www.newser.com Open in urlscan Pro
40.114.51.62 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.newser.com/
Submission: On January 30 via api (January 30th 2022, 3:51:19 pm UTC) from IE — Scanned from DE

Summary HTTP 284 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 57 IPs in 5 countries across 46 domains to perform 284 HTTP transactions. The main IP is 40.114.51.62, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.newser.com. The Cisco Umbrella rank of the primary domain is 226050.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 31st 2020. Valid for: a year.

This is the only time www.newser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	40.114.51.62 40.114.51.62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
62	2620:1ec:bdf::45 2620:1ec:bdf::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
72	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2600:9000:20e... 2600:9000:20eb:3400:12:4abd:d340:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2600:9000:20e... 2600:9000:20eb:6e00:14:2602:6e80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	54.91.59.199 54.91.59.199	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:fcb8:22d2:d390:5f1b	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:9e11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
2	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 3	13.225.80.38 13.225.80.38	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:b000:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
2	92.122.255.233 92.122.255.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:20e... 2600:9000:20eb:5c00:1a:1459:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2600:9000:20e... 2600:9000:20eb:4400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.252.133.182 34.252.133.182	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	13.224.197.4 13.224.197.4	16509 (AMAZON-02) (AMAZON-02)
1 12	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:40f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	3.222.213.29 3.222.213.29	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	3.237.107.58 3.237.107.58	() ()
17 23	169.50.137.182 169.50.137.182	() ()
1 2	13.248.245.213 13.248.245.213	() ()
1	2600:1f18:612... 2600:1f18:612b:4200:3aa:8894:1069:c551	() ()
1 2	35.227.248.159 35.227.248.159	() ()
1 1	3.68.148.208 3.68.148.208	() ()
1 1	3.122.111.84 3.122.111.84	() ()
1	18.66.248.92 18.66.248.92	() ()
2 3	2600:1901:0:8... 2600:1901:0:8eee::	() ()
3 3	216.58.212.130 216.58.212.130	() ()
1	3.216.159.172 3.216.159.172	() ()
1	104.90.192.27 104.90.192.27	() ()
1 2	52.30.140.199 52.30.140.199	() ()
1	72.251.249.14 72.251.249.14	() ()
1	35.244.174.68 35.244.174.68	() ()
1 1	172.217.18.98 172.217.18.98	() ()
1	2a00:1450:400... 2a00:1450:4001:80e::2003	() ()
1 2	185.94.180.125 185.94.180.125	() ()
1 2	37.252.172.249 37.252.172.249	() ()
1	8.39.36.141 8.39.36.141	() ()
1	35.244.159.8 35.244.159.8	() ()
284	57

4 40.114.51.62 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static1-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img2-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static2-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img1-azrcdn.newser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:20eb:3400:12:4abd:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:20eb:6e00:14:2602:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.91.59.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9e11 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.80.38 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-38.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:b000:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.122.255.233 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-255-233.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:5c00:1a:1459:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

config.playwire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:4400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.133.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-133-182.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.197.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-4.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:40f1 (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.213.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-213-29.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.237.107.58 (None, )

ASN- ()

kinesis.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 169.50.137.182 (None, ) 17 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (None, ) 1 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:3aa:8894:1069:c551 (None, )

ASN- ()

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (None, ) 1 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.68.148.208 (None, ) 1 redirects

ASN- ()

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.111.84 (None, ) 1 redirects

ASN- ()

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.92 (None, )

ASN- ()

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (None, ) 2 redirects

ASN- ()

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.130 (None, ) 3 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.159.172 (None, )

ASN- ()

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.192.27 (None, )

ASN- ()

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.140.199 (None, ) 1 redirects

ASN- ()

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.14 (None, )

ASN- ()

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (None, )

ASN- ()

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (None, ) 1 redirects

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (None, )

ASN- ()

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (None, ) 1 redirects

ASN- ()

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (None, ) 1 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.141 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (None, )

ASN- ()

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
138	newser.com www.newser.com — Cisco Umbrella Rank: 226050 static1-azrcdn.newser.com — Cisco Umbrella Rank: 419801 static2-azrcdn.newser.com — Cisco Umbrella Rank: 496082 img2-azrcdn.newser.com — Cisco Umbrella Rank: 311424 img1-azrcdn.newser.com — Cisco Umbrella Rank: 313300 newser.com — Cisco Umbrella Rank: 180658	5 MB
25	simpli.fi 17 redirects i.simpli.fi — Cisco Umbrella Rank: 3551 um.simpli.fi	14 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124	144 KB
17	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 96 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net	219 KB
13	intergi.com cdn.intergi.com — Cisco Umbrella Rank: 3941	218 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 324	213 KB
9	intergient.com cdn.intergient.com — Cisco Umbrella Rank: 4651	144 KB
6	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	1 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	56 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 www.googleapis.com — Cisco Umbrella Rank: 35	4 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 281	40 KB
4	exelator.com 1 redirects loadus.exelator.com — Cisco Umbrella Rank: 1333 load77.exelator.com — Cisco Umbrella Rank: 3641 loadm.exelator.com	2 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1501 m.addthis.com — Cisco Umbrella Rank: 1468	217 KB
3	pro-market.net 2 redirects fei.pro-market.net pbid.pro-market.net	910 B
3	moatads.com z.moatads.com — Cisco Umbrella Rank: 361 mb.moatads.com — Cisco Umbrella Rank: 561	77 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 138	2 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 279	17 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 592 syndication.twitter.com — Cisco Umbrella Rank: 844	133 KB
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	agkn.com 2 redirects aa.agkn.com d.agkn.com	959 B
2	tapad.com 1 redirects pixel.tapad.com	886 B
2	3lift.com 1 redirects eb2.3lift.com	729 B
2	amazonaws.com kinesis.us-east-1.amazonaws.com	582 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8028 www.google.de	1 KB
2	rddywd.com rddywd.com — Cisco Umbrella Rank: 110063	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	83 KB
2	4dsply.com cdn.engine.4dsply.com — Cisco Umbrella Rank: 19556 engine.4dsply.com — Cisco Umbrella Rank: 19338	59 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1019 pixel.quantserve.com — Cisco Umbrella Rank: 424	10 KB
1	openx.net us-u.openx.net	274 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	googleadservices.com 1 redirects www.googleadservices.com	631 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	lijit.com ce.lijit.com	348 B
1	bluekai.com stags.bluekai.com	603 B
1	bfmio.com sync.bfmio.com	421 B
1	intentiq.com sync.intentiq.com
1	tremorhub.com simplifi.partners.tremorhub.com	183 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	38 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1120	201 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1758	556 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 898	436 B
1	playwire.com config.playwire.com — Cisco Umbrella Rank: 4008	9 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1277	14 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 3497	255 B
284	46

	Domain	Requested by
71	img1-azrcdn.newser.com	www.newser.com static1-azrcdn.newser.com
58	img2-azrcdn.newser.com	www.newser.com static1-azrcdn.newser.com
23	um.simpli.fi	17 redirects
15	tpc.googlesyndication.com	www.newser.com securepubads.g.doubleclick.net cdn.ampproject.org ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com tpc.googlesyndication.com
13	cdn.intergi.com	www.newser.com cdn.intergient.com cdn.intergi.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	cdn.intergient.com	www.newser.com cdn.intergient.com
8	securepubads.g.doubleclick.net	cdn.intergi.com securepubads.g.doubleclick.net www.newser.com
7	pagead2.googlesyndication.com	newser.com www.newser.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	www.google.com	3 redirects ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.newser.com ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
4	c.amazon-adsystem.com	cdn.intergi.com c.amazon-adsystem.com
4	static1-azrcdn.newser.com	www.newser.com
4	fonts.googleapis.com	www.newser.com securepubads.g.doubleclick.net ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
3	cm.g.doubleclick.net	3 redirects
3	www.gstatic.com	ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects www.newser.com
3	ssl.google-analytics.com	1 redirects www.newser.com
3	s7.addthis.com	www.newser.com s7.addthis.com
3	www.newser.com	static1-azrcdn.newser.com
2	ib.adnxs.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	eb2.3lift.com	1 redirects
2	kinesis.us-east-1.amazonaws.com	cdn.intergient.com
2	ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	rddywd.com	newser.com www.newser.com
2	z.moatads.com	s7.addthis.com cdn.intergient.com
2	fonts.gstatic.com	fonts.googleapis.com
2	i.simpli.fi	www.newser.com i.simpli.fi
2	connect.facebook.net	www.newser.com connect.facebook.net
2	platform.twitter.com	static1-azrcdn.newser.com platform.twitter.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	www.google.de
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	ce.lijit.com
1	stags.bluekai.com
1	sync.bfmio.com
1	pbid.pro-market.net
1	sync.intentiq.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	www.googletagservices.com	ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
1	engine.4dsply.com	cdn.engine.4dsply.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	syndication.twitter.com	platform.twitter.com
1	ping.chartbeat.net	www.newser.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	www.googleapis.com	www.newser.com
1	pixel.quantserve.com	www.newser.com
1	stats.g.doubleclick.net	www.newser.com
1	mb.moatads.com	z.moatads.com
1	rules.quantcount.com	secure.quantserve.com
1	load77.exelator.com	www.newser.com
1	config.playwire.com	cdn.intergient.com
1	static.chartbeat.com	www.newser.com
1	newser.com	www.newser.com
1	loadus.exelator.com	www.newser.com
1	cdn.engine.4dsply.com	www.newser.com
1	secure.quantserve.com	www.newser.com
1	api.ipify.org	static1-azrcdn.newser.com
1	static2-azrcdn.newser.com	www.newser.com
284	70

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.microsoft.com

Subject Issuer	Validity	Valid
*.newser.com Go Daddy Secure Certificate Authority - G2	`2020-12-31` - `2022-02-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
static1-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-25` - `2022-06-25`	a year	crt.sh
static2-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-24` - `2022-06-24`	a year	crt.sh
cdn.intergient.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
cdn.intergi.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
img2-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-24` - `2022-06-24`	a year	crt.sh
img1-azrcdn.newser.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-25` - `2022-06-25`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
4dsply.com Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-08` - `2022-02-06`	3 months	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.playwire.com Amazon	`2021-04-12` - `2022-05-11`	a year	crt.sh
1605158521.rsc.cdn77.org R3	`2021-12-22` - `2022-03-22`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-11` - `2022-07-10`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
kinesis.us-east-1.amazonaws.com Amazon	`2021-12-29` - `2022-12-08`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.newser.com/
Frame ID: F3CF7B753CE4C2FC2990A94F6EC942A6
Requests: 230 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.6.33/iframe/iframe.html
Frame ID: 52B00C813D00B296F67E967ECB31CBFE
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 0D6D381A1FFEC780E57DC83C8312F93F
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: E28E2055A85216F6CB3B20B55554B803
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.newser.com
Frame ID: B7F3B9689F5AAF0BF32DD4BAB60B1E15
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: DD2AABC4FC9E7A10C095B9317DF7CF62
Requests: 1 HTTP requests in this frame

Frame: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7C6A0E821BB3556938F669C0D9883090
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Frame ID: 8A5851450BD382FD0ADF16E194E69D4C
Requests: 14 HTTP requests in this frame

Frame: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 753B66EC5529140E2B5AD8277822C169
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032201141909000/amp4ads-v0.mjs
Frame ID: A103DAD3C94BF94830116DF792054CC1
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 8B6C66840EC4D3E35BD47155C5A02E51
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 77D317D2777FE2ADB4E89C996256444B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 991043DBE7A92997F6777CAF50F99153
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 762D390635EAE2901F50AB637535AD63
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Newser | Headline News Summaries, World News, and Breaking News

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

284
Requests

92 %
HTTPS

50 %
IPv6

46
Domains

70
Subdomains

57
IPs

5
Countries

6547 kB
Transfer

11179 kB
Size

46
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://itunes.apple.com/us/app/newser/id334678577?mt=8&uo=4

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.newser2

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/store/apps/9NRBJ0VZQX72

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/newser/id334678577?mt=8

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 160

https://sb.scorecardresearch.com/b?c1=2&c2=6035830&ns__t=1643557872778&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1643557872778&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=

Request Chain 162

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=152570803&utmhn=www.newser.com&utme=8(PWA*ABTesting1*LastRefDomain*OrigRef*UserClassification)9(N*A*direct*direct*P)11(1*3!2*1*1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&utmhid=646228812&utmr=-&utmp=%2F&utmht=1643557872902&utmac=UA-1055596-4&utmcc=__utma%3D116631449.1277182562.1643557873.1643557873.1643557873.1%3B%2B__utmz%3D116631449.1643557873.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1996362533&utmredir=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=1277182562.1643557873&jid=1996362533&_v=5.7.2&z=152570803

Request Chain 235

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 251

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 258

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=20169B320D604170B5202615FB8BC7ED&dongle=yf3 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=20169B320D604170B5202615FB8BC7ED&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=

Request Chain 259

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=20169B320D604170B5202615FB8BC7ED

Request Chain 260

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=20169B320D604170B5202615FB8BC7ED HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=20169B320D604170B5202615FB8BC7ED

Request Chain 261

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=20169B320D604170B5202615FB8BC7ED HTTP 302
https://d.agkn.com/pixel/10751/?che=1643557878&ip=185.213.155.169&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164960304047000341559 HTTP 302
https://um.simpli.fi/aa_px?sk=164960304047000341559

Request Chain 263

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=20169B320D604170B5202615FB8BC7ED

Request Chain 266

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=20169B320D604170B5202615FB8BC7ED;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=20169B320D604170B5202615FB8BC7ED;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTMyODIyNDk0Mzg1OTYwOTg4Mw== HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOmQNm91qmmLI6L8lOCah14&google_cver=1

Request Chain 267

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=20169B320D604170B5202615FB8BC7ED&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=20169B320D604170B5202615FB8BC7ED&j=0&xl8blockcheck=1

Request Chain 269

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=20169B320D604170B5202615FB8BC7ED

Request Chain 270

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=20169B320D604170B5202615FB8BC7ED

Request Chain 271

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=20169B320D604170B5202615FB8BC7ED HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=20169B320D604170B5202615FB8BC7ED

Request Chain 272

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=20169B320D604170B5202615FB8BC7ED

Request Chain 273

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=20169B320D604170B5202615FB8BC7ED

Request Chain 274

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1643557878423&cv=7&fst=1643557878423&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1071816753&cv=7&fst=1643557878423&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9rP2YZCHIa3Z7_UPuZm7oAI&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1071816753&cv=7&fst=1643557878423&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9rP2YZCHIa3Z7_UPuZm7oAI&cid=CAQSKQCNIrLMxwr9C-BCVOkFltP8b9_OLdcLYrnYcji8MbOWHgLZ9O5Rf41I&random=3506276573 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1071816753&cv=7&fst=1643557878423&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9rP2YZCHIa3Z7_UPuZm7oAI&cid=CAQSKQCNIrLMxwr9C-BCVOkFltP8b9_OLdcLYrnYcji8MbOWHgLZ9O5Rf41I&random=3506276573&ipr=y&prhg=0

Request Chain 275

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=20169B320D604170B5202615FB8BC7ED HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=20169B320D604170B5202615FB8BC7ED&__user_check__=1&sync_id=76b52786-81e4-11ec-a646-1f057aaa0506

Request Chain 276

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=20169B320D604170B5202615FB8BC7ED HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D20169B320D604170B5202615FB8BC7ED

Request Chain 277

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=20169B320D604170B5202615FB8BC7ED&expires=365

Request Chain 278

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=20169B320D604170B5202615FB8BC7ED

Request Chain 279

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEBd5qvuOJ96CwcdBQbrrfDA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=20169B320D604170B5202615FB8BC7ED HTTP 302
https://um.simpli.fi/g_match?id=

284 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.newser.com/ 258 KB
70 KB 572ms
292ms Document
text/html 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 055a79615ea3b8aed4be585c1d66cbe69395e3653b8e9944c01d18c128242c3b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 30 Jan 2022 15:50:11 GMT
Vary: Accept-Encoding
Scheme: https
RawURL: /
Date: Sun, 30 Jan 2022 15:51:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
2 KB 145ms
59ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c8e2b63593c31e87391f96f1a9b4b1c19b67966e560256a40cea1ac6c51307b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 15:51:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 15:51:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 15:51:12 GMT

GET
H2 200 stylesheet.ashx
static1-azrcdn.newser.com/stylesheets/20220112_1100/ 131 KB
19 KB 131ms
7ms Stylesheet
text/css 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac95d8cf8cb82ae4d077cb942c54f3a130d83902cd407743a770c6b34c4d98b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
content-encoding: br
x-azure-ref-originshield: 0ZbD1YQAAAACb6xHl0O1qR5VTC3IswPiyQU1TMDRFREdFMTkxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
x-azure-ref: 08LP2YQAAAAAOiVWQZUHjRbaeAcM7jnUWRlJBRURHRTEwMDcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/css; charset=utf-8
cache-control: public, max-age=2592000
scheme: https

GET
H2 200 jquery-1.12.4.min.js Show response
static1-azrcdn.newser.com/javascript/20220112_1100/ 114 KB
34 KB 136ms
13ms Script
text/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/jquery-1.12.4.min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
content-encoding: br
last-modified: Fri, 04 Dec 2020 19:36:38 GMT
x-azure-ref-originshield: 0e6P2YQAAAADoS4wVEz2OTouUi08AO6OAQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAA02UqRv7GbTqpJs3Mz++AKRlJBRURHRTEwMDcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 javascript.ashx Show response
static1-azrcdn.newser.com/javascript/20220112_1100/ 209 KB
41 KB 138ms
15ms Script
text/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/javascript.ashx?file=newser.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9464c8837610579e5ac316fc46c1e136c65433f989cf1c6a30c62e840e258348

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
content-encoding: br
x-azure-ref-originshield: 0iY72YQAAAABMSQPdcxRaRKSgXAqactuNQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /javascript/20220112_1100/javascript.ashx?file=newser.js
x-azure-ref: 08LP2YQAAAAB6dEtAdqJ2SaOqaoGY+iY5RlJBRURHRTEwMDcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
scheme: https

GET
H2 200 modernizr-custom.js Show response
static2-azrcdn.newser.com/javascript/20220112_1100/ 2 KB
1 KB 54ms
10ms Script
text/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static2-azrcdn.newser.com/javascript/20220112_1100/modernizr-custom.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 18:04:17 GMT
x-azure-ref-originshield: 0inz2YQAAAAA2lCyUa2gFRYZPkH+ITJ6hQU1TMDRFREdFMTgxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAACOfhUpeSS0T4VNpxsWCONbRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 jcarousel_min.js Show response
static1-azrcdn.newser.com/javascript/20220112_1100/ 18 KB
5 KB 8ms
7ms Script
text/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/jcarousel_min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 18:04:17 GMT
x-azure-ref-originshield: 0D3H2YQAAAADDrzLT/HGeQoqYk+RKcEsLQU1TMDRFREdFMTkyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAABmKUKb5XFRQYjkPcJ3RYwkRlJBRURHRTEwMDcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 ramp.js Show response
cdn.intergient.com/ 139 KB
43 KB 133ms
79ms Script
application/javascript 2600:9000:20eb:3400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/ramp.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a5a55d04b4ac5561544c97f9d552b1e45ecfdab797c37d2b1e5d941b8648c4ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=600, public, must-revalidate
content-encoding: br
x-amz-cf-id: Z4408fWcbzCn2nh4lt8oeJPHvnjyg67NTiCPvbRe0aeiC3T930_h9A==

