d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 06 Oct 2022 10:45:50 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
M22_PW4_1005_MVPCoverPhoto_Twitter_1200x628.jpg
newks.com/media/globals/ 		331 KB
331 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/globals/M22_PW4_1005_MVPCoverPhoto_Twitter_1200x628.jpg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70756116f9b7ad16026d20942d14e5bd60903c9680ae0cf7b2dfb3f18d8c8fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90328
cf-polished
origSize=361692
content-length
338591
cf-bgj
imgq:100,h2pri
last-modified
Wed, 05 Oct 2022 03:27:20 GMT
server
cloudflare
etag
"633cf998-584dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hm7ovYzvRFIz1qjjEwGk1OhHOSbFVNnGlQRJ%2F47A0EdwGl%2Br9AtEnLrNziif%2FZbhOSWLpZIzsR767RnWF708xUGvS6AoSCBi6KzkA%2F4zzC3NWCIPGAClGvtTXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
755dcf5139b1bbaf-FRA
NEM120821_Q1Digital_WebsiteSlider_1400x910_3bd.jpg
newks.com/media/globals/ 		323 KB
324 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/globals/NEM120821_Q1Digital_WebsiteSlider_1400x910_3bd.jpg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46fd6d4af80bd9d4692c9cd6e1a9bc36edfcae35990d488e9fcab48fb5fb9bd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Mar 2022 21:09:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6227c60f-50dc2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8Mef%2BH5trZnBMcYdmPeOj7hYFOXXBsPNs%2Bfn6mFTwsKtgcMG43UAp11wuuYMxRujLnd10iJdCc4YDOs4RufWDeEoAmNnR6K1JYASa7VjARZ3qDvIj2CFX%2BloA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
755dcf5139b6bbaf-FRA
content-length
331202
NEM100721_WebsiteSliders_1400x910_1bd.jpg
newks.com/media/globals/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/globals/NEM100721_WebsiteSliders_1400x910_1bd.jpg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e67f12c1fee605ebacdae63f27c56377855a6f0f8ed357a093ae55e24f6ae7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Oct 2021 21:07:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6160b2f5-1aa7ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFrVX0uCYtWCNZ3nmkhhpQ%2FYvmdkdlhLoBckP%2Fo4yNPAvycNM%2BkTcTCL6ZdKkmc5gLyUvvn4V%2F%2Fle1BCYQNpf49LVRIMrZGSAlTwKHAQzXvFaHKU%2BcL0tFPVMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
755dcf5539bfbbaf-FRA
content-length
1746943
back.svg
newks.com/media/globals/ 		1 KB
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/globals/back.svg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
037f452d23bdc605f6c7e04067e20ac741d2d8f2aa7e464f48eb61d58cd0c860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 10 Aug 2021 04:26:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6111fffd-58a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFSJpxbYax7bWDpHQXfP2gmaRer3tkQ5DIEOekRMM4hJVplx4CrFgukgtGuYgWPC8udqlY6hN0frpmVjgf0QihvAN%2FbUpfrLTcXIvItH%2FGirV%2FjcuxGB3PvnFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
755dcf5139c7bbaf-FRA
next.svg
newks.com/media/globals/ 		1 KB
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newks.com/media/globals/next.svg
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.7.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6355e07a1594eefdbfb69abf9424ac615b4b42972338e00fb8f40c45286e123