GET
H2 200 pwnewser.min.js Show response
cdn.intergi.com/pubscripts/newser/ 8 KB
2 KB 48ms
8ms Script
text/javascript 2600:9000:20eb:6e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/pubscripts/newser/pwnewser.min.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 978f69abae4d7fa60114fcea9ee790caa3599e4aa961d630bf8204e8ceb883b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: N4oxotP37Mu.QJ88DREWNl2Vw79VR5j4
content-encoding: br
last-modified: Fri, 10 Dec 2021 17:04:07 GMT
server: AmazonS3
age: 46658
etag: W/"f3e02b370de691b7b5bb3e271dddaf32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 02:53:35 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: IHgYbhM9Q3DbrsNbNJhH70shm6QlnYgLpt-ODEcocPCM3LQo0Mh48w==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 64ms
12ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sun, 30 Jan 2022 15:51:12 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 Back-Arrow-Button2.png
img2-azrcdn.newser.com/images/header/ 271 B
539 B 205ms
45ms Image
image/png 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/Back-Arrow-Button2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c0e2de1910c51b9146fec0cc847f64b28a62b86f030e1ea05a7d8b05c130dc9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0NWj2YQAAAAAi3hE4Xnq8QYW5THtXvq84QU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAACv0Eknw1ykSKGOKwomHTo1RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 271

GET
H2 200 logo_white_text4.png
img1-azrcdn.newser.com/images/ 5 KB
5 KB 181ms
47ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/logo_white_text4.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c00e4b444e4089660152f10bb0cf87d45be907756bf33150841afc2f8a69d791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Sat, 08 Aug 2020 15:47:42 GMT
x-azure-ref-originshield: 0xJ32YQAAAACIbhQb2/vSQISXiYgrUmvZQU1TMDRFREdFMTgwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAACtJrUqCBJOTKwt75egv02xRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5004

GET
H2 200 menu2.png
img1-azrcdn.newser.com/images/header/ 265 B
496 B 180ms
47ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/menu2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0orP2YQAAAABJk/sLFk5xQYlbc7d/qkfcQU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAAKSSIA4v6TQYju3a4XapjURlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 265

GET
H2 200 next-active.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 181ms
48ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/next-active.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0ZqT2YQAAAABNpLgdeKiPQqczM7/KBXR9QU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAADFuWpVB90rQ6006Pf6uNO4RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1304

GET
H2 200 next-inactive.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 181ms
47ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/next-inactive.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0Gqb2YQAAAADIc/INNHjQSo0nS0v0UihRQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAACmH8kDiEVyRocz7qx9yvkyRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1096

GET
H2 200 prev-active.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 181ms
48ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/prev-active.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 08GX2YQAAAADE8oMtwFSaS5KPfLxs32kRQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAADFXBt9HLqeS6Xt5jOXiXGJRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1295

GET
H2 200 prev-inactive.png
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 42ms
42ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/prev-inactive.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0orP2YQAAAADVLx0O3mR6QpRpO9S4hz3hQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAADGZamCJNZWTJ/se6+65QBHRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1071

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 51ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/javascript.ashx?file=newser.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 15:51:12 GMT
Content-Encoding: gzip
Age: 1331
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29180
x-tw-cdn: VZ
Last-Modified: Wed, 19 Jan 2022 19:22:23 GMT
Server: ECS (frb/6796)
Etag: "e92bd51c447ba1dbd509a1e23d3a8521+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK / Show response
api.ipify.org/ 24 B
255 B 318ms
102ms XHR
application/json 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-59-199.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 4cf78867a393a23274a43383286db269486ae19f44c656c4d6b9061d14fc95bc

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newser.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 15:51:12 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newser.com
Connection: keep-alive
Content-Length: 24

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 136ms
38ms Script
text/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2592
date: Sun, 30 Jan 2022 15:08:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sun, 30 Jan 2022 17:08:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 62ms
9ms Script
application/javascript 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sun, 06 Feb 2022 15:51:12 GMT

GET
H2 200 infinity.js.aspx Show response
cdn.engine.4dsply.com/Scripts/ 180 KB
57 KB 853ms
801ms Script
application/x-javascript 2606:4700::6810:9e11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e5d27c512409b83116fcdfae6070d5bc7611c9d162f29555944972e9f4a94922

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 30 Jan 2022 15:29:31 GMT
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=900
cf-ray: 6d5bdc404ece92b7-FRA
content-type: application/x-javascript; charset=utf-8
expires: Sun, 30 Jan 2022 16:06:13 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 35ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1be3ecbdae57ca411ab97f5447e69535659b58815f06d4b9790d403f2fc8356b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fqmViVIP6elMr5OLtra8KA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sun, 30 Jan 2022 16:03:46 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: dt6O20TZJTUGEuQ/WpQLc5U3DQDKabUGGUHLZhLe+KPhG0TuAFblcPBh+tQvT6cGSRFrCHeGOAw+IYzmLD8rmQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 671b8362588a1b85d4f6abd23bb19f81
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 30 Jan 2022 15:51:12 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0b3db4c501e348d0d99bda0e802c3163"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 spacer.gif
img1-azrcdn.newser.com/images/ 43 B
282 B 17ms
9ms Image
image/gif 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/spacer.gif
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield: 0ELH1YQAAAADpd4D6Y/CYS5NfEVdrytlvQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAAMnx7xgv+7TYHN/FQa2WD2RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 43

GET
H2 200 Suggest_Icon.png
img1-azrcdn.newser.com/images/ 723 B
979 B 18ms
10ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/Suggest_Icon.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref-originshield: 0Gqb2YQAAAABRIGHYE1fSSIccJhzZbKJ7QU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAACnKWsad/uLRoIx2K9nHX5YRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 723

GET
H2 200 Apple.png
img1-azrcdn.newser.com/images/footer/ 511 B
719 B 17ms
9ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/footer/Apple.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0NWj2YQAAAADCsDstPooZR6A8YSDzPlp8QU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAD6THiauqxmSIlJXmVhlF/DRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 511

GET
H2 200 Android.png
img1-azrcdn.newser.com/images/footer/ 647 B
856 B 16ms
9ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/footer/Android.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 08o72YQAAAABS3SKfnY2SQqzdUPYxaPSeQU1TMDRFREdFMTkxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAADXxCONv1s9SovOjOznEXjeRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 647

GET
H2 200 Windows.png
img1-azrcdn.newser.com/images/footer/ 573 B
782 B 17ms
9ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/footer/Windows.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0HKv2YQAAAACgfVI1EoMIT7rGr70TECYdQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAC/b5Sz20zHRYzo6Af+4TnzRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 573

GET
H2 200 icon-72r2.png
img2-azrcdn.newser.com/images/pwa/ 2 KB
2 KB 23ms
15ms Image
image/png 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/pwa/icon-72r2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
last-modified: Mon, 06 Jul 2020 18:04:15 GMT
x-azure-ref-originshield: 08o72YQAAAADOwRUajlqiTI5t7QsxByMiQU1TMDRFREdFMTkyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAAxaY6tJzizSanHazZv/PewRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2120

GET
H2 200 logo-newser-top.jpg
img2-azrcdn.newser.com/images/ 28 KB
28 KB 147ms
32ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/logo-newser-top.jpg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d8f64ca73c0faaf5d9d1e56252a2d89a23262ea516e7d731adaf5f255d4081a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
last-modified: Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield: 08GX2YQAAAABDazI5UTrpRpiwNQtl7FAdQU1TMDRFREdFMTkxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAA1u1rVodVpTJfjjEGnx080RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 28636

GET
H2 200 Grid_Icon.png
img2-azrcdn.newser.com/images/ 202 B
434 B 23ms
15ms Image
image/png 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/Grid_Icon.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3b556e6cee32c4b0c80ef893fd00eaea90330b3a127a8dffecabbedaf6aba7c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0orP2YQAAAAALKYT/X79KQrdMMoP+jZ5UQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAADUCcvfBX3YT47tW2HYWtg6RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 202

GET
H2 200 Popular_Icon.png
img1-azrcdn.newser.com/images/ 1005 B
1 KB 19ms
11ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/Popular_Icon.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 316f775333e0567a2ea23141b96349652855962025964f0ba097c64c06fb639a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield: 0DnP2YQAAAAABSVw9pIyMT5ShPZgEaV/rQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAC+MfIJ7gXLSL3mSehpaE17RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1005

GET
H2 200 ny-nurses-accused-of-gaming-vaccination-system-for-cash.jpeg
img2-azrcdn.newser.com/square-image/316293-20220130093555-M/ 49 KB
50 KB 153ms
38ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316293-20220130093555-M/ny-nurses-accused-of-gaming-vaccination-system-for-cash.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 93f0ec34228e9151b334449d32c5d17945e69fcf81c2579da92c11ea892d8927

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0orP2YQAAAACIj1/GqHxQTYTVmNrL5n4QQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316293-20220130093555-M/ny-nurses-accused-of-gaming-vaccination-system-for-cash.jpeg
x-azure-ref: 08LP2YQAAAAA9cf17dhWxQIv2iZEY9jw5RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50533
scheme: https

GET
H2 200 california-city-keeps-name-of-confederate-general.jpeg
img2-azrcdn.newser.com/square-image/316291-20220130092255-M/ 55 KB
55 KB 156ms
41ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316291-20220130092255-M/california-city-keeps-name-of-confederate-general.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 73f0cc9da2374ff54b9647526db4113ab88116b60f6e72ca118cd10b291fae24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0orP2YQAAAAAtUr6OlfeKSKaTMFtk8OUHQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316291-20220130092255-M/california-city-keeps-name-of-confederate-general.jpeg
x-azure-ref: 08LP2YQAAAABJFnguadJ7QbnELJt9L+otRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 56056
scheme: https

GET
H2 200 in-5-hours-and-24-minutes-nadal-does-the-extraordinary.jpeg
img1-azrcdn.newser.com/square-image/316298-20220130085510-M/ 45 KB
45 KB 133ms
44ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316298-20220130085510-M/in-5-hours-and-24-minutes-nadal-does-the-extraordinary.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5d4fdbd46d6083390a561c90d45d68d23843ec3053b58e25fa3cc702a87b2b7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0HKv2YQAAAADzDwCnYQYPQaUTquK8B+GyQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316298-20220130085510-M/in-5-hours-and-24-minutes-nadal-does-the-extraordinary.jpeg
x-azure-ref: 08LP2YQAAAACXgFJV1pWLQ4phZPlOzhuRRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45785
scheme: https

GET
H2 200 after-plea-for-assistance-germany-offers-to-send-5k-helmets-to-ukraine.jpeg
img2-azrcdn.newser.com/square-image/316193-20220130082655-M/ 55 KB
55 KB 158ms
43ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316193-20220130082655-M/after-plea-for-assistance-germany-offers-to-send-5k-helmets-to-ukraine.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 134c165adca320e5fe0db5fa155e5bd92a55b44879c0dc3c6b9f0a9fe343d994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0caL2YQAAAAAOVylNCfgkTYhwycQOSvVeQU1TMDRFREdFMTkxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316193-20220130082655-M/after-plea-for-assistance-germany-offers-to-send-5k-helmets-to-ukraine.jpeg
x-azure-ref: 08LP2YQAAAAAH/rh7zhsaQ5cOKB7btq6GRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 56203
scheme: https

GET
H2 200 man-needing-kidney-willing-to-die-rather-than-get-vaccinated.jpeg
img1-azrcdn.newser.com/square-image/316292-20220130081255-M/ 33 KB
33 KB 120ms
30ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316292-20220130081255-M/man-needing-kidney-willing-to-die-rather-than-get-vaccinated.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 798f04d4f989a6f4062a630a1e1d642749391b9d4d8ec416f6554c0bc3bbf408

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 03J72YQAAAADXiXn8MoMFS6s2yuGx1joMQU1TMDRFREdFMTkxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316292-20220130081255-M/man-needing-kidney-willing-to-die-rather-than-get-vaccinated.jpeg
x-azure-ref: 08LP2YQAAAADE9talSyQbRpc1F2Z7l9f2RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 33525
scheme: https

GET
H2 200 a-notorious-cocaine-dealer-vanished-for-a-time.jpeg
img1-azrcdn.newser.com/square-image/316174-20220130091303-M/ 53 KB
54 KB 119ms
29ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316174-20220130091303-M/a-notorious-cocaine-dealer-vanished-for-a-time.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e10b19c837b2c17d7e4b3cb62a9646323d4d0829b88bdb922aa6296dbca9e4cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0HKv2YQAAAAB8Ya+J6AL5Q7Q25O8vxRBWQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316174-20220130091303-M/a-notorious-cocaine-dealer-vanished-for-a-time.jpeg
x-azure-ref: 08LP2YQAAAAA6o+DQmDYlSLm7zl2oPEJRRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 54700
scheme: https

GET
H2 200 nebraskas-mascot-loses-potentially-problematic-gesture.jpeg
img1-azrcdn.newser.com/square-image/316290-20220130071510-M/ 52 KB
52 KB 130ms
41ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316290-20220130071510-M/nebraskas-mascot-loses-potentially-problematic-gesture.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2dd76b128ad19839d224eb21e2f208e9894bea040b9429bf695eb32d511e6e21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0wZz2YQAAAABzSMEk7L+US5hg9cCrxR4DQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316290-20220130071510-M/nebraskas-mascot-loses-potentially-problematic-gesture.jpeg
x-azure-ref: 08LP2YQAAAACPFp3HDwWGRYsErk5dUyAiRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 52758
scheme: https

GET
H2 200 mass-casualty-crash-kills-9-in-north-las-vegas.jpeg
img1-azrcdn.newser.com/square-image/316296-20220130064640-M/ 40 KB
41 KB 114ms
24ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316296-20220130064640-M/mass-casualty-crash-kills-9-in-north-las-vegas.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d27516c986b068ec31188f9787d4489255df48361ff089c815b8c2aec5a1bb9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0Hav2YQAAAACusKIYU7LXR5l+JF8LFcuCQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316296-20220130064640-M/mass-casualty-crash-kills-9-in-north-las-vegas.jpeg
x-azure-ref: 08LP2YQAAAADFOAcHORLmRqusGnb+YJsURlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41197
scheme: https

GET
H2 200 governor-invites-critics-to-kiss-his-bulldogs-hiney.jpeg
img2-azrcdn.newser.com/square-image/316249-20220130061956-M/ 52 KB
53 KB 126ms
11ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316249-20220130061956-M/governor-invites-critics-to-kiss-his-bulldogs-hiney.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8cd898214e275702c8334ad5a771326582c3298ddf418760b09b8b6d043289d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0gIT2YQAAAABLwlKwTXycRbL17CtS5BIDQU1TMDRFREdFMTgxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316249-20220130061956-M/governor-invites-critics-to-kiss-his-bulldogs-hiney.jpeg
x-azure-ref: 08LP2YQAAAABk+XYVf6YwQqtAMsZA0MwTRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 53749
scheme: https

GET
H2 200 north-korea-tests-missile-its-longest-range-since-2017.jpeg
img1-azrcdn.newser.com/square-image/316288-20220130054956-M/ 41 KB
41 KB 99ms
9ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316288-20220130054956-M/north-korea-tests-missile-its-longest-range-since-2017.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3aaa5c9fc7d99f8a956ca2481a72f36d142246ad42f68d6ba90ac4edb95a7515

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0Gqb2YQAAAADMqHVvMnZATq7Lju/3mXkvQU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316288-20220130054956-M/north-korea-tests-missile-its-longest-range-since-2017.jpeg
x-azure-ref: 08LP2YQAAAADB0TykQBY2S6T2iWn2EHEZRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41909
scheme: https

GET
H2 200 protest-convoy-reaches-ottawa.jpeg
img1-azrcdn.newser.com/square-image/316286-20220129193112-M/ 45 KB
45 KB 112ms
22ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316286-20220129193112-M/protest-convoy-reaches-ottawa.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bb9b673f70e36909c34e071263c99d8fdade84b1ced55968c3b658ea5c3f0fa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 08Ir2YQAAAADikXXgi8z7ToUuupXDpKeoQU1TMDRFREdFMTgxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316286-20220129193112-M/protest-convoy-reaches-ottawa.jpeg
x-azure-ref: 08LP2YQAAAAAZ2VuALLVSSZsGG+HDUUzgRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 46080
scheme: https

GET
H2 200 irish-fishing-industry-objects-to-russian-navys-plans.jpeg
img2-azrcdn.newser.com/square-image/316169-20220129180520-M/ 52 KB
52 KB 132ms
17ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316169-20220129180520-M/irish-fishing-industry-objects-to-russian-navys-plans.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 41f9fdd28cd3937d5e42d631b42b9779215ffafe8bf13e9472c4583d94265f7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0Gab2YQAAAADGMP54Uwq9Q5InW5DoHRDEQU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316169-20220129180520-M/irish-fishing-industry-objects-to-russian-navys-plans.jpeg
x-azure-ref: 08LP2YQAAAADmZHnbqccrRbZxt8LFwNKaRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 52989
scheme: https

GET
H2 200 ContestsGrid2.png
img1-azrcdn.newser.com/images/contests/ 10 KB
10 KB 135ms
46ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/contests/ContestsGrid2.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a67c13f917d49cb6abae4b521e55f61a83da2c4b5ba4393b4e59acc954be1c20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 01 Nov 2021 21:01:58 GMT
x-azure-ref-originshield: 0Hav2YQAAAAC5AC5Ae+vPSIy73biTzLOOQU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAACdqUWi68EyRKVZw2E53vguRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9851

GET
H2 200 raducanu-says-stalker-took-her-freedom.jpeg
img1-azrcdn.newser.com/square-image/316280-20220129180956-M/ 38 KB
38 KB 127ms
37ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316280-20220129180956-M/raducanu-says-stalker-took-her-freedom.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 43a9d053c33ab061ab1cc70ddeebb86270a32c7db64742a1326852d81c0df9e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0eGv2YQAAAACltEHgFluJR4/qTLEW38nGQU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316280-20220129180956-M/raducanu-says-stalker-took-her-freedom.jpeg
x-azure-ref: 08LP2YQAAAABXRyVOj+okQLA0VZRLRZu4RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 38446
scheme: https

GET
H2 200 russia-delivers-blood-supplies-to-border.jpeg
img1-azrcdn.newser.com/square-image/316260-20220129173956-M/ 59 KB
59 KB 127ms
38ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316260-20220129173956-M/russia-delivers-blood-supplies-to-border.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 059e5a44ec9f8bab93a45cbf617ac529605f99891cfe7f5e9cb19a5b4cf9cdfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 08Ir2YQAAAAD8j1rJ6WxGTZm/qeHMD8veQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316260-20220129173956-M/russia-delivers-blood-supplies-to-border.jpeg
x-azure-ref: 08LP2YQAAAAClriJX1OWNQ5h8BF1pYVM9RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 60296
scheme: https

GET
H2 200 playboy-strongly-supports-hugh-hefner-accusers.jpeg
img2-azrcdn.newser.com/square-image/316123-20220129164056-M/ 54 KB
54 KB 148ms
33ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316123-20220129164056-M/playboy-strongly-supports-hugh-hefner-accusers.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d8396d650599691373314b1cf6fb728df811aba509f8a9bfc0b2499a89da3aab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0eGv2YQAAAABB2oWk7hFDRYlXzhBGxpsiQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316123-20220129164056-M/playboy-strongly-supports-hugh-hefner-accusers.jpeg
x-azure-ref: 08LP2YQAAAAC1W+g+EY0XSIu0cgl+XPWBRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55162
scheme: https

GET
H2 200 for-sale-former-cia-black-site.jpeg
img2-azrcdn.newser.com/square-image/316061-20220129163156-M/ 50 KB
51 KB 140ms
25ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316061-20220129163156-M/for-sale-former-cia-black-site.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4a5d81507b6b90d018c7b1ad981d08416582cd454c72a8d93ece700f92f24936

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0caL2YQAAAABQiL1x3+1gRrHIqit9wdDIQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316061-20220129163156-M/for-sale-former-cia-black-site.jpeg
x-azure-ref: 08LP2YQAAAAD3N7nj7mV3R5oVvyW2GjYYRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51525
scheme: https

GET
H2 200 9-officers-open-fire-on-man-standing-along-highway.jpeg
img1-azrcdn.newser.com/square-image/316274-20220129175636-M/ 43 KB
43 KB 133ms
44ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316274-20220129175636-M/9-officers-open-fire-on-man-standing-along-highway.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b4fb0434eba77c4e60becbf6a700e1b1f53f8ecc7331a59fb38f1d8771b7efa6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0DnP2YQAAAABIn02eAK9dSbyOHUzAPDTmQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316274-20220129175636-M/9-officers-open-fire-on-man-standing-along-highway.jpeg
x-azure-ref: 08LP2YQAAAAChRRPl6lGhTLhicPU5GSyIRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43839
scheme: https

GET
H2 200 tom-brady-wraps-up-career-with-record-7-super-bowl-titles.jpeg
img2-azrcdn.newser.com/square-image/316285-20220129183408-M/ 54 KB
55 KB 147ms
31ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316285-20220129183408-M/tom-brady-wraps-up-career-with-record-7-super-bowl-titles.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bd51c6d77f3f20cc41d472110d0bde8dbf406f754773eec6103d40bf5c9df0c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0Gab2YQAAAABDUG+VuD8TQJw2C9O2iK+JQU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316285-20220129183408-M/tom-brady-wraps-up-career-with-record-7-super-bowl-titles.jpeg
x-azure-ref: 08LP2YQAAAAAsxeb+s83QQ7eOBUjavdJwRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55518
scheme: https

GET
H2 200 kansas-man-accused-of-threatening-biden.jpeg
img1-azrcdn.newser.com/square-image/316266-20220129144511-M/ 45 KB
45 KB 131ms
42ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316266-20220129144511-M/kansas-man-accused-of-threatening-biden.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 04321424ef276f3762e2cc09dd99a03188d641f3a2cd02d0c8c08b7b95799f24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0caL2YQAAAACQ+h7e7TcCSqjGRf6hy50dQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316266-20220129144511-M/kansas-man-accused-of-threatening-biden.jpeg
x-azure-ref: 08LP2YQAAAABbC+kKiAKKTL+VaYr6vPKURlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45899
scheme: https

GET
H2 200 china-is-snatching-up-cobalt-thats-where-idaho-comes-in.jpeg
img2-azrcdn.newser.com/square-image/316111-20220129140241-M/ 54 KB
55 KB 153ms
38ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316111-20220129140241-M/china-is-snatching-up-cobalt-thats-where-idaho-comes-in.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 02990729bbbb066fccf5f274626c1f0f7e7edbaeaa2d15451fb7062a7264377b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 08o72YQAAAAAA+2NSrHQzQ4EBEVVBsZZvQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316111-20220129140241-M/china-is-snatching-up-cobalt-thats-where-idaho-comes-in.jpeg
x-azure-ref: 08LP2YQAAAAA5CvOK5yUfSrXeMUukUkGiRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55657
scheme: https

GET
H2 200 mitt-romney-has-covid-will-isolate-at-home.jpeg
img1-azrcdn.newser.com/square-image/316270-20220129133956-M/ 39 KB
40 KB 132ms
43ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316270-20220129133956-M/mitt-romney-has-covid-will-isolate-at-home.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7d900ebc614ac1d2adfe556578ff35cd8ba0b821dbf70aefe901684e22e29008

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0DnP2YQAAAABnqMGt3H4nSZ/CueZwVi86QU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316270-20220129133956-M/mitt-romney-has-covid-will-isolate-at-home.jpeg
x-azure-ref: 08LP2YQAAAACq6ZnTiHVbTIxXTUbItYctRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40268
scheme: https

GET
H2 200 surgeon-tried-to-sell-bataclan-survivors-x-ray-as-an-nft.jpeg
img2-azrcdn.newser.com/square-image/316035-20220129123556-M/ 39 KB
39 KB 154ms
39ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316035-20220129123556-M/surgeon-tried-to-sell-bataclan-survivors-x-ray-as-an-nft.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0e95603a1b75398990e8e6c8396068f556799d4efcbe58671ddceb1ab5ba0fc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0Hav2YQAAAABtZXaNVeEeSqtdLs/LWRdkQU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316035-20220129123556-M/surgeon-tried-to-sell-bataclan-survivors-x-ray-as-an-nft.jpeg
x-azure-ref: 08LP2YQAAAAAkczW2t4MjQpbNb626AfEQRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 39502
scheme: https

GET
H2 200 petition-questions-message-of-f-logo.jpeg
img2-azrcdn.newser.com/square-image/316279-20220129140526-M/ 49 KB
50 KB 146ms
30ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316279-20220129140526-M/petition-questions-message-of-f-logo.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d5ee43ffd22efce6a405cb805a86f3f6c28c7ed9b4a9427a2e10fad69accf2ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0mTj2YQAAAACvnGhn/9TCSqcZ+USMKCKyQU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316279-20220129140526-M/petition-questions-message-of-f-logo.jpeg
x-azure-ref: 08LP2YQAAAADx6c68XlHqSKz7AW3zMD6yRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50549
scheme: https

GET
H2 200 college-student-dies-after-exposure-to-sub-zero-temps.jpeg
img2-azrcdn.newser.com/square-image/316267-20220129114126-M/ 50 KB
51 KB 152ms
36ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316267-20220129114126-M/college-student-dies-after-exposure-to-sub-zero-temps.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b889e344c4f8d84fbcb58cea388201a47caaab2ab9fcb6769a01b2152b9304e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0Hav2YQAAAACMNGuAF5fNSIVN7Lq/ZWK5QU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316267-20220129114126-M/college-student-dies-after-exposure-to-sub-zero-temps.jpeg
x-azure-ref: 08LP2YQAAAADBUrS/m1EET6bM9cytU+JBRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51652
scheme: https

GET
H2 200 house_grid_iphone.png
img2-azrcdn.newser.com/images/ 16 KB
16 KB 23ms
15ms Image
image/png 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/house_grid_iphone.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44da54fd69c8966482bc49d3744fff0a7fd944dc2dd5732d9f710da7df4329bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0l3z2YQAAAACmoso1ZY4fToWDxzg7sRY6QU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAABqFZHTclluTpizaUTHw830RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 16207

GET
H2 200 his-brain-ailment-wasnt-cancer-it-was-mold.jpeg
img1-azrcdn.newser.com/square-image/316242-20220129111041-M/ 63 KB
64 KB 19ms
11ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316242-20220129111041-M/his-brain-ailment-wasnt-cancer-it-was-mold.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8db3cdae20a2cc55562a300687c0e6863a51e53c9735457ad313c09f501422c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0caL2YQAAAAAIgBgbEkF2Q4khGe5UZxvnQU1TMDRFREdFMTkxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316242-20220129111041-M/his-brain-ailment-wasnt-cancer-it-was-mold.jpeg
x-azure-ref: 08LP2YQAAAACWGhlZuV5ASYCPVJM/0/+RRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 65001
scheme: https

GET
H2 200 britneys-new-message-to-sister-you-are-scum-jamie-lynn.jpeg
img1-azrcdn.newser.com/square-image/316278-20220129105241-M/ 46 KB
46 KB 17ms
10ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316278-20220129105241-M/britneys-new-message-to-sister-you-are-scum-jamie-lynn.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bddc841f91f5c39676abff8eed53be5c5a23cb2fde6051b72caf1b758e487d64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 08Ir2YQAAAABWGSHoqr9ZSpvseGL4JFNFQU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316278-20220129105241-M/britneys-new-message-to-sister-you-are-scum-jamie-lynn.jpeg
x-azure-ref: 08LP2YQAAAAC5pKZwFDSwTotUqO31uR/bRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47198
scheme: https

GET
H2 200 observant-mail-carrier-saves-homeowners-life.jpeg
img1-azrcdn.newser.com/square-image/316264-20220129104345-M/ 44 KB
44 KB 28ms
20ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316264-20220129104345-M/observant-mail-carrier-saves-homeowners-life.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ec80b688833a13ec1a4799e36cfb5d3d3cf8ce76917ad2b36a32cda0e9386c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0orP2YQAAAACFOT4xaL/JQ6JurKkM0jXZQU1TMDRFREdFMTkwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316264-20220129104345-M/observant-mail-carrier-saves-homeowners-life.jpeg
x-azure-ref: 08LP2YQAAAACTA+hAfhOSSJIZcNfZuXcZRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44918
scheme: https

GET
H2 200 major-winter-storm-slams-east-coast.jpeg
img2-azrcdn.newser.com/square-image/316277-20220129094457-M/ 49 KB
50 KB 30ms
22ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316277-20220129094457-M/major-winter-storm-slams-east-coast.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 286e0981e7354c418fc0334ddf4b3b8fb930b623c5b67d41ed1a5bfe6fbaf2c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0caL2YQAAAADdreyioIFXQLWaUk8x6/csQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316277-20220129094457-M/major-winter-storm-slams-east-coast.jpeg
x-azure-ref: 08LP2YQAAAACWo9zr3FJLTYPLOyVsZhaDRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50377
scheme: https

GET
H2 200 joni-mitchell-im-leaving-spotify-too.jpeg
img1-azrcdn.newser.com/square-image/316262-20220129090111-M/ 49 KB
49 KB 31ms
23ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316262-20220129090111-M/joni-mitchell-im-leaving-spotify-too.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ff76febbb198182768c97dc65c99a48194b9f837e8aea60b94c6f9b776e51977

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0eWv2YQAAAABFN114emUwTIp1e/PLLW9rQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316262-20220129090111-M/joni-mitchell-im-leaving-spotify-too.jpeg
x-azure-ref: 08LP2YQAAAACdGPGvtLf+QIfU+aSC0zyfRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 49982
scheme: https

GET
H2 200 meet-the-great-lost-female-hacker-of-the-1980s.jpeg
img1-azrcdn.newser.com/square-image/316168-20220129083256-M/ 56 KB
56 KB 29ms
22ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316168-20220129083256-M/meet-the-great-lost-female-hacker-of-the-1980s.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fa2f0e9c789e85c558c08a5b84edbc14ebd795915d13987a53032214e8fc3b1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0orP2YQAAAACC7QFFHJbARZuoEIsay+s8QU1TMDRFREdFMTkxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316168-20220129083256-M/meet-the-great-lost-female-hacker-of-the-1980s.jpeg
x-azure-ref: 08LP2YQAAAAD64y8Vq7aHSYWVUINzyeOMRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 57340
scheme: https

GET
H2 200 stephen-breyer-its-been-a-great-honor.jpeg
img1-azrcdn.newser.com/square-image/316200-20220129081256-M/ 47 KB
48 KB 29ms
21ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316200-20220129081256-M/stephen-breyer-its-been-a-great-honor.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: af9661ddc030cee02bfbd41baf7608e14327ce95a3199e6714dd8d3a12f21c71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0orP2YQAAAADQVd7SD8LQQaD/Civ+r1jUQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316200-20220129081256-M/stephen-breyer-its-been-a-great-honor.jpeg
x-azure-ref: 08LP2YQAAAABMIRWt51cWQolmibktXL7jRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48471
scheme: https

GET
H2 200 dads-life-changing-find-englands-oldest-gold-coin.jpeg
img1-azrcdn.newser.com/square-image/316086-20220129071430-M/ 57 KB
57 KB 25ms
18ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316086-20220129071430-M/dads-life-changing-find-englands-oldest-gold-coin.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 69c11828cc2905f5ddbfd2b0d8f78a685c5b7a3502f5235887a22c91b5da6ee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 08o72YQAAAACcP4i4xeGqQqAvAjtAMdXoQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316086-20220129071430-M/dads-life-changing-find-englands-oldest-gold-coin.jpeg
x-azure-ref: 08LP2YQAAAAAKdjXsj/TJS5UPVSK/1+MiRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 58564
scheme: https

GET
H2 200 aussie-wins-australian-open-for-first-time-in-44-years.jpeg
img2-azrcdn.newser.com/square-image/316273-20220129074411-M/ 40 KB
41 KB 27ms
20ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316273-20220129074411-M/aussie-wins-australian-open-for-first-time-in-44-years.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: da4cf27b9fe0ae190ef96fdbd0d9cc1a69d561ae0172d4d38bf10380d4d33957

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 08Ir2YQAAAAB3hcA38qu/RpOTcf5DBLTcQU1TMDRFREdFMTkxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316273-20220129074411-M/aussie-wins-australian-open-for-first-time-in-44-years.jpeg
x-azure-ref: 08LP2YQAAAAAwsZGOsi6uTI+S17HEz8YCRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41332
scheme: https

GET
H2 200 this-nation-kept-covid-out-now-a-state-of-disaster.jpeg
img2-azrcdn.newser.com/square-image/316269-20220129085739-M/ 45 KB
45 KB 26ms
19ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316269-20220129085739-M/this-nation-kept-covid-out-now-a-state-of-disaster.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cd894fd0d07d985171809c5a1bc653a3388ced6b2e32a44e53c63fc1ea30cec9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0jC72YQAAAABZ9Yt0ZFn3SZZmprI7b5KzQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316269-20220129085739-M/this-nation-kept-covid-out-now-a-state-of-disaster.jpeg
x-azure-ref: 08LP2YQAAAAAnzFZ00QR0SqERskN96f5LRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45569
scheme: https

GET
H2 200 joe-exotic-wants-your-prayers.jpeg
img2-azrcdn.newser.com/square-image/312977-20220129065556-M/ 45 KB
45 KB 28ms
21ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/312977-20220129065556-M/joe-exotic-wants-your-prayers.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c7dff2266b8de79be9543dc8c2aff1b841cdfd58ac0d59c082d9e6f3db5d43f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0orP2YQAAAABbESbX8BkqSodSH0Zq/obAQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/312977-20220129065556-M/joe-exotic-wants-your-prayers.jpeg
x-azure-ref: 08LP2YQAAAADchkuPRE/jTLRX6NjLjEmXRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45743
scheme: https

GET
H2 200 biden-talks-infrastructure-after-bridge-collapses.jpeg
img2-azrcdn.newser.com/square-image/316259-20220128181740-M/ 53 KB
53 KB 31ms
23ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316259-20220128181740-M/biden-talks-infrastructure-after-bridge-collapses.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a62348491ab317874ea90c67adea37df3ca6ff3c768af7c293c019ebae858d42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0orP2YQAAAAB+Ow7kuO7KTJqvS81Bb5nhQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316259-20220128181740-M/biden-talks-infrastructure-after-bridge-collapses.jpeg
x-azure-ref: 08LP2YQAAAACFO3Kr/AM3RJCEQ/BCNL0xRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 53805
scheme: https

GET
H2 200 house_grid_rundown.png
img1-azrcdn.newser.com/images/ 5 KB
5 KB 18ms
11ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/house_grid_rundown.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 21349b60e999f29bb11fd1384e57ea43faf7bb39d7822e81c1e30de505663228

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0Gqb2YQAAAAC1ORTdLeMFQ7AU3V2FyHeTQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAC/XUm3oYLmTK3ZMhhEfUE5RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5120

GET
H2 200 swastikas-appear-at-dcs-union-station.jpeg
img1-azrcdn.newser.com/square-image/316258-20220128171442-M/ 40 KB
41 KB 32ms
24ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316258-20220128171442-M/swastikas-appear-at-dcs-union-station.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 78df9e9e47f5809e3438e700f53dd96ae52a3751c8b6f15f68c16f98f8aab900

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0Gqb2YQAAAAAS+oKiq7+ATpZ1NWSsTN/OQU1TMDRFREdFMTkxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316258-20220128171442-M/swastikas-appear-at-dcs-union-station.jpeg
x-azure-ref: 08LP2YQAAAAATu62PUVguSahnNuUUBnWuRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41203
scheme: https

GET
H2 200 trial-in-notorious-jewel-heist-gets-underway.jpeg
img1-azrcdn.newser.com/square-image/316236-20220128164327-M/ 46 KB
47 KB 23ms
16ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316236-20220128164327-M/trial-in-notorious-jewel-heist-gets-underway.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4a517e84097a36e411922caf77510661b58ae21755bd2927057916420e0c4dc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0l3z2YQAAAACbPcnc3uGDTrg5cw9RcAn2QU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316236-20220128164327-M/trial-in-notorious-jewel-heist-gets-underway.jpeg
x-azure-ref: 08LP2YQAAAAAWCQ/IT0x7QZP/Su0VZHXjRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47615
scheme: https

GET
H2 200 lawsuit-says-chris-brown-raped-woman-aboard-yacht.jpeg
img2-azrcdn.newser.com/square-image/316255-20220128160342-M/ 44 KB
45 KB 25ms
17ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316255-20220128160342-M/lawsuit-says-chris-brown-raped-woman-aboard-yacht.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: da8a4f547b33fd0f6139098d6945e4a4868fcad70204ab34aa4e49bb41a90c01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 08o72YQAAAABq0SI/arfyQpdbHS9tFw0mQU1TMDRFREdFMTgwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316255-20220128160342-M/lawsuit-says-chris-brown-raped-woman-aboard-yacht.jpeg
x-azure-ref: 08LP2YQAAAACfA+ncrgbQQKr6Ib3WpJhuRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45407
scheme: https