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 10 Aug 2021 04:26:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"61120003-592"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EW80y2gOdwtdudErtcnXIZQBk7i8lktVKHgeL6wVJUxJEayNYqG6ePvH5%2FhbRUJ6D%2FqA2jWT48pkhKpv0erRDNVqT80Z6ckCuVpzZNO9d0GPQNT62fptMhwEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
755dcf5139c9bbaf-FRA
box-69edcc3187336f9b0a3fbb4c73be9fe6.html
vars.hotjar.com/ Frame 57AA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2830751.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-29.fra60.r.cloudfront.net
Software
/
Resource Hash
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://newks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
177462
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 09:28:08 GMT
etag
"f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified
Tue, 04 Oct 2022 07:09:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-cf-id
llNvaHduk9Yqw3sFDo2bNh3rwk1VY5B3Oi-k7hEJEmlP8wWIDaIMIg==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 06 Oct 2022 10:45:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26840
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
1CFj3rx8NoVTjeueJt9Er6LVOKomvGRtQNKgNGmGkPWKBB9pr6K8CwqTGJGyXctTyNnLk3DCANay4YDluXbWqA==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
t.png
pix.pub/ 		68 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.pub/t.png?&t=1665053150934&l=tvscientific-pix-o-16965a11-64f4-460d-a773-563fb643c89e&u3=https%3A%2F%2Fnewks.com%2F
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 22:39:27 GMT
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
last-modified
Mon, 22 Mar 2021 14:38:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
43584
x-amz-server-side-encryption
AES256
etag
"8e31b8b47c618ed73e5b31011d1de037"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
68
x-amz-cf-id
HxlJomm6UKwEDw2NoQnU3EcjeTmk20x0x9b498x5Qpxfqe9rayqqLA==
tc.min.js
c1.rfihub.net/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ee00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:10:50 GMT
content-encoding
gzip
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 10:10:40 GMT
server
Jetty(9.3.29.v20201019)
x-amz-cf-pop
FRA56-P2
age
2101
x-cache
Hit from cloudfront
content-type
application/x-javascript
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
public, max-age=3600
content-length
6162
x-amz-cf-id
8_aKPDYw1LBVUDS-oUdere1u2kz0b90h8INBtPb8_ICcip9AMTjdXg==
expires
Thu, 06 Oct 2022 11:10:50 GMT
www-player.css
www.youtube.com/s/player/55fdc514/ Frame 01B7 		361 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/55fdc514/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EkWFDUnlX_A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e678216ccb9006950f9aea6d365881011a843d409d0d1c0469c1e23330e83fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EkWFDUnlX_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 14:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
71382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50095
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 00:20:53 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Oct 2023 14:56:08 GMT
www-embed-player.js
www.youtube.com/s/player/55fdc514/www-embed-player.vflset/ Frame 01B7 		306 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/55fdc514/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EkWFDUnlX_A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68e31878dd73d8a950add62a9f4afd93d1b6f41024ce6f2cb549a01ff0c85ad4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EkWFDUnlX_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 14:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
71382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97396
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 00:20:53 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Oct 2023 14:56:08 GMT
base.js
www.youtube.com/s/player/55fdc514/player_ias.vflset/de_DE/ Frame 01B7 		2 MB
579 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/55fdc514/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EkWFDUnlX_A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91f5057e488a1a8129b18acc7483781b4bba982d259259a512f823bbff09bf74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EkWFDUnlX_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 14:56:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
71365
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
592944
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 00:20:53 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Oct 2023 14:56:25 GMT
fetch-polyfill.js
www.youtube.com/s/player/55fdc514/fetch-polyfill.vflset/ Frame 01B7 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/55fdc514/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EkWFDUnlX_A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EkWFDUnlX_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 14:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
71382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 00:20:53 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Oct 2023 14:56:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 01B7 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EkWFDUnlX_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 17:06:41 GMT
x-content-type-options
nosniff
age
149950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Oct 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 01B7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EkWFDUnlX_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:21:19 GMT
x-content-type-options
nosniff
age
217472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 22:21:19 GMT
visit-data
in.hotjar.com/api/v2/client/sites/2830751/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2830751/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cbd9768ba80ba0be5b17.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.47.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-47-26.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4b8e8b42acdad2f84c0d44c5dbc12b8327706d1f49551e1ec577b08d4cbaf263

Request headers

Referer
https://newks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
2830751
vc.hotjar.io/sessions/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/2830751?s=0.25&r=0.1442117966341554
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cbd9768ba80ba0be5b17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-79.fra56.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
OarpSQZ17lcmB5TUDuYtApRh86sG6LYEXTypmy7BpX8fiIGMAPmAPA==
2304573169610271
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2304573169610271?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b15982ee59bfe8b878d23f907debd38ce0594708362479804150b123d3eebe10
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 06 Oct 2022 10:45:51 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
QGj5SMO7Af08FsJlPV1bqoJgqioSdeSIHseKE6sQCu3NNqz6uqouqwFsu2ChZvad1z36OIZXm/Sp3HGIF8vv3w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ca.html
20841350p.rfihub.com/ Frame 18E0 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20841350p.rfihub.com/ca.html?ver=9&rb=46722&ca=20841350&_o=46722&_t=20841350&pe=https%3A%2F%2Fnewks.com%2F&pf=&ra=2907835288931966
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
e3b670c43d1eb0bff159268f47fb965667404290fc82f366bd6b6544b5b4fae2

Request headers

Referer
https://newks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
2605
Content-Type
text/html;charset=utf-8
Date
Thu, 06 Oct 2022 10:45:51 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
p-71352b19.system.js
unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/
Redirect Chain
  • https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-71352b19.system.js
  • https://unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/p-71352b19.system.js
18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/p-71352b19.system.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fad74decb533a4f21afdf2bd24eadaa5674f1bf0f563c4ef961d02cd131b0a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GEPEDKVKECE7T0181ZRFPS7X-fra
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
server
cloudflare
etag
W/"4648-v1pZia1a7WikSyUK5R52VfUliwM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
755dcf523a36921d-FRA