GET
H2 200 apples-surge-helps-snap-markets-losing-streak.jpeg
img1-azrcdn.newser.com/square-image/316256-20220128155832-M/ 33 KB
33 KB 26ms
19ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316256-20220128155832-M/apples-surge-helps-snap-markets-losing-streak.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9a1c965417bb6122a80900a20c8fdfb7cf87cd495713c142d93d3c07a64e75cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0caL2YQAAAABWLxlmTjY+TaRV8ntdMNZWQU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316256-20220128155832-M/apples-surge-helps-snap-markets-losing-streak.jpeg
x-azure-ref: 08LP2YQAAAABqD5EdgcnwQ68s3GShV7koRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 33806
scheme: https

GET
H2 200 terrorists-note-on-doomed-pms-kidnapping-sells-for-big-bucks.jpeg
img2-azrcdn.newser.com/square-image/316221-20220128150542-M/ 54 KB
55 KB 30ms
22ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316221-20220128150542-M/terrorists-note-on-doomed-pms-kidnapping-sells-for-big-bucks.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0629f743a7f2e66a09dbb03908062b6a53a33133525eb19471b930a048e6aa43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 08Ir2YQAAAABrV3fdWLihQZzZ3ZQG5lQSQU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316221-20220128150542-M/terrorists-note-on-doomed-pms-kidnapping-sells-for-big-bucks.jpeg
x-azure-ref: 08LP2YQAAAAD7tCX7Oyc6RZOAM6tmLPADRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55737
scheme: https

GET
H2 200 man-going-to-prison-after-groping-flight-attendant.jpeg
img1-azrcdn.newser.com/square-image/316234-20220128143327-M/ 51 KB
51 KB 30ms
23ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316234-20220128143327-M/man-going-to-prison-after-groping-flight-attendant.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1fa72666b437fd3fc5a9283ad1b7d64ca681f2a4e7508d1de0eaad6e0bf10750

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0orP2YQAAAABlKTSiylEWRI6t79I7KYHGQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316234-20220128143327-M/man-going-to-prison-after-groping-flight-attendant.jpeg
x-azure-ref: 08LP2YQAAAABX+iyLyd+5TZQUUkTTotAsRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51945
scheme: https

GET
H2 200 pentagon-pressures-russia-to-walk-away.jpeg
img1-azrcdn.newser.com/square-image/316254-20220128142142-M/ 42 KB
42 KB 35ms
27ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316254-20220128142142-M/pentagon-pressures-russia-to-walk-away.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d4b287e248a1bb66341367e98c58dd2c3ea543ca857717ddb94485a174dcdb63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 08o72YQAAAABF4ovVTwmURIml/787rmydQU1TMDRFREdFMTgxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316254-20220128142142-M/pentagon-pressures-russia-to-walk-away.jpeg
x-azure-ref: 08LP2YQAAAADCairLs/OvSbNBtEUOpoD7RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 42802
scheme: https

GET
H2 200 dad-whose-kids-died-in-flood-charged-with-manslaughter.jpeg
img1-azrcdn.newser.com/square-image/289212-20220128141818-M/ 51 KB
51 KB 33ms
25ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/289212-20220128141818-M/dad-whose-kids-died-in-flood-charged-with-manslaughter.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f807b7652390cbf0f3caef0abc752e93c026cf7d2c46fa8e20b9e3f3a2dfd867

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0DnP2YQAAAADetildTbNyR4yiwxDozuwBQU1TMDRFREdFMTgxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/289212-20220128141818-M/dad-whose-kids-died-in-flood-charged-with-manslaughter.jpeg
x-azure-ref: 08LP2YQAAAABPZQfgJzTFQIQHNYtx+R0NRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51822
scheme: https

GET
H2 200 aid-ships-tonga-challenge-no-contact.jpeg
img1-azrcdn.newser.com/square-image/316228-20220128134242-M/ 44 KB
44 KB 37ms
29ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316228-20220128134242-M/aid-ships-tonga-challenge-no-contact.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b427bf3f448caf3677fabce3ccdbfd6b0d832362665297b8c392efec64c6ee4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0caL2YQAAAAAua62LfxvqT6Qn24pdD3vaQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316228-20220128134242-M/aid-ships-tonga-challenge-no-contact.jpeg
x-azure-ref: 08LP2YQAAAABoRAUPuM9cQLwkwu7lpl9lRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45118
scheme: https

GET
H2 200 musk-supports-truckers-miffed-at-canadas-vax-mandate.jpeg
img1-azrcdn.newser.com/square-image/316248-20220128133427-M/ 39 KB
40 KB 36ms
28ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316248-20220128133427-M/musk-supports-truckers-miffed-at-canadas-vax-mandate.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 237a4fa7a3bc563cc5806f5d26917eb241fb6f2176fcc094e342c473016cedf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0IGX2YQAAAABeMCFSQNvuQ7lC+LYrxZoQQU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316248-20220128133427-M/musk-supports-truckers-miffed-at-canadas-vax-mandate.jpeg
x-azure-ref: 08LP2YQAAAAC0t6qVRQa6RbtjQAiqt7gfRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40204
scheme: https

GET
H2 200 city-calls-out-fire-chief-who-nabbed-200k-in-injury-pay.jpeg
img2-azrcdn.newser.com/square-image/316201-20220128140222-M/ 35 KB
36 KB 29ms
21ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316201-20220128140222-M/city-calls-out-fire-chief-who-nabbed-200k-in-injury-pay.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e07fac4323e918dbe03b5112e649861c72aeb3e596ef9acbedeaaec547f529ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0caL2YQAAAACMT8yRf/0OTpSk10DRVwxIQU1TMDRFREdFMTkwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316201-20220128140222-M/city-calls-out-fire-chief-who-nabbed-200k-in-injury-pay.jpeg
x-azure-ref: 08LP2YQAAAADf56uekoP/TK2aWzcnRcLFRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 36265
scheme: https

GET
H2 200 toyota-working-on-a-moon-car.jpeg
img2-azrcdn.newser.com/square-image/316247-20220128124642-M/ 35 KB
35 KB 32ms
25ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316247-20220128124642-M/toyota-working-on-a-moon-car.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e40d12b256074d2ba43d1e8098a8bc039e3197ce0fd446a5ced2b9234f741d5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0DnP2YQAAAABYmw9UQ24sSpEkSEUCk4E/QU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316247-20220128124642-M/toyota-working-on-a-moon-car.jpeg
x-azure-ref: 08LP2YQAAAAAHnB9xSi77Q59+73wsrX9tRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 35631
scheme: https

GET
H2 200 / Show response
loadus.exelator.com/load/ 124 B
506 B 129ms
28ms Script
application/x-javascript 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://loadus.exelator.com/load/?p=320&g=001&c=700151&ctg=home&subctg=&ag=&gd=
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: 1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
content-type: application/x-javascript;charset=UTF-8
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 dpx.js Show response
i.simpli.fi/ 3 KB
4 KB 70ms
26ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=3056&m=1&referrer=http://www.newser.com

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Sun, 30 Jan 2022 15:51:12 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3095
x-request-id: Fs8XLVuwypDSvzwKPmTl
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 abp.png
img2-azrcdn.newser.com/images/ 2 KB
2 KB 33ms
26ms Image
image/png 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/abp.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
last-modified: Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref-originshield: 0xZ32YQAAAAD9GO/yC9VFS4YSiQlhOB7hQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAACa08Yu/t5QIE/p49xdP4XRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1639

GET
H2 200 ubo.png
img2-azrcdn.newser.com/images/ 2 KB
2 KB 33ms
26ms Image
image/png 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/ubo.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
last-modified: Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref-originshield: 015f2YQAAAACxXQrEY30wR6p1YX2QsNHCQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAB40not5mVLSbUv34Nnk5LARlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1613

GET
H2 200 ghostery.png
img1-azrcdn.newser.com/images/ 2 KB
2 KB 35ms
28ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/ghostery.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0orP2YQAAAABDcoKhrzBrQ53Un76JaiZMQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAB5hbg9pAImTpncRvR7GroaRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1612

GET
H/1.1 200
OK jfYYxHwzsD.js Show response
newser.com/HsF05_E/eTjWmafZYl/Awn/ 13 KB
6 KB 505ms
218ms Script
text/javascript 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://newser.com/HsF05_E/eTjWmafZYl/Awn/jfYYxHwzsD.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2c51afdc0fd95e6e553d0a5f3ecc8f517f4f6efb240053d5bcee8cb43e811b58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:51:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
X-Tornado: yes
Content-Length: 5742

GET
H2 200 calendar_close.png
img1-azrcdn.newser.com/images/ 303 B
534 B 35ms
28ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/calendar_close.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref-originshield: 0aqT2YQAAAABvgwAodQuSQLoLgdG9Vg9JQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAABENh8Hc4hNQrzPqdPVUs6TRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 303

GET
H2 200 left_month.png
img1-azrcdn.newser.com/images/ 274 B
519 B 36ms
29ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/left_month.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield: 08o72YQAAAADdZ578E7TdTIvOUfkKyM6nQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAADnojRAaVUFT5dWksEbZd4hRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 274

GET
H2 200 right_month.png
img2-azrcdn.newser.com/images/ 259 B
492 B 33ms
26ms Image
image/png 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/right_month.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
last-modified: Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield: 0Hav2YQAAAABtK8JqQLi1T5d04O+h0IwaQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAAMSfoA3WIaT6SsXZjCZQ3XRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 259

GET
H2 200 newsern2.png
img2-azrcdn.newser.com/images/header/ 782 B
993 B 125ms
10ms Image
image/png 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/newsern2.png
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3f9ebf128c9383c5fc8f3a73439f0e2dfb997f34318383e554b124e37c319c2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0NWj2YQAAAAABWhExVNaOQLG/NmmUyfqTQU1TMDRFREdFMTkyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAD5nYWKUKk4QKwEPzlZYiQURlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 782

GET
H2 200 triangle_white_down.svg
img1-azrcdn.newser.com/images/header/ 618 B
878 B 119ms
29ms Image
image/svg+xml 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/triangle_white_down.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0jC72YQAAAABorklAzfQpR7Hl2nny8R+pQU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAAdkw+9zHrFR5oreezA0joSRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 618

GET
H2 200 user_white.svg
img2-azrcdn.newser.com/images/header/ 1 KB
866 B 152ms
37ms Image
image/svg+xml 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/user_white.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
content-encoding: br
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0NWj2YQAAAAC8Xa5Df8s9RLMMLOZZefz1QU1TMDRFREdFMTgwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAAinloWR0dqT5FvS7BV8nmJRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 search_white.svg
img2-azrcdn.newser.com/images/header/ 916 B
1 KB 124ms
9ms Image
image/svg+xml 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/search_white.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 08o72YQAAAADoM+yjpExQRZAhkLpUXmz/QU1TMDRFREdFMTkyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAAVd4Q11hPWRqhsWobj4uJ3RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 916

GET
H2 200 info-white.png
img2-azrcdn.newser.com/images/header/ 433 B
649 B 124ms
9ms Image
image/png 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/info-white.png
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0l3z2YQAAAADGTTPUVaL2QacUt6CTcqSdQU1TMDRFREdFMTgxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAAi7Dy86sOeQK1D3vNGI1fNRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 433

GET
H2 200 settings2-white.jpg
img1-azrcdn.newser.com/images/header/ 1 KB
1 KB 130ms
41ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/header/settings2-white.jpg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 0gJ/2YQAAAAAYaUh422zCSY3UhinH9FqsQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAAAlCWgBL1hzTIvKhmIowsQlRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1244

GET
H2 200 newsletter_white.svg
img2-azrcdn.newser.com/images/header/ 912 B
1 KB 124ms
9ms Image
image/svg+xml 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/images/header/newsletter_white.svg
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20220112_1100/stylesheet.ashx?file=responsive.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static1-azrcdn.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
last-modified: Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield: 08Ir2YQAAAABB3pE/6vRYQZmXJf6nIjpoQU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAADhY2zujwUkQq6IKZDDw4n8RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 912

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 153ms
40ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 338093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 17:56:19 GMT

GET
H/1.1 200
OK controlpage.aspx Show response
www.newser.com/ 83 KB
14 KB 168ms
167ms XHR
text/html 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/controlpage.aspx?control=storysquarecontainer&sectionid=1&SITEPAGENAME=Home&donotshowads=&gridrownum=49&squarewidth=320&squareheight=213&numgridrows=48&numgridcols=1&hardsoft=5&StartDate=&EndDate=&PickADate=&ShowPopular=N&PopularType=None&viewhardsoft=n&ajaxcall=y&autorefreshcall=n&lastrefreshdate=1/30/2022%209:51:12%20AM&firststorypubdate=1/30/2022%209:35:00%20AM&siteid=0&tagid=0&userid=0&taggroupid=0&type=&linkstorytype=&scrollcount=1&displayadsection=home&categoryid=0&channelid=0&ShowGridLeaderboardAds=false&ShowGridMobileAds=false&RenderUserFormat=false&StoryView=G&ShowStats=false&StoryId=0&ShowSimpleListView=True&ShowRolloversOverride=False&IsHeadlineTest=true&URLSubfolder=&Website=D&showipadads=N&ShowGridRepeatingAds=C1,C2,C4&GridFirstAdLocation=0&GridSubsequentAdLocation=0&OnClickOverride=&GridPositioning=&IsMobile=false
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 77c997e2ca9694c65e3ec1cbb1a8c7a82f6fbdfee8d560d36084bedf90e3cca7

Request headers

Accept: text/html
Referer: https://www.newser.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 15:51:12 GMT
Content-Encoding: gzip
max-age: 0
RawURL: /controlpage.aspx?control=storysquarecontainer&sectionid=1&SITEPAGENAME=Home&donotshowads=&gridrownum=49&squarewidth=320&squareheight=213&numgridrows=48&numgridcols=1&hardsoft=5&StartDate=&EndDate=&PickADate=&ShowPopular=N&PopularType=None&viewhardsoft=n&ajaxcall=y&autorefreshcall=n&lastrefreshdate=1/30/2022%209:51:12%20AM&firststorypubdate=1/30/2022%209:35:00%20AM&siteid=0&tagid=0&userid=0&taggroupid=0&type=&linkstorytype=&scrollcount=1&displayadsection=home&categoryid=0&channelid=0&ShowGridLeaderboardAds=false&ShowGridMobileAds=false&RenderUserFormat=false&StoryView=G&ShowStats=false&StoryId=0&ShowSimpleListView=True&ShowRolloversOverride=False&IsHeadlineTest=true&URLSubfolder=&Website=D&showipadads=N&ShowGridRepeatingAds=C1,C2,C4&GridFirstAdLocation=0&GridSubsequentAdLocation=0&OnClickOverride=&GridPositioning=&IsMobile=false
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Content-Length: 13381
Scheme: https

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 49ms
9ms Script
application/javascript 13.225.80.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-38.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 08:25:36 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 41821
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 debe291145dc27044f50d04bac101cd8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: fyNFXQxATQVeus5BGYWeQqNC4IxcLFkAfiOyTz80lyXmYbNrtWdbTg==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 64ms
14ms Script
application/x-javascript 2600:9000:20eb:b000:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:b000:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 14:50:12 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 06:48:52 GMT
server: nginx
age: 3660
etag: W/"61f391d4-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: zhUUQSR7QmcoO-17kku7kIekbJlVhxhm7eJMBs1G6Ed5gJ3lF9zbhw==
expires: Sun, 30 Jan 2022 16:50:12 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 69ms
19ms Script
application/x-javascript 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: C837A48B2C34EE56
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=10653
accept-ranges: bytes
content-length: 948
x-amz-id-2: Dl95LInGfb+/e1pJjUIJZHBdqqnQR5kAoOKx/bgx79sAoLcQhhni+BFzg0LbdHAlPM1lV3GPvgg=

GET
H2 200 videoCard.1451368a7b5e945a3252.js Show response
cdn.intergient.com/pageos/1.6.33/ 551 B
998 B 14ms
6ms Script
application/javascript 2600:9000:20eb:3400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/videoCard.1451368a7b5e945a3252.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 411626d5e8eb3616fad95e39e91afe59dcfd424b9492c2c43c76a5199dc69768

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 20:01:00 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 14:32:29 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578741/ctime:1639578741/gid:20/gname:staff/md5:bfb44d87e9e552efe6f335d770ab135a/mode:33188/mtime:1639578741/uid:501/uname:thomascreamer
age: 71415
etag: "bfb44d87e9e552efe6f335d770ab135a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 551
x-amz-cf-id: aOM2GFb_oTRlbN2kro3eGon_f7Jst0vO1FCB8VqGCikvY_n56pp4Yw==

GET
H2 200 batchHandler.cf8da702ed619bc8d371.js Show response
cdn.intergient.com/pageos/1.6.33/ 3 KB
2 KB 14ms
7ms Script
application/javascript 2600:9000:20eb:3400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/batchHandler.cf8da702ed619bc8d371.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ff8684ee0e3acfe08494f09ab05494bc7cc842af6834e3877eb160a949f0c7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 02:45:35 GMT
content-encoding: br
last-modified: Wed, 15 Dec 2021 14:32:24 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578741/ctime:1639578741/gid:20/gname:staff/md5:edd43592b91921f505b47b87a549edb8/mode:33188/mtime:1639578741/uid:501/uname:thomascreamer
age: 47138
etag: W/"edd43592b91921f505b47b87a549edb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: _HzeTeCIsaIuZ1wUyH0Gt_npapZaeLSJxZmeacUMq22jt32g4SKGwg==

GET
H2 200 banner.json Show response
config.playwire.com/1024100/v2/websites/72343/ 568 KB
9 KB 60ms
9ms XHR
application/json 2600:9000:20eb:5c00:1a:1459:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.playwire.com/1024100/v2/websites/72343/banner.json
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5c00:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: fe443970eb7a49a4749815af2e1002e4b65aac7635a1ea7a92b9ef708e3cac4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 23:18:32 GMT
via: 1.1 vegur, 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
vary: Accept-Encoding
age: 59559
x-cache: Hit from cloudfront
content-encoding: br
server: Cowboy
access-control-max-age: 1728000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: hw-country-code
cache-control: public, max-age=600
hw-country-code: DE
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: RdYHXOTl5SzFMe-UphaLUhrMJh2l3YeHCyLq8l_dw6JI363jpJAvtQ==

GET
H2 200 moatheader.js Show response
z.moatads.com/playwireprebidheader597261727146/ 214 KB
75 KB 69ms
21ms Script
application/x-javascript 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 714f7ca1e900b9c6cb9e4f395e0c18198004690a6ee756a416a172c2ed9414eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 15:44:49 GMT
server: AmazonS3
x-amz-request-id: CEAVADPZ4Y9R4WPG
etag: "9a60387f389992f2729ab6cb9f623571"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=10689
accept-ranges: bytes
content-length: 76469
x-amz-id-2: FUU0p6eGOt8lRtknxO+IS363BLOFgBQVVGyLsxKCGNEkNGR3LiWIecCDVyRoRLouLHbTBeOiMDE=

GET
H2 200 pixel.gif
load77.exelator.com/ 43 B
333 B 54ms
6ms Image
image/gif 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-nzt: Abk73BDfj1n/a3gBAA==
x-accel-expires: @1644498309
date: Sun, 30 Jan 2022 15:51:12 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: W899dbzkwNM=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 96363
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

GET
H2 200 just-shy-of-2-texas-boy-saves-family-from-fire.jpeg
img2-azrcdn.newser.com/square-image/316231-20220128121027-M/ 40 KB
40 KB 15ms
9ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316231-20220128121027-M/just-shy-of-2-texas-boy-saves-family-from-fire.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c14bc74eb84a60374cafb46143c0b2ea118ce9622b75c12cd7196fc129cd8a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 05rH1YQAAAADNPcEgDepCRZ1IHdbthqm3QU1TMDRFREdFMTkxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316231-20220128121027-M/just-shy-of-2-texas-boy-saves-family-from-fire.jpeg
x-azure-ref: 08LP2YQAAAAAAg6rOu6ekRojc6x/FQJoqRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40990
scheme: https

GET
H2 200 beware-east-coast-here-comes-kenan.jpeg
img2-azrcdn.newser.com/square-image/316245-20220128115012-M/ 44 KB
45 KB 14ms
8ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316245-20220128115012-M/beware-east-coast-here-comes-kenan.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0b7fd6d5e58c021a19ea46b59a1f91f7596fe7e5df982282a2f3a70b3e35638c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0mTj2YQAAAAANVsKsqk8PT6xXQxy9L3SGQU1TMDRFREdFMTgxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316245-20220128115012-M/beware-east-coast-here-comes-kenan.jpeg
x-azure-ref: 08LP2YQAAAAAGJeWuDr8+SKgiVQO7s1DVRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45413
scheme: https

GET
H2 200 domain-name-shift-may-have-leaked-teams-new-name.jpeg
img2-azrcdn.newser.com/square-image/316241-20220128112612-M/ 51 KB
51 KB 14ms
8ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316241-20220128112612-M/domain-name-shift-may-have-leaked-teams-new-name.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9da3111da1b3998343d9494f461bc6d38b46947e5651ad71e5c455f9713f7cb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0caL2YQAAAACxgK/18+ThSojuYRC/fA1xQU1TMDRFREdFMTkxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316241-20220128112612-M/domain-name-shift-may-have-leaked-teams-new-name.jpeg
x-azure-ref: 08LP2YQAAAADnbG2zOumqTLr2fWo+xbCVRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51728
scheme: https

GET
H2 200 green-gaiter-bandit-wanted-in-string-of-bank-robberies.jpeg
img1-azrcdn.newser.com/square-image/316246-20220128111827-M/ 40 KB
41 KB 17ms
11ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316246-20220128111827-M/green-gaiter-bandit-wanted-in-string-of-bank-robberies.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3740532989eefa6c15895ca294973e460770de8e660850efc95cd560d817a1bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0orP2YQAAAADSF1CB8JowRbXo+RFIqhD7QU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316246-20220128111827-M/green-gaiter-bandit-wanted-in-string-of-bank-robberies.jpeg
x-azure-ref: 08LP2YQAAAABMnpIKfLuVRK2xMUTxMkn1RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41258
scheme: https

GET
H2 200 heres-how-the-major-us-airlines-rank.jpeg
img1-azrcdn.newser.com/square-image/316240-20220128103927-M/ 43 KB
43 KB 16ms
10ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316240-20220128103927-M/heres-how-the-major-us-airlines-rank.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d97e795abc94a584e788c78eaa25a21d61935d7d514fa04655ddadd8e0a44896

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0cqL2YQAAAABeVWUsBQinQpk/TKf332ACQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316240-20220128103927-M/heres-how-the-major-us-airlines-rank.jpeg
x-azure-ref: 08LP2YQAAAABSOAOhF0S1SphuaCyJm+n6RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43611
scheme: https

GET
H2 200 bloodthirsty-attack-leaves-dog-walker-with-horrific-injuries.jpeg
img2-azrcdn.newser.com/square-image/316235-20220128101942-M/ 52 KB
52 KB 30ms
24ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316235-20220128101942-M/bloodthirsty-attack-leaves-dog-walker-with-horrific-injuries.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8eef6ec74a5d580cc3f8147131f97094fed7507ad69b79c23fc74f7bde66f421

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0cqL2YQAAAACsipPQTgA5QKSmUdO6HjXJQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316235-20220128101942-M/bloodthirsty-attack-leaves-dog-walker-with-horrific-injuries.jpeg
x-azure-ref: 08LP2YQAAAAAsvxx7++eGSYLk6a+xdeGURlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 53149
scheme: https

GET
H2 200 guy-claims-he-broke-a-world-record-a-week-in-2021.jpeg
img1-azrcdn.newser.com/square-image/316220-20220128100427-M/ 47 KB
47 KB 18ms
12ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316220-20220128100427-M/guy-claims-he-broke-a-world-record-a-week-in-2021.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ca7cd2a4608296a9ff32e81e120d27a5a37a77f7e67079efba169b43a8743ea2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0Hqv2YQAAAABZo6puHM9tQpynS7ag0DgrQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316220-20220128100427-M/guy-claims-he-broke-a-world-record-a-week-in-2021.jpeg
x-azure-ref: 08LP2YQAAAAAs+AZHyek3Q4Wail4LYSwjRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48326
scheme: https

GET
H2 200 key-inflation-gauge-hasnt-risen-this-much-since-1982.jpeg
img2-azrcdn.newser.com/square-image/316243-20220128094127-M/ 45 KB
45 KB 22ms
16ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316243-20220128094127-M/key-inflation-gauge-hasnt-risen-this-much-since-1982.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9d5019bd2fae955cf530cf7f1a6d48a40595abadfa86a956c118b2c97e9d4779

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0cqL2YQAAAAAZ1AjCEGBlRL+7Ois/83u8QU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316243-20220128094127-M/key-inflation-gauge-hasnt-risen-this-much-since-1982.jpeg
x-azure-ref: 08LP2YQAAAAAbGmqj7QhLRatMC/RNQaDTRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45739
scheme: https

GET
H2 200 10-hurt-as-bridge-collapses-in-pittsburgh.jpeg
img1-azrcdn.newser.com/square-image/316238-20220128092010-M/ 56 KB
57 KB 22ms
16ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316238-20220128092010-M/10-hurt-as-bridge-collapses-in-pittsburgh.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 65db3d75c61bd51568b39a016efa0cb90f3df0514fcfb6ca65c83892d66e1691

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0orP2YQAAAABek1ZNkhW8TYgrACqe+jtAQU1TMDRFREdFMTgwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316238-20220128092010-M/10-hurt-as-bridge-collapses-in-pittsburgh.jpeg
x-azure-ref: 08LP2YQAAAABHno3kgAA9SI6SdOZR/wFCRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 57676
scheme: https

GET
H2 200 anti-maskers-cause-10-day-shutdown-at-kids-museum.jpeg
img1-azrcdn.newser.com/square-image/316230-20220128085212-M/ 38 KB
38 KB 18ms
12ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316230-20220128085212-M/anti-maskers-cause-10-day-shutdown-at-kids-museum.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 97dde2799af977e4004e45c29b84b8be9b26ed417ef708b702b34af287ff254d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0orP2YQAAAAA/Td5vXCrFSYh2V0pnW2i+QU1TMDRFREdFMTgxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316230-20220128085212-M/anti-maskers-cause-10-day-shutdown-at-kids-museum.jpeg
x-azure-ref: 08LP2YQAAAAAEtsurX/d0SYjor2RyayQsRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 39032
scheme: https

GET
H2 200 father-to-bes-shooting-death-called-a-modern-day-lynching.jpeg
img1-azrcdn.newser.com/square-image/316232-20220128082827-M/ 40 KB
40 KB 20ms
15ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316232-20220128082827-M/father-to-bes-shooting-death-called-a-modern-day-lynching.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c0d8c7a6bf76c57da334c1b75724fbb20f592e5040c9088779bc21ed33b177a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0eWv2YQAAAADiU4+RZ/+WT7YqLdFXbYTPQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316232-20220128082827-M/father-to-bes-shooting-death-called-a-modern-day-lynching.jpeg
x-azure-ref: 08LP2YQAAAABBjUsZTmMZQpZfsEwjhr/yRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 40473
scheme: https

GET
H2 200 scientists-rogan-podcast-now-spouting-climate-anti-science.jpeg
img1-azrcdn.newser.com/square-image/316222-20220128081142-M/ 36 KB
36 KB 18ms
13ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316222-20220128081142-M/scientists-rogan-podcast-now-spouting-climate-anti-science.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 23248ff4b7464d9f03a44d8ca0738f1c418f0e002b3431a33eb78da15eea8d03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0D3P2YQAAAAAjypR6yHKtT5cmPJy1LwnTQU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316222-20220128081142-M/scientists-rogan-podcast-now-spouting-climate-anti-science.jpeg
x-azure-ref: 08LP2YQAAAADc+h3LDgTHRa4j5wjNb40ERlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 36458
scheme: https

GET
H2 200 america-now-has-a-first-cat.jpeg
img2-azrcdn.newser.com/square-image/316229-20220128075857-M/ 40 KB
41 KB 30ms
25ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316229-20220128075857-M/america-now-has-a-first-cat.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e4ad92e954944eac3807c7f50b2c213d8ddc2bc8a1324ed8986a733d4196e94a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0Hqv2YQAAAACjj6rPfbkwTrF4DhYAnWbUQU1TMDRFREdFMTgyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316229-20220128075857-M/america-now-has-a-first-cat.jpeg
x-azure-ref: 08LP2YQAAAAAoPPGCF2IFQbN8yBbAsrroRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41446
scheme: https

GET
H2 200 theres-something-weird-about-djokovics-covid-test.jpeg
img2-azrcdn.newser.com/square-image/316233-20220128072957-M/ 49 KB
50 KB 17ms
12ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316233-20220128072957-M/theres-something-weird-about-djokovics-covid-test.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 49f8584d1d0dbff1c1347ad1db13ef74f8edd89e3f6ccdb5636e3c7b0ca8ea6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 08Ir2YQAAAACW8zStwX/2RpE0hWJP5zDzQU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316233-20220128072957-M/theres-something-weird-about-djokovics-covid-test.jpeg
x-azure-ref: 08LP2YQAAAACf8Dy9GEB+SK7r9/4fF06+RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 50474
scheme: https

GET
H2 200 stormy-daniels-michael-avenatti-clash-in-court.jpeg
img2-azrcdn.newser.com/square-image/316217-20220128071557-M/ 57 KB
57 KB 18ms
13ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316217-20220128071557-M/stormy-daniels-michael-avenatti-clash-in-court.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0c82e3739d9fd652c6ac2d8a3745d4a35fbd7a9277b0ef2b2885c1db030c3cb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0eWv2YQAAAAD5Qs5VRZe/S6cOWn9eM1fiQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316217-20220128071557-M/stormy-daniels-michael-avenatti-clash-in-court.jpeg
x-azure-ref: 08LP2YQAAAACgty+rY+JsR6RFOjpvTnygRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 57975
scheme: https

GET
H2 200 race-for-sunken-f35-is-hunt-for-red-october-meets-the-abyss.jpeg
img2-azrcdn.newser.com/square-image/316215-20220128060457-M/ 54 KB
55 KB 19ms
14ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316215-20220128060457-M/race-for-sunken-f35-is-hunt-for-red-october-meets-the-abyss.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a162db4d4ec665954b0c34e7fdec5dc2c7f1f42b54072683b5d5cccfcaf3b11d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0cqL2YQAAAADVpe6cD2oiQbahjQea7nmnQU1TMDRFREdFMTkxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316215-20220128060457-M/race-for-sunken-f35-is-hunt-for-red-october-meets-the-abyss.jpeg
x-azure-ref: 08LP2YQAAAADih1HbaWPjQYeZkesKP3o2RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55613
scheme: https

GET
H2 200 4-including-baby-freeze-to-death-in-attempt-to-enter-us.jpeg
img1-azrcdn.newser.com/square-image/315928-20220128053209-M/ 54 KB
55 KB 24ms
19ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/315928-20220128053209-M/4-including-baby-freeze-to-death-in-attempt-to-enter-us.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bf93cf51f40cdffc7e84c2267d234704d29fe9941fd22a738c0fea22f221f82b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0D3P2YQAAAADXOLulZ96PQoPN0i4B8FOnQU1TMDRFREdFMTgxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/315928-20220128053209-M/4-including-baby-freeze-to-death-in-attempt-to-enter-us.jpeg
x-azure-ref: 08LP2YQAAAABH1Vu2I4Q6QKJBxS2pfE7jRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55527
scheme: https

GET
H2 200 evangeline-lilly-says-she-was-at-rfk-jr-anti-vax-rally.jpeg
img1-azrcdn.newser.com/square-image/316218-20220128053740-M/ 42 KB
42 KB 22ms
18ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316218-20220128053740-M/evangeline-lilly-says-she-was-at-rfk-jr-anti-vax-rally.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4e5703b23d96dbffc24fa6f316bad0cfc3d8221f487d45fdbeceb8b26c85b14b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0Gqb2YQAAAAA5wOVtgr36TIFtoY3C/y69QU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316218-20220128053740-M/evangeline-lilly-says-she-was-at-rfk-jr-anti-vax-rally.jpeg
x-azure-ref: 08LP2YQAAAACQ+S0A9KiLSL4jl6+KaZwxRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43151
scheme: https

GET
H2 200 alabama-inmate-executed-after-scotus-clears-way.jpeg
img1-azrcdn.newser.com/square-image/316224-20220128054042-M/ 47 KB
48 KB 42ms
38ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316224-20220128054042-M/alabama-inmate-executed-after-scotus-clears-way.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8b38afb8226ce92ae65edd3bb8011a83628178ca577ef4a2148f0c99a1d80e4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 08472YQAAAACEMfrFn5eXRb/IOcVNUf8yQU1TMDRFREdFMTgxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316224-20220128054042-M/alabama-inmate-executed-after-scotus-clears-way.jpeg
x-azure-ref: 08LP2YQAAAADZuJiKCT/CRqJoOGRv6rJ5RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48492
scheme: https

GET
H2 200 michael-madsen-loses-26-year-old-son-hudson.jpeg
img2-azrcdn.newser.com/square-image/316107-20220128024457-M/ 45 KB
45 KB 30ms
26ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316107-20220128024457-M/michael-madsen-loses-26-year-old-son-hudson.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4e7fc8052650e22f03ac26e86cb617119d57ec5d3198b8559e3cf433b279e99f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 08Ir2YQAAAAAlTrYqNcodTYFKraZ2edVsQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316107-20220128024457-M/michael-madsen-loses-26-year-old-son-hudson.jpeg
x-azure-ref: 08LP2YQAAAADFU2vdibZaSI/v6tSOu5nDRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45803
scheme: https

GET
H2 200 bills-want-couple-prosecuted-over-allegedly-fake-vaccine-cards.jpeg
img2-azrcdn.newser.com/square-image/316223-20220128021458-M/ 70 KB
70 KB 33ms
29ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316223-20220128021458-M/bills-want-couple-prosecuted-over-allegedly-fake-vaccine-cards.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 594deea2cdcf15cb176a4cf6bcfb074ba22cc55c698833db25a8ac30d5ede92c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0mzj2YQAAAADAyRLwbhg4RIFFjr6k/IL2QU1TMDRFREdFMTgxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316223-20220128021458-M/bills-want-couple-prosecuted-over-allegedly-fake-vaccine-cards.jpeg
x-azure-ref: 08LP2YQAAAABTOCREE0ilSqAygfsYcsDQRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 71283
scheme: https

GET
H2 200 judge-hands-green-advocates-big-win-on-offshore-drilling.jpeg
img2-azrcdn.newser.com/square-image/316225-20220128052934-M/ 42 KB
42 KB 24ms
20ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316225-20220128052934-M/judge-hands-green-advocates-big-win-on-offshore-drilling.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c3a99bb651bce59ca498c2c9c97290408da53d49dc917232ed4a0dadf10a57e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0orP2YQAAAACU0xbgdxdrQJlzr7DQFgReQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316225-20220128052934-M/judge-hands-green-advocates-big-win-on-offshore-drilling.jpeg
x-azure-ref: 08LP2YQAAAADs2zUFg3asQJIMQkVZlu6VRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 42934
scheme: https

GET
H2 200 6th-victim-added-to-tally-of-1970s-doodler-serial-killer.jpeg
img2-azrcdn.newser.com/square-image/316219-20220128080349-M/ 42 KB
43 KB 26ms
22ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316219-20220128080349-M/6th-victim-added-to-tally-of-1970s-doodler-serial-killer.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f414033c9b93d7223d3651dc723bf66c6c368d2a6616f4500b300e805efc4419

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 057H1YQAAAABitU4ljD5eQKoVWu9GO332QU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316219-20220128080349-M/6th-victim-added-to-tally-of-1970s-doodler-serial-killer.jpeg
x-azure-ref: 08LP2YQAAAAAqnfPU3/2wTYYt51giA1Z8RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43501
scheme: https

GET
H2 200 ukraine-hears-discouraging-assessments.jpeg
img1-azrcdn.newser.com/square-image/316212-20220127201058-M/ 54 KB
54 KB 27ms
23ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316212-20220127201058-M/ukraine-hears-discouraging-assessments.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bc779eca15675ccd4bf6aa23f0e6d04638f805f346d46092add71be913fa621d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 08472YQAAAAAuxgdGxsCbTaSHRwETiengQU1TMDRFREdFMTkwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316212-20220127201058-M/ukraine-hears-discouraging-assessments.jpeg
x-azure-ref: 08LP2YQAAAADGBOO/MrhASZ76p8fJE+egRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 55344
scheme: https

GET
H2 200 house_grid_morning.png
img1-azrcdn.newser.com/images/ 33 KB
34 KB 34ms
30ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/images/house_grid_morning.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 185b7539076b9f8d807c5740180aac4e2a4b3bc2912b4e9485950ccddb4cb39e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
last-modified: Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield: 0Gqb2YQAAAAAMy0iaXiIbSYdhUyH5Y82wQU1TMDRFREdFMTkwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref: 08LP2YQAAAACocMRaYm0pSYE/ihSfmGhoRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 34113

GET
H2 200 chiefs-fans-honor-bills-by-donating-to-hospital.jpeg
img2-azrcdn.newser.com/square-image/316209-20220128044834-M/ 43 KB
43 KB 21ms
17ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316209-20220128044834-M/chiefs-fans-honor-bills-by-donating-to-hospital.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cba00eeef256b0662dfe41916464ddbd5c1b30f701e8373b760e0cbaf425c98e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0orP2YQAAAABzwwJRtjpVS5uUE3ea1hixQU1TMDRFREdFMTgwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316209-20220128044834-M/chiefs-fans-honor-bills-by-donating-to-hospital.jpeg
x-azure-ref: 08LP2YQAAAABmwsUMd6jbTLqKOnEMViEHRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44210
scheme: https