Redirect headers

date
Thu, 06 Oct 2022 10:45:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
fly-request-id
01GEPEDKTKSFKMBT3ZCBTMZ4CX-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/p-71352b19.system.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
755dcf5209d8921d-FRA
id
googleads.g.doubleclick.net/pagead/ Frame 01B7 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/55fdc514/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54fc136c3fbd492dd1414af885e1f20c2a3737ba088c19c5b8a641a6a1fa0dfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 01B7 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/55fdc514/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:39:26 GMT
x-content-type-options
nosniff
age
385
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Oct 2022 10:54:26 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 06 Oct 2022 10:45:51 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 01B7 		66 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/55fdc514/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
95ea4e4f1a9e0eec9e3ed2ea740e89280874f3ac5ac73c0ed70657fce030b770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30713
x-xss-protection
0
remote.js
www.youtube.com/s/player/55fdc514/player_ias.vflset/de_DE/ Frame 01B7 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/55fdc514/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/55fdc514/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4377f9543fbc3e7ae0a662e4f262f2f940fe03afeea47f3a38e93d34086a16bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EkWFDUnlX_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 14:56:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
71365
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37176
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 00:20:53 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Oct 2023 14:56:26 GMT
Y-zeT9jJ33tCNYTX0Kw8-3I-ogsAM9wZgys9W8554e8.js
www.google.com/js/th/ Frame 01B7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/Y-zeT9jJ33tCNYTX0Kw8-3I-ogsAM9wZgys9W8554e8.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/55fdc514/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63ecde4fd8c9df7b423584d7d0ac3cfb723ea20b0033dc19832b3d5bce79e1ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:11:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
106448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14419
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 17:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 05:11:43 GMT
embed.js
www.youtube.com/s/player/55fdc514/player_ias.vflset/de_DE/ Frame 01B7 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/55fdc514/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/55fdc514/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3edbe749f35d8c3506ad1cc22c8bb9896e4865f3d11e71246ad35e10ae10646e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EkWFDUnlX_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 14:56:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
71365
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8118
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 00:20:53 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Oct 2023 14:56:26 GMT
truncated
/ Frame 01B7 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu_e4Wc5CJ17bRyPpLsd6nsmpdpDvsm8uW_1-2JH=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 01B7 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu_e4Wc5CJ17bRyPpLsd6nsmpdpDvsm8uW_1-2JH=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EkWFDUnlX_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d80f0723f0013dbcbf0f528ae2197295aad92a78da0e72a35481086ffdfbcce3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3424
x-xss-protection
0
server
fife
etag
"v5"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 05 Oct 2022 16:59:51 GMT
sddefault.webp
i.ytimg.com/vi_webp/EkWFDUnlX_A/ Frame 01B7 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/EkWFDUnlX_A/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EkWFDUnlX_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2016 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
866f252b0ff19f2e638c11bd70bd6851a31148f4a68c240befd01ffbd9008c07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
x-content-type-options
nosniff
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16538
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 06 Oct 2022 12:45:51 GMT
720341928728884
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/720341928728884?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cbc8f5af70605797c9bec18d1e58c86dceae358fc2ac4b43753ced92725997de
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 06 Oct 2022 10:45:51 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Z/dPpUy6e9dRxC3IcT3BLpR6E/e2lDgMD6noND9Nu0uyPRG8MIuRN/Gop4XfVVMwk08f73GJpnp6QPxDIXPwCg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2304573169610271&ev=PageView&dl=https%3A%2F%2Fnewks.com%2F&rl=&if=false&ts=1665053151253&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665053151252.1480180434&it=1665053150994&coo=false&rqm=GET
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 06 Oct 2022 10:45:51 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cm
a.rfihub.com/ Frame 18E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMjA1ODk5NzA0Ng==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEGB1R-qrnN6kbFs3LHfme2k&google_cver=1
42 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEGB1R-qrnN6kbFs3LHfme2k&google_cver=1
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
HTTP/1.1
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 06 Oct 2022 10:45:51 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEGB1R-qrnN6kbFs3LHfme2k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 18E0
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=18&code=5140084922058997046
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084922058997046
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084922058997046
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Oct 2022 10:45:51 GMT
AN-X-Request-Uuid
0187760b-243f-480a-9dcc-fe1eb62a4cb4
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.197; 80.255.10.197; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 06 Oct 2022 10:45:51 GMT
AN-X-Request-Uuid
5712c93b-6591-4346-99cf-f8f44c28ad7c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084922058997046
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.197; 80.255.10.197; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 18E0 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5140084922058997046&
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
demconf.jpg
dpm.demdex.net/ Frame 18E0
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084922058997046&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084922058997046&redir=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084922058997046&redir=
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
HTTP/1.1
Server
54.77.35.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v044-03c2552b2.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
PHQy8kyGSF0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v044-0722c3202.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
EEEiRJzCS6M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084922058997046&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ps.eyeota.net/ Frame 18E0
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=5140084922058997046&bid=omt9pi0
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=5140084922058997046&bid=omt9pi0
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
HTTP/1.1
Server
18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 06 Oct 2022 10:45:51 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=5140084922058997046&bid=omt9pi0
Date
Thu, 06 Oct 2022 10:45:51 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync.php
contextual.media.net/ Frame 18E0 		45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084922058997046
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 06 Oct 2022 10:45:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 06 Oct 2022 10:45:51 GMT
serving
bs.serving-sys.com/ Frame 18E0 		0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.127.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-127-253.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
0
p3p
CP="NOI DEVa OUR BUS UNI"
501709.gif
idsync.rlcdn.com/ Frame 18E0
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084922058997046&referrer=https%3A%2F%2Fnewks.com%2F
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=c68d65ae-1c05-44a1-a826-a58d1eba92ca%3A1665053151.3735616&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc68d65ae-1c05-44a1-a826-a58d1eb...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c68d65ae-1c05-44a1-a826-a58d1eba92ca%3A1665053151.3735616
0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=c68d65ae-1c05-44a1-a826-a58d1eba92ca%3A1665053151.3735616
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