GET
H2 200 after-testing-positive-palin-causes-a-stir-at-restaurants.jpeg
img1-azrcdn.newser.com/square-image/316206-20220127184443-M/ 37 KB
37 KB 33ms
29ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316206-20220127184443-M/after-testing-positive-palin-causes-a-stir-at-restaurants.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 51b3d1a2d7433f93d0cd3dfcf5838e7221e07329c4806adc9d860e788a17d4fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 08Ir2YQAAAACP2WZqlvC3Rrg8ngdAgRv2QU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316206-20220127184443-M/after-testing-positive-palin-causes-a-stir-at-restaurants.jpeg
x-azure-ref: 08LP2YQAAAACmigoJ8xixR50vLjE6oU7lRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 38086
scheme: https

GET
H2 200 gunfire-hits-bushs-car-without-her-in-it.jpeg
img2-azrcdn.newser.com/square-image/316207-20220127181358-M/ 40 KB
41 KB 39ms
35ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316207-20220127181358-M/gunfire-hits-bushs-car-without-her-in-it.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dd93a97df4a101c9d0b60d1e6ab6ce5a33c8e00b10d4f2f0fdba7554faffd73b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0Gab2YQAAAADvX1Ykig0tT46/t8zbdWUNQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316207-20220127181358-M/gunfire-hits-bushs-car-without-her-in-it.jpeg
x-azure-ref: 08LP2YQAAAAB/AOWpWOVySJN0eYQ4rktPRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41320
scheme: https

GET
H2 200 schools-sends-errant-you-won-a-scholarship-notices.jpeg
img1-azrcdn.newser.com/square-image/316204-20220127175358-M/ 58 KB
58 KB 28ms
24ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316204-20220127175358-M/schools-sends-errant-you-won-a-scholarship-notices.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a5e0a2f44a9b19aab51c0429ab10594535ded41e004c5dc2ebdcf022b84b1944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0IGX2YQAAAACXsAw7apIiRaI2dOufXRFmQU1TMDRFREdFMTkxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316204-20220127175358-M/schools-sends-errant-you-won-a-scholarship-notices.jpeg
x-azure-ref: 08LP2YQAAAACEQmYm2KZRSZzvi6f3AXWzRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 59134
scheme: https

GET
H2 200 one-joke-crypto-coin-begets-another.jpeg
img2-azrcdn.newser.com/square-image/316205-20220127172128-M/ 40 KB
41 KB 37ms
33ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316205-20220127172128-M/one-joke-crypto-coin-begets-another.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9dd77e07919ca643d4e7976497fda21e4484c64936e15b54ad6c348257af48f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 00UL2YQAAAAAbK8kfBGvmQ5YyF52N8+qLQU1TMDRFREdFMTkxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316205-20220127172128-M/one-joke-crypto-coin-begets-another.jpeg
x-azure-ref: 08LP2YQAAAABWC5eIGmA0Q73rAXa+Ap1xRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41423
scheme: https

GET
H2 200 rally-fades-as-reality-on-interest-rates-sinks-in.jpeg
img2-azrcdn.newser.com/square-image/316211-20220127170358-M/ 48 KB
48 KB 30ms
26ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316211-20220127170358-M/rally-fades-as-reality-on-interest-rates-sinks-in.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ee860898fcc938895b1b12a278cb8f997f65b23214b102ba2c42738a028f1a17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0wZz2YQAAAAAzIl3oDLLNRr6d+EUEDYtrQU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316211-20220127170358-M/rally-fades-as-reality-on-interest-rates-sinks-in.jpeg
x-azure-ref: 08LP2YQAAAACNIRYD7Fi8SL4u9lnABqbtRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 48934
scheme: https

GET
H2 200 its-an-obamacare-enrollment-record.jpeg
img1-azrcdn.newser.com/square-image/316182-20220129052210-M/ 46 KB
46 KB 24ms
21ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316182-20220129052210-M/its-an-obamacare-enrollment-record.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 486ab000e859d030da7f768b4c96401d995b79f5b8620eefaafcc2cfcbdd057c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0wZz2YQAAAAAVVyf3jmZBRb02pj0Za+LLQU1TMDRFREdFMTkxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316182-20220129052210-M/its-an-obamacare-enrollment-record.jpeg
x-azure-ref: 08LP2YQAAAACKVAtPZxqrQJVZi3ytRSHWRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47293
scheme: https

GET
H2 200 coast-guard-nears-end-of-search-for-migrants.jpeg
img1-azrcdn.newser.com/square-image/316210-20220127160813-M/ 40 KB
41 KB 37ms
34ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316210-20220127160813-M/coast-guard-nears-end-of-search-for-migrants.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0d06df2e703c6ea6489fa19139cfd5f375495183c4145762127dfb5208f2540d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0Gqb2YQAAAAAi2fjtF0LFRrMjEfPTmZpaQU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316210-20220127160813-M/coast-guard-nears-end-of-search-for-migrants.jpeg
x-azure-ref: 08LP2YQAAAACCjnL+8JZyQriP3ipE0xRlRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 41337
scheme: https

GET
H2 200 salary-of-nyc-mayors-brother-is-cut-from-210k-to-1.jpeg
img1-azrcdn.newser.com/square-image/316208-20220127151543-M/ 55 KB
56 KB 29ms
26ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316208-20220127151543-M/salary-of-nyc-mayors-brother-is-cut-from-210k-to-1.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1b38f2172e240cd582d97f048c5e8cb35554e3c405d03fa229b4e82c3f01438a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0orP2YQAAAADh4icV5xBsTpbxbf5j1ahGQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316208-20220127151543-M/salary-of-nyc-mayors-brother-is-cut-from-210k-to-1.jpeg
x-azure-ref: 08LP2YQAAAABUKkdZur8PRIzO1Rtt2QbRRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 56760
scheme: https

GET
H2 200 twin-of-man-jailed-for-murder-since-03-i-did-it.jpeg
img2-azrcdn.newser.com/square-image/231609-20220127144758-M/ 43 KB
44 KB 30ms
27ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/231609-20220127144758-M/twin-of-man-jailed-for-murder-since-03-i-did-it.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9769b09b9532fb94b22909364ad7ab7dc2683f4575ef1ee606cb3a6db73748f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 057H1YQAAAADBNfvFP4YAQYcmbg+Bt/0VQU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/231609-20220127144758-M/twin-of-man-jailed-for-murder-since-03-i-did-it.jpeg
x-azure-ref: 08LP2YQAAAADZ7OiNoA25S5xDRagGArcuRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44477
scheme: https

GET
H2 200 mellow-methuselah-is-worlds-oldest-aquarium-fish.jpeg
img2-azrcdn.newser.com/square-image/316183-20220127142458-M/ 38 KB
38 KB 34ms
31ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316183-20220127142458-M/mellow-methuselah-is-worlds-oldest-aquarium-fish.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4e7305acb88ef6d07c54958cfa21ab76ce94e637678140ac4abf5ebc3ae76a92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 08Ir2YQAAAADAJoQnoJeIS5A5q0EElf4iQU1TMDRFREdFMTgxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316183-20220127142458-M/mellow-methuselah-is-worlds-oldest-aquarium-fish.jpeg
x-azure-ref: 08LP2YQAAAACFaqUSvlLzRYQXTWhCBHa2RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 38731
scheme: https

GET
H2 200 dont-expect-big-fight-over-pick-for-supreme-court.jpeg
img1-azrcdn.newser.com/square-image/316184-20220127135658-M/ 46 KB
46 KB 30ms
27ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316184-20220127135658-M/dont-expect-big-fight-over-pick-for-supreme-court.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3bbf185a378e69925f774e6d5844a9884d37561698c585cc9b748cea127c2c2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0mHz2YQAAAABkyDOct8MVRa5EcH5LU24OQU1TMDRFREdFMTkxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316184-20220127135658-M/dont-expect-big-fight-over-pick-for-supreme-court.jpeg
x-azure-ref: 08LP2YQAAAABvn6zAwEl7S7ZTCOhYH0CeRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47185
scheme: https

GET
H2 200 janet-jackson-addresses-old-secret-baby-rumors.jpeg
img2-azrcdn.newser.com/square-image/316199-20220127130913-M/ 37 KB
37 KB 26ms
23ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316199-20220127130913-M/janet-jackson-addresses-old-secret-baby-rumors.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3ff1c2b22a22f605896511bca1355785ea2ed61d904a4220c49da9112008fc0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 08472YQAAAAC6B5CFcs6KSb/3urEDc3fLQU1TMDRFREdFMTkyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316199-20220127130913-M/janet-jackson-addresses-old-secret-baby-rumors.jpeg
x-azure-ref: 08LP2YQAAAAApX0oySe0CTpm+s8VJOwq/RlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 37467
scheme: https

GET
H2 200 strange-case-of-teens-gym-mat-death-reopened.jpeg
img2-azrcdn.newser.com/square-image/303499-20220127124428-M/ 51 KB
51 KB 39ms
36ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/303499-20220127124428-M/strange-case-of-teens-gym-mat-death-reopened.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d7996ae15bbdf9fa23302679f82c6341f27dcbf3709e6d033c3e3f3ae7876b24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0eWv2YQAAAAAsi17+96QsT4l7DrL4knxwQU1TMDRFREdFMTkxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/303499-20220127124428-M/strange-case-of-teens-gym-mat-death-reopened.jpeg
x-azure-ref: 08LP2YQAAAAAAL/ZswFpbQY99S/rtzGtERlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51754
scheme: https

GET
H2 200 he-found-his-parents-via-social-media-then-tragedy.jpeg
img1-azrcdn.newser.com/square-image/316158-20220127114913-M/ 43 KB
43 KB 28ms
25ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316158-20220127114913-M/he-found-his-parents-via-social-media-then-tragedy.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4d51312ee5a72f1a96b6b5dc7c3bad427a65c0cab8812e49bb40018919232f67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0D3P2YQAAAACGKVvmjR/eT7Gd8sczuLnNQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316158-20220127114913-M/he-found-his-parents-via-social-media-then-tragedy.jpeg
x-azure-ref: 08LP2YQAAAABPTHuDnN0vQY+UYTuMT47oRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43902
scheme: https

GET
H2 200 in-our-galactic-backyard-signals-never-seen-before.jpeg
img1-azrcdn.newser.com/square-image/316156-20220127114511-M/ 38 KB
38 KB 34ms
31ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316156-20220127114511-M/in-our-galactic-backyard-signals-never-seen-before.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 50bd57f4bdc1ee6ea9a3457cd38b3c0cb3f8293230f579da45e43fb5d66d5fca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 08Ir2YQAAAACi2nPHEDxKQ7XNkqoXDSOBQU1TMDRFREdFMTgwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316156-20220127114511-M/in-our-galactic-backyard-signals-never-seen-before.jpeg
x-azure-ref: 08LP2YQAAAAAVcu/gXmjJQZygvyzLxABsRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 39025
scheme: https

GET
H2 200 tenn-school-board-bans-holocaust-graphic-novel.jpeg
img2-azrcdn.newser.com/square-image/316187-20220127111058-M/ 44 KB
44 KB 35ms
32ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316187-20220127111058-M/tenn-school-board-bans-holocaust-graphic-novel.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8c853ed75b7345b3d2d9f5af9fb56be87fef7bcf2863f8836345ec318396758d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0eWv2YQAAAAArSR944wbKS5TeMjZrSH2vQU1TMDRFREdFMTgxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316187-20220127111058-M/tenn-school-board-bans-holocaust-graphic-novel.jpeg
x-azure-ref: 08LP2YQAAAABEM504KHBuSKqOGGUEaEKyRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 44902
scheme: https

GET
H2 200 guy-who-jumped-from-plane-allegedly-smoked-a-lot-of-meth.jpeg
img2-azrcdn.newser.com/square-image/307971-20220127110745-M/ 43 KB
43 KB 36ms
33ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/307971-20220127110745-M/guy-who-jumped-from-plane-allegedly-smoked-a-lot-of-meth.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4aa42d7442c394096d40efad6d8d533232c025738083b5c07b34691696888dd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 0eWv2YQAAAAAP7DLGzq5YRqDaixDZF5XkQU1TMDRFREdFMTkxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/307971-20220127110745-M/guy-who-jumped-from-plane-allegedly-smoked-a-lot-of-meth.jpeg
x-azure-ref: 08LP2YQAAAADjWRJCah33T6LWSHlTi1KKRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 43826
scheme: https

GET
H2 200 ben-roethlisberger-retires-after-18-years-in-nfl.jpeg
img2-azrcdn.newser.com/square-image/316195-20220127101843-M/ 47 KB
47 KB 30ms
28ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2-azrcdn.newser.com/square-image/316195-20220127101843-M/ben-roethlisberger-retires-after-18-years-in-nfl.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 41fa061fd8a72f16e9eee21d78b071c6bca68ddc63ca4df9588986ecc62dae28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
x-azure-ref-originshield: 08Ir2YQAAAACBh1FGIjyhSYkY4WkhDTMjQU1TMDRFREdFMTkwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316195-20220127101843-M/ben-roethlisberger-retires-after-18-years-in-nfl.jpeg
x-azure-ref: 08LP2YQAAAAA3QiJXLU1dRrQE1QVheQ2JRlJBRURHRTEwMTQAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 47983
scheme: https

GET
H2 200 hiker-falls-700-feet-trying-to-snap-midnight-selfie.jpeg
img1-azrcdn.newser.com/square-image/316188-20220127095758-M/ 61 KB
62 KB 31ms
28ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316188-20220127095758-M/hiker-falls-700-feet-trying-to-snap-midnight-selfie.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c86dd20594d0c4ac6874b84f72ca727f390e0c2948807088a789ddaf38ea5f07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0cqL2YQAAAAArCvdH1bvIRaoFUQtAqsqmQU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316188-20220127095758-M/hiker-falls-700-feet-trying-to-snap-midnight-selfie.jpeg
x-azure-ref: 08LP2YQAAAACcab8Oy+g9QbJ8VjxSjjc6RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 62787
scheme: https

GET
H2 200 man-in-camp-auschwitz-shirt-has-been-arrested.jpeg
img1-azrcdn.newser.com/square-image/301272-20220128011039-M/ 48 KB
49 KB 39ms
37ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/301272-20220128011039-M/man-in-camp-auschwitz-shirt-has-been-arrested.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 04230c3031ba7b616cd9f7c720d87023387dd16cf74c56188edc2049de753bc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0IGX2YQAAAACgn5LZQgJkTp1tcOstVbbrQU1TMDRFREdFMTkwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/301272-20220128011039-M/man-in-camp-auschwitz-shirt-has-been-arrested.jpeg
x-azure-ref: 08LP2YQAAAAB7g1svrmduQrCyGs3fzOqdRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 49660
scheme: https

GET
H2 200 statue-of-kobe-gianna-unveiled-at-crash-site.jpeg
img1-azrcdn.newser.com/square-image/316190-20220127092143-M/ 45 KB
45 KB 38ms
35ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316190-20220127092143-M/statue-of-kobe-gianna-unveiled-at-crash-site.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1794ce66c6f7b83e3a027cc5b104ad113159a32529a70e3380d47f6e09dbfff5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 08Ir2YQAAAAASfU1t3lEqRqZUGFYeCo6UQU1TMDRFREdFMTgxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316190-20220127092143-M/statue-of-kobe-gianna-unveiled-at-crash-site.jpeg
x-azure-ref: 08LP2YQAAAABVy73HY/WjQYzeV6UJukBCRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 45898
scheme: https

GET
H2 200 us-economy-grew-in-2021-at-fastest-pace-since-reagan-years.jpeg
img1-azrcdn.newser.com/square-image/316192-20220127085258-M/ 50 KB
51 KB 41ms
39ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316192-20220127085258-M/us-economy-grew-in-2021-at-fastest-pace-since-reagan-years.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 034b0077589cb2fdf5f045f587740877d385374de54fb733c7626bb1119a67ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 08472YQAAAAAtmewS9qkhRbl8VVxn3V48QU1TMDRFREdFMTgxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316192-20220127085258-M/us-economy-grew-in-2021-at-fastest-pace-since-reagan-years.jpeg
x-azure-ref: 08LP2YQAAAACCzuRGlYU5Tr/uwsW5zTK0RlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 51467
scheme: https

GET
H2 200 texas-man-arrested-in-connection-with-synagogue-standoff.jpeg
img1-azrcdn.newser.com/square-image/316166-20220127084058-M/ 59 KB
59 KB 35ms
33ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1-azrcdn.newser.com/square-image/316166-20220127084058-M/texas-man-arrested-in-connection-with-synagogue-standoff.jpeg
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4475d2347dac904117a6f94f0c6ae4de9c7c022f44731afa213e4ea9ae86c0a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:11 GMT
x-azure-ref-originshield: 0orP2YQAAAADw3YonCY/iTJkLCYOZuH+HQU1TMDRFREdFMTgxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl: /square-image/316166-20220127084058-M/texas-man-arrested-in-connection-with-synagogue-standoff.jpeg
x-azure-ref: 08LP2YQAAAACRcIG2yFaURKlIMaQVLKFGRlJBRURHRTEwMTcAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache: TCP_HIT
content-type: image/jpeg
cache-control: public, max-age=86400
content-length: 59992
scheme: https

GET
H2 200 aws-sdk-kinesis.min.js Show response
cdn.intergient.com/pageos/js/libs/ 227 KB
67 KB 7ms
7ms Script
text/javascript 2600:9000:20eb:3400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.6.33/batchHandler.cf8da702ed619bc8d371.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 01:36:13 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 13:03:16 GMT
server: AmazonS3
age: 51313
etag: W/"dd4723e36a9cd5d1d04946ad79b9dfe6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 1l98Ge1YfvPy8_0YbM3M6Tf7qJebFREfYYnldWG7t9Y3hsVgxKsETg==

GET
H2 200 rules-p-8dMeaPxgtnRKk.js Show response
rules.quantcount.com/ 3 B
436 B 50ms
8ms Script
application/javascript 2600:9000:20eb:4400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8dMeaPxgtnRKk.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 07:26:04 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
age: 30309
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:13:40 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 0a2bD4c1NnKcrK-Xcdt8GS6o1Hl28H9PI9g8n-ztXRXNt3xJD4w8Qg==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1f70bd487935938cbc930fe03f210b36

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

658032138bb2e1a026be5f4f3bc8923d522b2aa591175b7887f5bdb6caae4cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.newser.com/
Origin: https://www.newser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tx5AFCbYmbL9ZHCi/yMGUg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82045
x-fb-rlafr: 0
x-fb-debug: dMgBJJAdcJE80b3/foVv9c1i7OCSQaOuLW7DUJP6CQ7N3+bS8qPrJ3wrza5oL63OYub4Z/iKTgithYDclJI1eQ==
x-fb-content-md5: ac1b71973ad04c2e6cf035b8b684fcbc
x-frame-options: DENY
date: Sun, 30 Jan 2022 15:51:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c657ac27941ebcdb7336758b7045d61c"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 30 Jan 2023 15:32:25 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035830&ns__t=1643557872778&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1643557872778&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2...