Location
https://idsync.rlcdn.com/501709.gif?partner_uid=c68d65ae-1c05-44a1-a826-a58d1eba92ca%3A1665053151.3735616
Date
Thu, 06 Oct 2022 10:45:51 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
bpi.rtactivate.com/tag/ Frame 18E0 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084922058997046
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.254.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-254-230.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 18E0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922058997046&forward=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922058997046&forward=&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922058997046&forward=&C=1
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Oct 2022 10:45:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 06 Oct 2022 10:45:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=57&external_user_id=5140084922058997046&forward=&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
360947.gif
idsync.rlcdn.com/ Frame 18E0 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=5140084922058997046
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 18E0 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084922058997046
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires
Thu, 06 Oct 2022 10:45:51 GMT
pragma
no-cache
date
Thu, 06 Oct 2022 10:45:51 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 18E0
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922058997046&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922058997046&img=1&__user_check__=1&sync_id=0bbb3e44-4564-11ed-bd49-129210fe0306
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922058997046&img=1&__user_check__=1&sync_id=0bbb3e44-4564-11ed-bd49-129210fe0306
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 06 Oct 2022 10:45:51 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
143
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 06 Oct 2022 10:45:51 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7180&uid=5140084922058997046&img=1&__user_check__=1&sync_id=0bbb3e44-4564-11ed-bd49-129210fe0306
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
98
Connection
keep-alive
Content-Length
0
sync
partners.tremorhub.com/ Frame 18E0 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=5140084922058997046&r=2hFmuVfOx7zd
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:562f:45f1:d263:2a9f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 06 Oct 2022 10:45:51 GMT
server
Apache-Coyote/1.1
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame 18E0 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084922058997046
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.137.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-137-124.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:51 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame 18E0 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084922058997046
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.197.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-197-119.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-served-by
beacon-n017-dub-prod.krxd.net
date
Thu, 06 Oct 2022 10:45:51 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1665053151
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/ Frame 18E0
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084922058997046&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084922058997046&expires=30
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084922058997046&expires=30
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
HTTP/1.1
Server
52.58.8.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-8-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 06 Oct 2022 10:45:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084922058997046&expires=30
Date
Thu, 06 Oct 2022 10:45:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cm
p.rfihub.com/ Frame 18E0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Yz6x3wAAC_zJOwAr
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=Yz6x3wAAC_zJOwAr&_test=Yz6x3wAAC_zJOwAr
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=Yz6x3wAAC_zJOwAr&_test=Yz6x3wAAC_zJOwAr
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
HTTP/1.1
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20841350p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 06 Oct 2022 10:45:51 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-hhn4081-HHN
pragma
no-cache
date
Thu, 06 Oct 2022 10:45:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1665053152.760689,VS0,VE0
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=Yz6x3wAAC_zJOwAr&_test=Yz6x3wAAC_zJOwAr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 01B7 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/55fdc514/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 06 Oct 2022 10:45:51 GMT
generate_204
www.youtube.com/ Frame 01B7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?ay7-Sg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EkWFDUnlX_A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EkWFDUnlX_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/106/ Frame 01B7 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/106/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 19:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15116
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 15:10:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 06 Oct 2022 19:04:31 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 01B7 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/55fdc514/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea443524ea272a93f260473ea6679af49d7056a577db952b90881c4a89171d9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 06 Oct 2022 10:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 06 Oct 2022 10:45:51 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
708154546578601
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/708154546578601?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1066f0cd17454d890f4efea6b7f18d21c2ee2e1750f550a5ca7cd03cca7e4728
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 06 Oct 2022 10:45:51 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
AKbRFsp6GEhZ20bqHhqMDsu2skME7wCeaF1864eeHlGxDfJGFyBzjQzI/sal5dLoARrGGcUtv3Po4o5XP47lmQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=720341928728884&ev=PageView&dl=https%3A%2F%2Fnewks.com%2F&rl=&if=false&ts=1665053151574&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665053151252.1480180434&it=1665053150994&coo=false&rqm=GET
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 06 Oct 2022 10:45:51 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
p-49b4469c.system.entry.js
unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/
Redirect Chain
  • https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-49b4469c.system.entry.js
  • https://unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/p-49b4469c.system.entry.js
68 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/p-49b4469c.system.entry.js
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
333dc526fcc00839bb95bc2a157e913c2be87ca2fb0b8bf03279b0e859f07de7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:52 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GEPEDMKJ3BH4KVARM28Q59SH-fra
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
server
cloudflare
etag
W/"10e0a-SbRGnKj7Pd4qpgIxCw+egRTpobw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
755dcf56ea61921d-FRA