0
223 B

11ms
11ms

Image
text/plain

13.225.80.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1643557872778&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Server: 13.225.80.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-38.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
via: 1.1 debe291145dc27044f50d04bac101cd8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: m3ENeEvlmTEQGrmHFPoGfKPAp1rk2BgibRpwk4ouUqBSYKYOVkBiqQ==
x-cache: Miss from cloudfront

Redirect headers

date: Sun, 30 Jan 2022 15:51:12 GMT
via: 1.1 debe291145dc27044f50d04bac101cd8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1643557872778&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=
content-length: 241
x-amz-cf-id: c4y3-1CYv6nGzyzhC4K4YJGcHVAiXUT27ND3v8zqQLMtXDaAaGnEyQ==

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 425 B
600 B 132ms
44ms Script
text/html 34.252.133.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-hQQexRkFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-1fYb5sLyVy50og%3D%3D&sc=1&os=1-DA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.newser.com%2F&pcode=playwireprebidheader597261727146&rx=793754114256&callback=MoatNadoAllJsonpRequest_72488898
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.133.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-133-182.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 89b437689e6221d2ec4d9d2b45490f39d542322fb882c996a5fe7fec1b047d62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:12 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "31b5f222f8b69de5bfca02553171861a40013fd2"
content-length: 425
content-type: text/html; charset=UTF-8

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=152570803&utmhn=www.newser.com&utme=8(PWA*ABTesting1*LastRefDomain*OrigRef*UserClassification)9(N*A*direct*direct*P)11(1*3!2*1*1...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=1277182562.1643557873&jid=1996362533&_v=5.7.2&z=152570803

35 B
430 B

56ms
19ms

Image
image/gif

2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=1277182562.1643557873&jid=1996362533&_v=5.7.2&z=152570803

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 30 Jan 2022 15:51:13 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:12 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1055596-4&cid=1277182562.1643557873&jid=1996362533&_v=5.7.2&z=152570803
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 369
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 93ms
47ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=318225280&utmhn=www.newser.com&utme=8(PWA*ABTesting1*LastRefDomain*OrigRef*UserClassification)9(N*A*direct*direct*P)11(1*3!2*1*1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&utmhid=646228812&utmr=-&utmp=%2F&utmht=1643557872915&utmac=UA-1055596-9&utmcc=__utma%3D116631449.1277182562.1643557873.1643557873.1643557873.1%3B%2B__utmz%3D116631449.1643557873.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1540831560&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendors~gdpr.f92225b828d740c7c57f.js Show response
cdn.intergient.com/pageos/1.6.33/ 65 KB
17 KB 8ms
7ms Script
application/javascript 2600:9000:20eb:3400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/vendors~gdpr.f92225b828d740c7c57f.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a87d4c2682d10f0750f0e1142e25fce055f0ae596c7a277bbaf2427ddae146bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 02:30:48 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 14:32:29 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578741/ctime:1639578741/gid:20/gname:staff/md5:9b5e3fdd31d877679a5666fe44299ea9/mode:33188/mtime:1639578741/uid:501/uname:thomascreamer
age: 48068
etag: W/"9b5e3fdd31d877679a5666fe44299ea9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: xeh8FN9kt6s7xlf2mOrf90rquGC4eFXagMridRxlUAQkU1KBA4VivQ==

GET
H2 200 gdpr.c3cd42c3b61853b20836.js Show response
cdn.intergient.com/pageos/1.6.33/ 9 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:20eb:3400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/gdpr.c3cd42c3b61853b20836.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5aefa167c7b8f3305b610d93f3a198818ade815d5f9150df9fbedf00b34b705a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 03:06:59 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 14:32:28 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578741/ctime:1639578741/gid:20/gname:staff/md5:b8e305f83486f7ae9d609860bb488fd6/mode:33188/mtime:1639578741/uid:501/uname:thomascreamer
age: 45877
etag: W/"b8e305f83486f7ae9d609860bb488fd6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: y54qceeRZ2rZOforq0-yafPsvyvHaWxRSxPnUdZjMjAXniB5UJc3GA==

GET
H2 200 pixel;r=346499754;rf=0;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=1;fpa=P0-848342062-1643557872961;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=newser.com...
pixel.quantserve.com/ 35 B
371 B 22ms
13ms Image
image/gif 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=346499754;rf=0;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=1;fpa=P0-848342062-1643557872961;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=newser.com;je=0;sr=1600x1200x24;dst=0;et=1643557872961;tzo=0;ogl=

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 iframe.html Show response
cdn.intergient.com/pageos/1.6.33/iframe/ Frame 52B0 542 B
981 B 8ms
7ms Document
text/html 2600:9000:20eb:3400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/iframe/iframe.html
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6147bd9ef55a8d63dc00d57f9bbf6aa9577e5baff33b6a0e11242b1ee588294

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

content-type: text/html
content-length: 542
last-modified: Wed, 15 Dec 2021 14:32:28 GMT
x-amz-meta-s3cmd-attrs: atime:1639578738/ctime:1639578738/gid:20/gname:staff/md5:bbee404d3593d86503e44f89a385794c/mode:33188/mtime:1639578738/uid:501/uname:thomascreamer
accept-ranges: bytes
server: AmazonS3
date: Sat, 29 Jan 2022 19:59:03 GMT
etag: "bbee404d3593d86503e44f89a385794c"
x-cache: Hit from cloudfront
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 50l1RYosfddrW9w10LyTSvdw-dWpMifyP9Z7lE7vYe-9poUDGjE1_g==
age: 71535

GET
H2 200 stickyVideo.cb12701cdcec7f559c8b.js Show response
cdn.intergient.com/pageos/1.6.33/ 10 KB
4 KB 9ms
8ms Script
application/javascript 2600:9000:20eb:3400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/stickyVideo.cb12701cdcec7f559c8b.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13aff0812c49276fdb1ef2b2292b396ce5e3325a7c13e9582212577d2f0ce975

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 03:18:42 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 14:32:29 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578741/ctime:1639578741/gid:20/gname:staff/md5:ec2da3bd6d30c123d732f4b65cb1f2df/mode:33188/mtime:1639578741/uid:501/uname:thomascreamer
age: 47337
etag: W/"ec2da3bd6d30c123d732f4b65cb1f2df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 2jg7VN5Off1xZ8yvnREAxHTwCvZjUgCBrg9tdHtJWlFzIVL3J27saQ==

GET
H2 200 tyche.js Show response
cdn.intergi.com/hera/releases/4.4.29/ 1 KB
974 B 8ms
8ms Script
application/javascript 2600:9000:20eb:6e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e755eee43bcdcb69b3f7b2dbff081a9af26e9da32c92ec2f175ac0efe0f51423

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 0qxthXTXeoc5PRlEsFiNVKZOVGERs_w6
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:395fd1c8bfff848b8f9889b4fb81cc09/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 35529
etag: W/"395fd1c8bfff848b8f9889b4fb81cc09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 05:59:04 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ninYXORSKFxlHCDFQoBlf8Z9IZ5JIHkT57kW5afzF35C3guglscffw==

GET
H2 200 runtime.eb7abf17bcce520541c8.js Show response
cdn.intergi.com/hera/releases/4.4.29/ 2 KB
2 KB 8ms
8ms Script
application/javascript 2600:9000:20eb:6e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/runtime.eb7abf17bcce520541c8.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8f20718bcf79ae5797599afb4e59612f2bb75334dc8d40aa8a56d21417ac73c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: nsHome9btOvv.SKdK3Rpl_8W8qit3rOP
content-encoding: br
last-modified: Tue, 25 Jan 2022 21:03:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:471e1f82e1db56b5f90638c4e15c5280/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 36876
etag: W/"471e1f82e1db56b5f90638c4e15c5280"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 05:36:37 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: qJVZU3oSNPeKmalTaoP8UNUMMXj5M3VYNmvxREVok-8RfDK8_2s7JQ==

GET
H2 200 npm.core-js.ffb4b0a70697fbafb4fe.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 24 KB
9 KB 9ms
9ms Script
application/javascript 2600:9000:20eb:6e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.core-js.ffb4b0a70697fbafb4fe.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb0da9c5679e4e04fe036c10e42d93ed5a9a3a8f632db1cfdcdf6352ee4ff789

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: GHlCKVDIBfBStDhRzJSZKeqjiBt8htMF
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:804f5a4d76247f98873a77739d825de0/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 51804
etag: W/"804f5a4d76247f98873a77739d825de0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 14:04:22 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: YLJNlezVQe1bry7AT1DbhmtQIspW1wcRE9EtAQgvX59quhDenwWc5A==

GET
H2 200 npm.babel.e42d14b31536f4c718ea.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 2 KB
1 KB 9ms
9ms Script
application/javascript 2600:9000:20eb:6e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.babel.e42d14b31536f4c718ea.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f33f6446320fb034227d51337ec86a0f263cb1ed53e4275cae2fb55b322504cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: z3_tSBHIn0fzmcblAfWrNkzzM7z0jySj
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:f3bb19c23da5015c288c890ccb181355/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 40271
etag: W/"f3bb19c23da5015c288c890ccb181355"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 04:40:01 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: gkH9SPo08sgfPzuFkHHlFDsAW6BxjhWrEovQ22Tz7Ts2pZIW13-5rQ==

GET
H2 200 npm.lodash.922cd3f43a34caef1c38.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 3 KB
2 KB 10ms
10ms Script
application/javascript 2600:9000:20eb:6e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.lodash.922cd3f43a34caef1c38.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2cddcc76dd7b01e07130b647637c2c81f27ab4a0214973a010e712813f311138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: ddE0OhkjsnffGGVdrfYcFTUAmSPYT4n0
content-encoding: br
last-modified: Tue, 25 Jan 2022 21:03:39 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:0c61d46da45d9ab039a485d6e9e04701/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 36876
etag: W/"0c61d46da45d9ab039a485d6e9e04701"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 05:36:37 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: NLxuJF5oU8G2tCXtRt9EF0ez803WINxu9ABa_KCk7yoMJMXr5EIspw==

GET
H2 200 npm.intersection-observer.8aa2efdfa26796cda0fc.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 9 KB
3 KB 10ms
10ms Script
application/javascript 2600:9000:20eb:6e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.intersection-observer.8aa2efdfa26796cda0fc.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e990f8a7023db06444f9552e7bde007060d0e1e86b72ae845f24471bce3339e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 8VyNV.luapStoTkHzHDTrT_DHzWs1.kH
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:2be2cdb69171257c85e47d90ae2f6b2f/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 37372
etag: W/"2be2cdb69171257c85e47d90ae2f6b2f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 05:28:21 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: m-SpReFi6RkC7kUPt9bF2tGGuUIDQx1oaUwJn3lDA9StZmX6P7fozw==

GET
H2 200 npm.process.940d3a7ac2b6ed08f335.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 2 KB
1 KB 11ms
10ms Script
application/javascript 2600:9000:20eb:6e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.process.940d3a7ac2b6ed08f335.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5122ba93a9303c1dd09b760b3195122db1beef3b3d673b2274ec5ff2e8512ad1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: ASdNZtyXCyog2RHiR_n3fHyqimVVVUBO
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:39 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:c3f55d7eac6bd8289f3c5184e9fd1118/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 49730
etag: W/"c3f55d7eac6bd8289f3c5184e9fd1118"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 02:02:23 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: QYM-QY41j_H6cOUc7YwVgasn4GZsWa2yJLlvg2oHLwtEgHVt-Z75pg==

GET
H2 200 npm.webpack.1e0f2b4c3cee24713006.js Show response
cdn.intergi.com/hera/releases/4.4.29/vendor/ 231 B
717 B 11ms
11ms Script
application/javascript 2600:9000:20eb:6e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/vendor/npm.webpack.1e0f2b4c3cee24713006.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bed31c2062d8bcd1167d1be160c5d65dbf8b1ea2a75fe7f91a5396fe71e51cc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: HbzQivus2B4S.Fxidin0LQ7upfj1Sh9h
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jan 2022 21:03:39 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:436272b3faaa8c97115625bc8504abbf/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 36872
etag: "436272b3faaa8c97115625bc8504abbf"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 30 Jan 2022 05:36:41 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 231
x-amz-cf-id: 4teM9445V1WfrQ6VgAxmoBtE7xZXAZY_GnMXAx-LLxgahPcmBuzGtw==

GET
H2 200 lib-main.aa0becec495b9d9b6de4.js Show response
cdn.intergi.com/hera/releases/4.4.29/lib/ 4 KB
3 KB 12ms
12ms Script
application/javascript 2600:9000:20eb:6e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/lib/lib-main.aa0becec495b9d9b6de4.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5347c78f51c7cf4a4e84d4be12317338a93ff8da7df24519360728769e48a91b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 5jFob_TgduaPlHTsFdJOT6O3LAhV7BRF
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 21:03:30 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:4f9983efbe731c3569545c1c49d9a965/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 49240
etag: W/"4f9983efbe731c3569545c1c49d9a965"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 02:10:33 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: kSV9hwPmiqrfM05Kkp4Y5eIUWkZS6OLAQG8YA86XXOx8-dpOFJBvDQ==

GET
H2 200 main.3b43c80328deaa9a5b3e.js Show response
cdn.intergi.com/hera/releases/4.4.29/ 101 KB
28 KB 14ms
14ms Script
application/javascript 2600:9000:20eb:6e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/main.3b43c80328deaa9a5b3e.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23130a986b2d780260ca7295774432d7c5ee94cf277a8052a136b910b05f120e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: nQbStFD0ZKksS3LkjA_aMNGxhaRs5E8v
content-encoding: br
last-modified: Tue, 25 Jan 2022 21:03:31 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:aebdf745bda3a8d0841a0fc45c877fe8/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 41930
etag: W/"aebdf745bda3a8d0841a0fc45c877fe8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 04:12:28 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 0NV6qo7K8uk1jyhb_PLeYXPD1K7EfZOZx6N2CqhIogEuq2Z-eJrw6g==

GET
H2 200 lib.55782284870bfbbd6c84.js Show response
cdn.intergi.com/hera/releases/4.4.29/lib/ 138 B
627 B 15ms
15ms Script
application/javascript 2600:9000:20eb:6e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.4.29/lib/lib.55782284870bfbbd6c84.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94360a6ab3ea5a75cb34a06ef2ff905d7ea0a7dc43eefcff9b6f90e737fa4e41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: mxAZFLZqBALnmIchlVccFp46LdnVBg4k
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jan 2022 21:03:30 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1643144607/ctime:1643144607/gid:20/gname:staff/md5:64d609d6dc753b7c1abf5d5d2b095aa1/mode:33188/mtime:1643144607/uid:501/uname:thomascreamer
age: 35399
etag: "64d609d6dc753b7c1abf5d5d2b095aa1"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 30 Jan 2022 06:01:14 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 138
x-amz-cf-id: 2QjFXpehZB4-5uLfAIqTW4gNtLdk1e1ZejT4W_anRkVrp1Oq0SRYRw==

GET
H2 200 iframe.js Show response
cdn.intergient.com/pageos/1.6.33/iframe/ Frame 52B0 18 KB
7 KB 8ms
7ms Script
application/javascript 2600:9000:20eb:3400:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.6.33/iframe/iframe.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.6.33/iframe/iframe.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3400:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba7d96e96816ad55477d28aa986a4a867c7531d2168feb5066585dd94195743

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.intergient.com/pageos/1.6.33/iframe/iframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 03:52:06 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 14:32:28 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639578738/ctime:1639578738/gid:20/gname:staff/md5:288ed62918bdae27ff8a6aa679b002bb/mode:33188/mtime:1639578738/uid:501/uname:thomascreamer
age: 43148
etag: W/"288ed62918bdae27ff8a6aa679b002bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: KCbGbpVDgmCwIeUDBy8WYq4RHu7l4kIFcc3AQK-ECJpFiGn3c1LBSA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 154ms
55ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/main.3b43c80328deaa9a5b3e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

ed368cad0bbc6e127f5fb037181b2e55eb59258a4d995901b380888630ec2df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27246
x-xss-protection: 0
server: sffe
etag: "1117 / 846 of 1000 / last-modified: 1643411190"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 30 Jan 2022 15:51:13 GMT

GET
H2 200 prebid.js Show response
cdn.intergi.com/prebid/ 549 KB
164 KB 7ms
7ms Script
text/javascript 2600:9000:20eb:6e00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/prebid/prebid.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6e00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be045d5a8274db64724bbb9a8c2846e2247c17ec9ea7e13f2a319dde7626ec8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: LSF1tThV78k3KjASeXY49GwSspH8LIVR
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 17:37:45 GMT
server: AmazonS3
age: 45362
etag: W/"d1d699f254dc61269af62c40328a924d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
date: Sun, 30 Jan 2022 03:15:14 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: xcDOxSQ6qMTkcqnhI0XHk_NBlEGlhG-vHqFtczQaHjMDufOpUB7miw==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 31ms
8ms Script
application/javascript 13.224.197.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.29/main.3b43c80328deaa9a5b3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-4.fra2.r.cloudfront.net
Software: Server /
Resource Hash: c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding: gzip
etag: 8d3665a9b316600491247ca6d78c204c
age: 732
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1ZG90YEGFWEYH8XG5YM9
date: Sun, 30 Jan 2022 15:41:34 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 0BH2Tr_aznnNYup8cjgyXO9GjG2hWPDaqFlVJO7yTbGiNY64Qdkm_g==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 148ms
63ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newser.com
URL: https://newser.com/HsF05_E/eTjWmafZYl/Awn/jfYYxHwzsD.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae016db0ac37e888abe7b814b86cc2a309055e3f5eeb3d3b0be63009661b3c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52054
x-xss-protection: 0
server: cafe
etag: 8783680639109435748
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Jan 2022 15:51:13 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
596 B 56ms
16ms Script
application/javascript 2606:4700:3035::6815:40f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: newser.com
URL: https://newser.com/HsF05_E/eTjWmafZYl/Awn/jfYYxHwzsD.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:40f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31557
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9
last-modified: Sun, 30 Jan 2022 07:05:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFEkQlKLiecmnGzxMSecW2pDScnx6M5aPiy95ldt3xpC9sfu2pu7HFf6qNRXP8MRJlS3JlsLmAjgymYgtfuD87MMbhrxD89R%2FlmGPjxzwlhUPk9xk%2FF1RffYOW4xLuyq51eIuSMkDeZ4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6d5bdc430b0c6987-FRA

GET
H2 200 adcode.png
rddywd.com/ 43 B
624 B 98ms
41ms Image
image/gif 2606:4700:3035::6815:40f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:40f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newser.com/
Origin: https://www.newser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74816
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3w%2B730cACrWN9No5Iv1u6vjb%2F9N4lmvspImHdYzw3rZVHMBeblbj%2Bav1Ljcq67Xd%2BC9ViO1EoFEj3qvsiPR0V2DGwQD3J71YRNJ6CV43Dvw3r6b2eyqFF8nk1ouR0Al40lReN1s2z4u"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 6d5bdc433b894078-LHR