Redirect headers

date
Thu, 06 Oct 2022 10:45:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
fly-request-id
01GEPEDMGS6A5EGQAAA549JEN6-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/tttl-embed-survey@0.2.8/dist/tttl-embed-survey/p-49b4469c.system.entry.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
755dcf56590c921d-FRA
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=708154546578601&ev=PageView&dl=https%3A%2F%2Fnewks.com%2F&rl=&if=false&ts=1665053151795&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22889637931582367%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%222443178565827250%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1665053151252.1480180434&it=1665053150994&coo=false&rqm=GET
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 06 Oct 2022 10:45:51 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2304573169610271&ev=Microdata&dl=https%3A%2F%2Fnewks.com%2F&rl=&if=false&ts=1665053151796&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Homepage%20-%20Newks%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Newks%20Eatery%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fnewks.com%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fnewks.com%2Fmedia%2Ficons%2Fnewks-op.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1665053151252.1480180434&it=1665053150994&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 06 Oct 2022 10:45:51 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=720341928728884&ev=Microdata&dl=https%3A%2F%2Fnewks.com%2F&rl=&if=false&ts=1665053152076&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Homepage%20-%20Newks%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Newks%20Eatery%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fnewks.com%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fnewks.com%2Fmedia%2Ficons%2Fnewks-op.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665053151252.1480180434&it=1665053150994&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 06 Oct 2022 10:45:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
17521af61fdf86e5f771345444137ca5
api.tattleapp.com/v2/api/merchants/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.tattleapp.com/v2/api/merchants/17521af61fdf86e5f771345444137ca5?alt_key=uuid&expand=brand
Requested by
Host: unpkg.com
URL: https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-49b4469c.system.entry.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.146.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-146-113.compute-1.amazonaws.com
Software
nginx/1.23.1 /
Resource Hash
7f3589ba181f61cecbd5b122c0b0b42a2024c0082b6135b9b9dd6b9061d5b01c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:52 GMT
www-authenticate
Bearer realm="Service"
server
nginx/1.23.1
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS, PATCH
content-type
application/hal+json
access-control-allow-origin
*
x-uri
/index.php
access-control-allow-headers
authorization, Authorization, WWW-Authenticate, Origin, X-Requested-With, Content-Type, Accept, test
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=708154546578601&ev=Microdata&dl=https%3A%2F%2Fnewks.com%2F&rl=&if=false&ts=1665053152296&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Homepage%20-%20Newks%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Newks%20Eatery%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fnewks.com%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fnewks.com%2Fmedia%2Ficons%2Fnewks-op.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665053151252.1480180434&it=1665053150994&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: newks.com
URL: https://newks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 06 Oct 2022 10:45:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
flow
api.tattleapp.com/v2/api/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.tattleapp.com/v2/api/flow?merchants_id=2400&expand=questionnaire&active=1&deleted=0&is_online=1&is_visible=1&publishCycle=1&size=-1
Requested by
Host: unpkg.com
URL: https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-49b4469c.system.entry.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.146.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-146-113.compute-1.amazonaws.com
Software
nginx/1.23.1 /
Resource Hash
e5cdb9293087acd2fbf7d4fa801b139a5d25a81a8b1f487448ba0cc4112aeb90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:52 GMT
www-authenticate
Bearer realm="Service"
server
nginx/1.23.1
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-uri
/index.php
access-control-allow-headers
authorization, Authorization, WWW-Authenticate, Origin, X-Requested-With, Content-Type, Accept, test
locations
api.tattleapp.com/v2/api/ 		91 KB
91 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.tattleapp.com/v2/api/locations?expand=address&merchants_id=2400&page=1&size=300
Requested by
Host: unpkg.com
URL: https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-49b4469c.system.entry.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.146.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-146-113.compute-1.amazonaws.com
Software
nginx/1.23.1 /
Resource Hash
e48500b8e083a5f16840c542d11b0bc8c162fca63354063358ba3fc095f0ebfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:52 GMT
www-authenticate
Bearer realm="Service"
server
nginx/1.23.1
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS, PATCH
content-type
application/hal+json
access-control-allow-origin
*
x-uri
/index.php
access-control-allow-headers
authorization, Authorization, WWW-Authenticate, Origin, X-Requested-With, Content-Type, Accept, test
groups-locations
api.tattleapp.com/v2/api/ 		160 B
469 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.tattleapp.com/v2/api/groups-locations?locations_id=undefined
Requested by
Host: unpkg.com
URL: https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-49b4469c.system.entry.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.146.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-146-113.compute-1.amazonaws.com
Software
nginx/1.23.1 /
Resource Hash
6fe1410310eddaac619f83a2384de59e2311803e3a741423b3d9e9efa5177bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 10:45:53 GMT
www-authenticate
Bearer realm="Service"
server
nginx/1.23.1
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS, PATCH
content-type
application/hal+json
access-control-allow-origin
*
x-uri
/index.php
access-control-allow-headers
authorization, Authorization, WWW-Authenticate, Origin, X-Requested-With, Content-Type, Accept, test
log_event
www.youtube.com/youtubei/v1/ Frame 01B7 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/55fdc514/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
X-Goog-Request-Time
1665053153412
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/EkWFDUnlX_A
X-YouTube-Client-Version
1.20221004.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtNVWZEekR2SWpGMCje4_qZBg%3D%3D
X-YouTube-Ad-Signals
dt=1665053151036&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKpyz6w9l3Vx_HBEpPJ4Fr6FJlyvXja48y_ZfiMUf-ZFyfUzY-ZXZfenAqNlNTf33aMopOwFvYwkWHiOT-hSnUQrLHYQwg

Response headers

date
Thu, 06 Oct 2022 10:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 06 Oct 2022 10:45:53 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TQHBZDF37S&gtm=2oea50&_p=1897552559&cid=876811676.1665053148&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1665053148&sct=1&seg=0&dl=https%3A%2F%2Fnewks.com%2F&dt=Homepage%20-%20Newks&en=scroll&epn.percent_scrolled=90&_et=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TQHBZDF37S&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Oct 2022 10:45:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| GoogleAnalyticsObject function| ga object| dataLayer object| html5 object| Modernizr object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| hj object| _hjSettings function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| onYouTubeIframeAPIReady function| ES6Promise object| WHATWGFetch object| System object| navmobilea function| FsLightbox object| fsLightboxInstances undefined| fsLightbox function| refreshFsLightbox function| $ function| jQuery object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin function| ScrollTrigger function| Waypoint object| _gsap function| _scrollTop function| _scrollLeft number| size_li number| x function| fbq function| _fbq object| hostnamesNotToInclude string| hostname string| checkoutPage string| redirectTo object| versionTag function| pushState object| metas function| _rfi function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP function| __extends function| __awaiter function| __generator function| __spreadArrays function| __sc_import_tttl_embed_survey

37 Cookies

Domain/Path Name / Value
.newks.com/ Name: _gid
Value: GA1.2.310591647.1665053148
.newks.com/ Name: _gat
Value: 1
.newks.com/ Name: _gcl_au
Value: 1.1.510435470.1665053148
.newks.com/ Name: _ga_TQHBZDF37S
Value: GS1.1.1665053148.1.0.1665053148.60.0.0
.newks.com/ Name: _ga
Value: GA1.1.876811676.1665053148
.doubleclick.net/ Name: IDE
Value: AHWqTUnZ-ldhyWD_p-bHgmfQ10yRrkb_XZ4_DQiibS14tV_5fV_yn4wGeuL3jSqd
.youtube.com/ Name: YSC
Value: HmqWONZl5OI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: MUfDzDvIjF0
.newks.com/ Name: _hjSessionUser_2830751
Value: eyJpZCI6IjYyNzAwMTQ3LTc3NTgtNWI3MS1iMGMyLTAwNDNiOWVhOGUwYiIsImNyZWF0ZWQiOjE2NjUwNTMxNDg4MjcsImV4aXN0aW5nIjpmYWxzZX0=
.newks.com/ Name: _hjFirstSeen
Value: 1
newks.com/ Name: _hjIncludedInSessionSample
Value: 0
.newks.com/ Name: _hjSession_2830751
Value: eyJpZCI6Ijk3Mzc3NDM5LTdiYzUtNDU5ZS1hZTViLWYzMjE5Y2U3M2FhYiIsImNyZWF0ZWQiOjE2NjUwNTMxNTA5ODIsImluU2FtcGxlIjpmYWxzZX0=
newks.com/ Name: _hjIncludedInPageviewSample
Value: 1
.newks.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjIwtbC0NDcwMRPiM9QNtgizTPKsiHCucAoHAFSABhQlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjIwtbC0NDcwMRPiM9QNtgizTPKsiHCucAoHAFSABhQlAAAA
.newks.com/ Name: _fbp
Value: fb.1.1665053151252.1480180434
.adnxs.com/ Name: uuid2
Value: 5386175514601022528
.casalemedia.com/ Name: CMID
Value: Yz6x3yy2wv8zM27L6ef54gAA
.casalemedia.com/ Name: CMPS
Value: 5246
.casalemedia.com/ Name: CMPRO
Value: 5246
.adnxs.com/ Name: anj
Value: dTM7k!M4/YErk#WF']wIg2GVVuy-gU!]tbPl1MNu::wpAk`W=icvim-ieFQJjEF^clvco'n?ZgH4^J$o!_6-zQEVk`!+M+>P(d5V
.media.net/ Name: visitor-id
Value: 3080547519171784000V10
.media.net/ Name: data-rk
Value: 5140084922058997046~~3
.demdex.net/ Name: demdex
Value: 13750972793752289923652945712150191873
.eyeota.net/ Name: SERVERID
Value: 22463~DM
.dpm.demdex.net/ Name: dpm
Value: 13750972793752289923652945712150191873
.spotxchange.com/ Name: audience
Value: 0bbb3e09-4564-11ed-bd49-129210fe0306
.rezync.com/ Name: zync-uuid
Value: c68d65ae-1c05-44a1-a826-a58d1eba92ca:1665053151.3735616
live.rezync.com/ Name: sd-session-id
Value: .eJwNzDEOwyAMQNG7eA4VBuwAl4lc8IDa0CqkS6PevYxfevoXbG89dunaT8jn8dEFyrPNGpAvGO276wMyEAZrY0jOWYoprTYw_BYYOkZ79a3VaQrHyiRqsFgyIQgaiY6NUKyod0muSEZmsuSR8OZXT4zz8we6gSXq.Yz6x3w.7ChFCuLUvnQLpDb8njOh0xgXFzc
.bidswitch.net/ Name: tuuid
Value: c1c5b81a-cf2d-4783-8e5d-a9332d01bd00
.bidswitch.net/ Name: c
Value: 1665053151
.bidswitch.net/ Name: tuuid_lu
Value: 1665053151
.krxd.net/ Name: _kuid_
Value: PHx5r4OB
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yz6x3wAAC_zJOwAr
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12dXcyDNItLMrzM8tOcis29vFIy001yl7FKBBZZVZhXO7o6Bxf5eVf7ljUxGKebGaRYmaamKprmGxgqmtikmiom2hhZKabaGqRYpialGhplJxoZWhmZmpgamxoaqhnbG5samZoBgAiYwtMawAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA12dXcyDNItLMrzM8tOcis29vFIy001yg7iNTQzMzUwNTY0NTQxNp3FiMQ3NDdchcY_hcZ_hcb_hcafxITKn4XGX4TGX4XG34TG34WungWVfwuZb2xosIhVILLKrMK43NHROb7Ky7_csWgVK5ISc3PzTaxoVnCjeQmNP0nYPNnMIsXMNDFV1zDZwFTXxCTRUDfRwshMN9HUIsUwNSnR0ig50QqhSc_Y3NjUzNBsljByYJsZLBJGNfkRGh8AZ5kFEboBAAA

5 Console Messages

Source Level URL
Text
network error URL: https://newks.com/assets/js/scripts/lightgallery.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://newks.com/
Message:
Refused to execute script from 'https://newks.com/assets/js/scripts/lightgallery.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network error URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5140084922058997046
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=c68d65ae-1c05-44a1-a826-a58d1eba92ca%3A1665053151.3735616
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-71352b19.system.js
Message:
@import rules are not allowed here. See https://github.com/WICG/construct-stylesheets/issues/119#issuecomment-588352418.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12881027.fls.doubleclick.net
20841350p.rfihub.com
a.rfihub.com
aa.agkn.com
adservice.google.com
adservice.google.de
api.tattleapp.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
idsync.rlcdn.com
in.hotjar.com
jnn-pa.googleapis.com
live.rezync.com
newks.com
p.rfihub.com
partners.tremorhub.com
pix.pub
pixel.rubiconproject.com
ps.eyeota.net
region1.analytics.google.com
script.hotjar.com
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
unpkg.com
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.newks.com
www.youtube.com
x.bidswitch.net
x.dlx.addthis.com
yt3.ggpht.com
104.26.7.66
108.138.17.76
108.138.17.96
108.138.7.99
142.250.184.230
142.251.39.66
151.101.130.49
18.184.216.10
18.196.127.253
18.66.112.79
18.66.147.29
18.66.147.47
185.80.39.216
185.89.210.153
185.94.180.125
193.0.160.128
2001:4860:4802:34::36
216.58.212.162
23.35.228.23
2600:1f18:612b:4264:562f:45f1:d263:2a9f
2600:9000:223c:ee00:1:76cf:fe80:93a1
2606:4700::6810:7caf
2606:4700::6811:180e
2a00:1450:4001:803::2003
2a00:1450:4001:803::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::2006
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:400c:c00::9d
2a00:1450:400d:806::2004
2a00:1450:400d:806::2016
2a00:1450:400d:807::2003
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2008
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.192.146.113
34.250.137.124
35.244.174.68
52.48.197.119
52.58.8.248
54.204.254.230
54.77.35.16
69.173.144.138
69.192.160.219
79.125.47.26
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
037f452d23bdc605f6c7e04067e20ac741d2d8f2aa7e464f48eb61d58cd0c860
052fa301c507a71ff8f04d1314c830840f9eafb86ffa92beace1d65e1a8ef9c2
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
074e6a5ef0e5c14a75389c6265b1b135c27dc1ab286413174999cbc26e421fd0
0a279372028690ecbcefdc632dc4df9d96e9348978fd29424817eaf13958463a
0e67f12c1fee605ebacdae63f27c56377855a6f0f8ed357a093ae55e24f6ae7e
1066f0cd17454d890f4efea6b7f18d21c2ee2e1750f550a5ca7cd03cca7e4728
19eab772c8cb2919d14d563774b249919f4989295f54cf64443470c9964931c4
1a913c910e1c2d698dfd4d4df819e4cc58831640f8799a8cdad0f77f4d1d70f1
21cb3f065add4039f5a761d158814f72042661bfc737017159ec193591deb238
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
265c987d31386e86de49089c55d9298a004e7d659d6f890e2e8e849ea12e8e3c
2d500e7c95e4059260b1446554f0d5d6f6adab02bf9730d5655e15f46a5ffe72
3324614698f72cc606e4f62ba931a65931727fe4b28b2625784948cd669813ed
333dc526fcc00839bb95bc2a157e913c2be87ca2fb0b8bf03279b0e859f07de7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
393ea5d6182d4324217627c1cc78f7805116b67bbd24e5390a5d1f2b1aa1c960
3a6a70589d9d9f1b1e957a0fb225558ce5c5ea0d1aa30d32a68dc14d5f8f354b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3edbe749f35d8c3506ad1cc22c8bb9896e4865f3d11e71246ad35e10ae10646e
3f7ef7450b38940d37d1a68a25cdce2a9296ebda53b82674cd232da2543cd3d4
4377f9543fbc3e7ae0a662e4f262f2f940fe03afeea47f3a38e93d34086a16bf
46fd6d4af80bd9d4692c9cd6e1a9bc36edfcae35990d488e9fcab48fb5fb9bd4
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8e8b42acdad2f84c0d44c5dbc12b8327706d1f49551e1ec577b08d4cbaf263
4fad74decb533a4f21afdf2bd24eadaa5674f1bf0f563c4ef961d02cd131b0a6
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
548d5aa30dba9d2558aab6ee5b17c3edad47d4eb153a645be0a3656023864232
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54fc136c3fbd492dd1414af885e1f20c2a3737ba088c19c5b8a641a6a1fa0dfe
594d6ab7604225d0409b086e22502a495b29ed45f8b9b66fbd8be2fb3c7e6183
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b3c6e212cbb3b9f4f28b09cfdc53990e809792192d7d8639d3311f0551c2010
5c35f26ded7d21acd288910e2e746bf932bb7fe94b2b9815d552690b535f764d
5d467f28ef6d7bbe9eb9991542a11302f5874486c40c861c32cc3fc365b85340
5e4d7a564b9fa4ea91c98069b144720415f53b57ffae33e522f9b96ef6488cbf
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
63ecde4fd8c9df7b423584d7d0ac3cfb723ea20b0033dc19832b3d5bce79e1ef
6566e0b49a0a4072930227baded9c1bccf5f7477c764c7d5740f0164561e7cf6
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68e31878dd73d8a950add62a9f4afd93d1b6f41024ce6f2cb549a01ff0c85ad4
6fe1410310eddaac619f83a2384de59e2311803e3a741423b3d9e9efa5177bdc
70756116f9b7ad16026d20942d14e5bd60903c9680ae0cf7b2dfb3f18d8c8fb8
70deafd8ecb7cb8ed814554445de61ee2aca9a6ac4a8ae9f803beff93613f20c
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f3589ba181f61cecbd5b122c0b0b42a2024c0082b6135b9b9dd6b9061d5b01c
7fba20c39e3db90f5ded3eb9c5a9513004627b8b6ee188950c1a7a269dfdff67
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a70867f76c962969aa6a586ba86580a7a760edd7808fe52d500d7e8e7972e3
866f252b0ff19f2e638c11bd70bd6851a31148f4a68c240befd01ffbd9008c07
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
91f5057e488a1a8129b18acc7483781b4bba982d259259a512f823bbff09bf74
9244ca1c1e490ccaf60ad2f49c4bb103b85497b97605fdd2d01671a5d74d5ca2
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
95ea4e4f1a9e0eec9e3ed2ea740e89280874f3ac5ac73c0ed70657fce030b770
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a56838a9945bcc7f2ac3996f3ccb3c0b264e26dc96842ff23deed0e8263d2aa
9e678216ccb9006950f9aea6d365881011a843d409d0d1c0469c1e23330e83fb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a291aafce47b2761dba387ec9a4bb9ecf4653e0078bdb9203c9bc65dbb24a7fb
a3cb33015d9ee73c4cc4873a618ef8b192c1b0f8f7bfe2eb730f130ca246b3bd
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a629dac8bcf0687dfbe519be1036eda9e6fe4e9c8087725aa7c185f26683f73d
a85c388efd8b76b17e49c4d99b6da0e64e64303de769bcf2ec4067cd9e73102d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0012c21f87120d46a70f61fd79206f486e929a8b08db7d486ff56822a8e7b77
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15982ee59bfe8b878d23f907debd38ce0594708362479804150b123d3eebe10
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bc64950bc352ec1e390cfb2ce8ca6cfa604d236495369bba67c24919521a5e5b
bc7b2d54973e1e66db80ce2595f6dd381ec463b0663113e3a771892345c86f67
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c182918d2f7aabb51276d7279f393a74699a128232e6ed557d1cae4fa0fd4fa1
c5ebeb8f82195bd4c9c6143d6183fed33be01d922ff94c384850bd603803e64a
c6355e07a1594eefdbfb69abf9424ac615b4b42972338e00fb8f40c45286e123
cbc8f5af70605797c9bec18d1e58c86dceae358fc2ac4b43753ced92725997de
d22da964305fbc6f6d9e1bec2946110f2b479d684e05a029c93a68eea15db03f
d59bc03ab9ef9372d28f6853e6d2e9850d1ad010e04e95035f5474968e61efdb
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d80f0723f0013dbcbf0f528ae2197295aad92a78da0e72a35481086ffdfbcce3
e19dad4cab71dbb5a84c24db7bd82753079c038a30e17fe157b59faf0e45f596
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b670c43d1eb0bff159268f47fb965667404290fc82f366bd6b6544b5b4fae2
e3c7056d94ca3664fb8d539523819753b9e3d947b6ee5a1166505969a4fe9e43
e48500b8e083a5f16840c542d11b0bc8c162fca63354063358ba3fc095f0ebfd
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5cdb9293087acd2fbf7d4fa801b139a5d25a81a8b1f487448ba0cc4112aeb90
e784b6433f66d0a6380e5633b36f1bf6466b9a718b8c55f4a8964aac0818aff3
ea443524ea272a93f260473ea6679af49d7056a577db952b90881c4a89171d9d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d563c9835949c03d69342e5f107618510c2e49eb0561d2c9047bb07dee4b14
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
fdbf79dc4db79ed651cdbbd4a07d898518057578c353cfe6b7ff8da8a01f619a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e