GET
H2 204 generate_204
www.googleapis.com/ 0
178 B 127ms
38ms Image
text/plain 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/newser/ 1005 B
556 B 57ms
49ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/newser/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 870c196156856ec66eb4e1d7b376eca50e218883c93775524484b4fe4603f5ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:13 GMT
content-encoding: gzip
etag: -1912583789--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=52, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 379

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 88 B
248 B 172ms
148ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61f6b3f00226521f&bkl=0&bl=1&pdt=664&sid=61f6b3f00226521f&pub=newser&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.newser.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1643557873109&jsl=143521&uvs=61f6b3f030f0ffce000&skipb=1&callback=addthis.cbs.jsonp__5596499194036360
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 010f79ff223b1327fe3cdf6917e85bb107ea03962c191dbc4ac8f7dbf3f90bfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:13 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 88
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 0D6D 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame E28E 71 KB
26 KB 15ms
14ms Document
text/html 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 30 Jan 2022 15:51:13 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html Show response
platform.twitter.com/widgets/ Frame B7F3 319 KB
104 KB 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.newser.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 212162
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 30 Jan 2022 15:51:13 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 19 Jan 2022 19:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67DF)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 306ms
99ms Image
image/gif 3.222.213.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newser.com&p=%2F&u=CPqKoEBxzEg6sm4hs&d=newser.com&g=19359&g0=Home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2851&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1408&t=C3FPSOcDtcoDX_4MXDbBLaZDTba_K&V=129&i=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&tz=0&sn=1&sv=C-p-XO5m53PBJdpe7C2eNDWD1kIij&sd=1&im=062b073f&_
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.213.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-213-29.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:13 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 25ms
8ms XHR
application/javascript 13.224.197.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-4.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 02:10:32 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 49242
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: oDQXYO_pa2HgNRevbFiWO6qyFNL08BEEDFJVnAo7TXycHNRTMxEAVA==

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 10ms
9ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 30 Jan 2022 15:51:13 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 settings Show response
syndication.twitter.com/ Frame B7F3 232 B
448 B 135ms
117ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=9ec4058859567061d1d8f13b8a6920effd45ba6e

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.newser.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 111
date: Sun, 30 Jan 2022 15:51:12 GMT
content-encoding: gzip
last-modified: Sun, 30 Jan 2022 15:51:13 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: ea5c086a959fb475a491f28060fcc3738396177cf6cfe4cd8b1862856c1d65cd
content-length: 166

GET
H/1.1 200
OK utility.aspx Show response
www.newser.com/ 0
482 B 104ms
104ms XHR
text/html 40.114.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newser.com/utility.aspx?function=metricsab&b=false&platform=D&visitorid=1558941134&visitorclassification=P
Requested by: Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20220112_1100/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 40.114.51.62 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.newser.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:51:12 GMT
RawURL: /utility.aspx?function=metricsab&b=false&platform=D&visitorid=1558941134&visitorclassification=P
Content-Type: text/html
Cache-Control: private, no-store
Scheme: https
Content-Length: 0
Expires: Sun, 30 Jan 2022 15:50:13 GMT

GET
H3 200 pubads_impl_2022012601.js Show response
securepubads.g.doubleclick.net/gpt/ 355 KB
119 KB 89ms
41ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

097f27605ca0d079486d606eb3ab573a5685710b4f6d9d906327bcbffa45bec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 14:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122255
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 09:34:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 30 Jan 2023 14:50:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame DD2A 10 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Sat, 29 Jan 2022 15:52:32 GMT
expires: Sat, 12 Feb 2022 15:52:32 GMT
cache-control: public, max-age=1209600
age: 86321
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 8ms
7ms XHR
text/plain 13.224.197.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.newser.com&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-4.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 12:03:22 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
server: Server
age: 13671
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.newser.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: n06kDk1GuUxTIKv1NTJTXI6A-M_jMZmkp3-Ar3pP4z2abJlIQ2OcxA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 50ms
49ms XHR
text/javascript 13.224.197.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.newser.com%2F&pid=KvaUpvQyp3TLP&cb=0&ws=1600x1200&v=7.72.0&t=2500&slots=%5B%7B%22sd%22%3A%22leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf3%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C1028224%2F1024100%2F72343%2F1024100-72343-desktop_leaderboard%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Fpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home%22%7D%5D&schain=1.0%2C1!playwire.com%2C72343%2C1%2C%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.197.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-197-4.fra2.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:13 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-amz-rid: HA8N2SS0QVBAQJR6K4GY
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.newser.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: vve6TlN0QegWrH8AB1vW_97zeBo002vM6lIrGQz8UyjxYIIU-wkepg==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 131ms
50ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.newser.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 15:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 128ms
45ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newser.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 15:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 304ms
303ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1065205181353160&correlator=11427588601572&output=ldjh&impl=fifs&eid=31063821%2C31064600%2C31061690&vrg=2022012601&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20220130&iu_parts=154013155%3A1028224%2C1024100%2C72343%2C1024100-72343-desktop_leaderboard%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90&prev_scp=pos%3Datf%26slot_id%3Dleaderboard_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DCP%255Bhome%255D%26lld_id%3Df186d8508c0445d6b99125eda0a704de57873417%26amznbid%3D1%26amznp%3D1%26in_view%3Dtrue&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%252Cgv_death_injury%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26sitecont_cat%3Dnews%252Cbusiness_and_finance%252Cbusiness_and_finance%252Centertainment%26hour%3D15%26day%3DSunday%26OS%3DWindows%252010%26browser%3DChrome%252097%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.4.29%26kver%3Dv1%26ab_test%3Dna_A%26got_consent%3Dfalse%26page_focus%3Dtrue&cookie_enabled=1&bc=31&abxe=1&dt=1643557873452&lmt=1643557873&dlt=1643557872303&idt=1098&frm=20&biw=1600&bih=1200&oid=2&adxs=561&adys=55&adks=2039480262&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.newser.com%2F&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1277182562.1643557873&ga_sid=1643557873&ga_hid=646228812&ga_fc=true&fws=4&ohw=728&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

fd9059540c5bb32f45b021521cd9f463b6ce7cb74d39d1477ce9e7181b8ac3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10435
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newser.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
12 KB 445ms
444ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1065205181353160&correlator=2249207171223008&output=ldjh&impl=fifs&eid=31063821%2C31064600%2C31061690&vrg=2022012601&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20220130&iu_parts=154013155%3A1028224%2C1024100%2C72343%2C1024100-72343-desktop_leaderboard%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP%2Cpublisher%3A1024100-website%3A72343-desktop_leaderboard-CP-home&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90&prev_scp=pos%3Dbtf%26slot_id%3Dleaderboard_btf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DCP%255Bhome%255D%26lld_id%3D9e58c73d3dff4538af6fc4571210c88d57873418%26amznbid%3D1%26amznp%3D1%26in_view%3Dtrue&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%252Cgv_death_injury%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26sitecont_cat%3Dnews%252Cbusiness_and_finance%252Cbusiness_and_finance%252Centertainment%26hour%3D15%26day%3DSunday%26OS%3DWindows%252010%26browser%3DChrome%252097%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.4.29%26kver%3Dv1%26ab_test%3Dna_A%26got_consent%3Dfalse%26page_focus%3Dtrue&cookie_enabled=1&bc=31&abxe=1&dt=1643557873461&lmt=1643557873&dlt=1643557872303&idt=1098&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=684&adks=2039479053&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.newser.com%2F&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1277182562.1643557873&ga_sid=1643557873&ga_hid=646228812&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ae9bbf46f555cadf47a513b7b2dc08dee5744046a8a1fd645a6250710f8857ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12200
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newser.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 121 KB
32 KB 390ms
389ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1065205181353160&correlator=3816895911387787&output=ldjh&impl=fifs&eid=31063821%2C31064600%2C31061690&vrg=2022012601&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20220130&iu_parts=154013155%3A1028224%2C1024100%2C72343%2Cpublisher%3A1024100-website%3A72343-web_interstitial%2Cpublisher%3A1024100-website%3A72343-web_interstitial-CP%2Cpublisher%3A1024100-website%3A72343-web_interstitial-CP-home&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=pos%3DFIXED%26slot_id%3Dweb_interstitial%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DCP%255Bhome%255D%26lld_id%3D9a252f1d442a457c9808491804a4b12f57873434&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%252Cgv_death_injury%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26sitecont_cat%3Dnews%252Cbusiness_and_finance%252Cbusiness_and_finance%252Centertainment%26hour%3D15%26day%3DSunday%26OS%3DWindows%252010%26browser%3DChrome%252097%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.4.29%26kver%3Dv1%26ab_test%3Dna_A%26got_consent%3Dfalse%26page_focus%3Dtrue&cookie_enabled=1&bc=31&abxe=1&dt=1643557873464&lmt=1643557873&dlt=1643557872303&idt=1098&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3239307466&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.newser.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1277182562.1643557873&ga_sid=1643557873&ga_hid=646228812&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

cb1d81dcdd0c75501b06b9ed426e48509ee709ce4883fcc8ba3a2e1b42d0646d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32297
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newser.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7C6A 6 KB
4 KB 268ms
46ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 30 Jan 2022 15:51:13 GMT
expires: Mon, 30 Jan 2023 15:51:13 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2022012601.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 40ms
40ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022012601.js?cb=31064600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

4acb147613215546355b164d0c0d22b09873bd655aeace6b19b4760fd0cac803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 11:49:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12997
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 09:34:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 27 Jan 2023 11:49:02 GMT

GET
H2 200 Tag.engine Show response
engine.4dsply.com/ 2 KB
2 KB 329ms
318ms Script
application/json 2606:4700::6810:9e11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.4dsply.com/Tag.engine?time=0&id=7f1a7287-2f7e-4f83-800d-06bd711ee14e&rand=6316&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.newser.com%2F&kw=
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6ccd35debd97aeb571fe1ef51527c921c9790ea3b3e2a466ddacfe5cc5e02705

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: private, no-transform
cf-ray: 6d5bdc458f4092b7-FRA
content-type: application/json; charset=utf-8

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111152338000/ Frame 8A58 190 KB
55 KB 166ms
40ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 80599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55581
x-xss-protection: 0
server: sffe
date: Sat, 29 Jan 2022 17:27:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8559bae154d80579"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 29 Jan 2023 17:27:54 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 8A58 13 KB
5 KB 226ms
100ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 80599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4994
x-xss-protection: 0
server: sffe
date: Sat, 29 Jan 2022 17:27:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b314c3eb801664ba"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 29 Jan 2023 17:27:54 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 8A58 89 KB
28 KB 230ms
104ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 80599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28443
x-xss-protection: 0
server: sffe
date: Sat, 29 Jan 2022 17:27:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "976e6f5df80f4e35"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 29 Jan 2023 17:27:54 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 8A58 5 KB
2 KB 247ms
121ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 80599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1727
x-xss-protection: 0
server: sffe
date: Sat, 29 Jan 2022 17:27:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "423ab13fb6ff63c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 29 Jan 2023 17:27:54 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 8A58 40 KB
13 KB 247ms
122ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 80627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12843
x-xss-protection: 0
server: sffe
date: Sat, 29 Jan 2022 17:27:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08cf721d9e54e414"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 29 Jan 2023 17:27:26 GMT

GET
DATA 200
OK truncated
/ Frame 8A58 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1451ee6689bb7b5d7a1178a8463049bec9f06ff87a25828256a418ab73df275d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5119273549943013263
tpc.googlesyndication.com/simgad/ Frame 8A58 14 KB
14 KB 127ms
42ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5119273549943013263?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnS8UmmbTqpR6qIlOSRMzemwzQD7Q

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aab91e03195f6ed926bf4c021e99056cfb5e91a9865f0c6952548dbb23a5954e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:38:04 GMT
x-content-type-options: nosniff
age: 342789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13975
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 10:49:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Jan 2023 16:38:04 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8A58 2 KB
3 KB 124ms
39ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 22175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 31 Jan 2022 09:41:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8A58 295 B
757 B 123ms
39ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 21488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 31 Jan 2022 09:53:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8A58 0
0 81ms
81ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqyRa8bP2YZ2wH4qK7_UPzcWHuAW9ooTMTc356pH6CreC3LfqChABIPub1UlgleKQgqAHoAH6gr7PA8gBAqkCMkU4JuGzsj7gAgCoAwHIAwiqBI8CT9COOd8gtihndj8UImokveEeZCExYIKRGoZArmcAhLwUjw_T9LJzucVoeDbarQBQV7eio01ymMhJu5u0_nqVNk28ssB4bBDJJySnKu2MN5mnbYGXYG97XH3q2-DhYBmQsYiq6zmvrM1XqOp8gS1kNFIKY8fraz3qeKlshwfKJ8SBvZsvCZAMZ1XdQ683nNPbAUQi38zTyY8xoU2dJk-VuViYwmM3Cz3PJmOqo8YRBnKvF_zAxi31UD-ab88RacaDDIYCWNJ6VTDnHG4OHMjuCIuXH1pf13C2TD0jFflayH-__zjzjFMI-NFNFLyTCWq-pPniznOyO8NqpXCt8NoouSRD1xRygb1cHfJti-uiZsAEpuLHtu4C4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB-78wTCoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCb2wHSCAkIiOGAcBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNTgxMjM1NzM1MjMzNTA3NRjboiE&sigh=1SDGKYiPEQg&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 container.html Show response
ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 753B 6 KB
3 KB 87ms
40ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:51:13 GMT
expires: Mon, 30 Jan 2023 15:51:13 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032201141909000/ Frame A103 220 KB
60 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032201141909000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3a5dcc2dcf4364d3af72694d52da570a64059f757acb3ba9e67e72a0c0e5cbd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 407138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61509
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c1d9800ee305113f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:35 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032201141909000/v0/ Frame A103 16 KB
6 KB 147ms
146ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032201141909000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 18:59:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "919adc590e0ff503"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 18:59:49 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032201141909000/v0/ Frame A103 96 KB
29 KB 139ms
138ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032201141909000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 420684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 18:59:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c52208c2e07002d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 18:59:49 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032201141909000/v0/ Frame A103 5 KB
2 KB 148ms
147ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032201141909000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 407138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76a8c96b6aaec2c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:35 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032201141909000/v0/ Frame A103 42 KB
13 KB 149ms
148ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032201141909000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 407138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13611
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 22:45:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7aefe3fe93cc7383"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 22:45:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A103 8 KB
888 B 94ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 14:16:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 15:51:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 15:51:13 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A103 2 KB
2 KB 163ms
38ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 22176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 31 Jan 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A103 295 B
319 B 162ms
36ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 21489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 31 Jan 2022 09:53:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A103 0
0 81ms
81ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNap_8bP2YZCOH6O6lQe8sImACMu5ushn5Kio9swMz7m5-PMcEAEg-5vVSWCV4pCCoAegAY3X7JgDyAEJqQIyRTgm4bOyPuACAKgDAcgDCqoEjwJP0E1_FxFx9hwEqQvLl30-9pQJGq8prXmh4b4Kgxpczv1nBe8ZK1HRPBTTe9pzJEQcxbhMOFuS1-ojRa9hVU9SOGWwtVrQlTU0vD6bcSyYMGRiWOqIPyUMcQhURrQJe3Q45t1-iE8dQTBWfUCTu-csTk7Y1LrFfY-wSxuARZDYYtCxJ8Vil9h4uDJMXC_1HmcHgmIk_fkhhSxWFQ0rIRirCO2TXng2YFCQ0uRfv_tKl2Y06Hj_j8gOrjgaePH4G--BbSprqBjKvF2vSR47mvA1Y1VsqLTrcWYy_sLfSvV9TOPNvSqOO9pV4XVaTqp19wmqJ4ZQzNKAA0gqUr7yVSD7fkfpaJpwaeNRrRDg9xsTwATZh56NhwPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH26iTZ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEMjaAdIICQiI4YBwEAEYHYAKA8gLAbgTiCfYEw3QFQGAFwGyFx4KHAgAEhRwdWItNTgxMjM1NzM1MjMzNTA3NRjboiE&sigh=n9-K2wj54Vw&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10852431218550182233/ Frame A103 6 KB
6 KB 55ms
40ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10852431218550182233/downsize_200k_v1?w=195&h=102

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f61df7e2e9d9ed5566a8054d238a9cd5c119307b4abb3411dd527a76822fa6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 08:43:04 GMT
x-content-type-options: nosniff
age: 112090
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6199
x-xss-protection: 0
last-modified: Mon, 17 Aug 2020 11:37:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 29 Jan 2023 08:43:04 GMT

GET
DATA 200
OK truncated
/ Frame A103 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A103 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A103 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7429bbb6e441779ffb6c4e1d576d35c8e9cd92be8562a6017e10e67090437523

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame A103 28 KB
28 KB 88ms
41ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 18:14:29 GMT
x-content-type-options: nosniff
age: 423405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 18:14:29 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8A58
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

90ms
80ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.newser.com
URL: https://www.newser.com/
Protocol: H3
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Sun, 30 Jan 2022 15:51:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8A58 2 KB
2 KB 36ms
36ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 22176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 31 Jan 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8A58 295 B
319 B 38ms
38ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 21489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 31 Jan 2022 09:53:05 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 753B 4 KB
634 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
URL: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 14:21:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 15:51:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 15:51:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8B6C 8 KB
888 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
URL: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 14:21:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 30 Jan 2022 15:51:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jan 2022 15:51:14 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 8B6C 1 KB
875 B 36ms
36ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
URL: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:49:42 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 8B6C 18 KB
7 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
URL: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:49:20 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 8B6C 2 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
URL: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:47:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:47:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 8B6C 14 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
URL: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:50:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:50:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8B6C 0
0 60ms
46ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSofvMlqmXgCrpxK4CaFKXbvhmlul0C3XdLMkEkHK9y7DTMy7YRJgSjPrzjx51N2S8LA4pu
Requested by: Host: ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
URL: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B6C 123 KB
38 KB 151ms
50ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
URL: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 15:51:14 GMT

GET
H2 200 4b5ee2b4ff5a9298bcc39e4df8189ef4.js Show response
www.gstatic.com/mysidia/ Frame 8B6C 27 KB
12 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
URL: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 16:51:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11337
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 01:51:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 16:51:04 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame 753B 18 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
URL: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7952
x-xss-protection: 0
server: cafe
etag: 4804491876264876803
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:19:21 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 753B 205 B
296 B 131ms
48ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
URL: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:11:23 GMT
x-content-type-options: nosniff
age: 146391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 Jan 2023 23:11:23 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 753B 604 B
918 B 131ms
48ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
URL: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 14:59:41 GMT
x-content-type-options: nosniff
age: 3093
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 30 Jan 2023 14:59:41 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 77D3 143 B
163 B 88ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
URL: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:03:04 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 77D3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

3904ms
3903ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
URL: https://ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 30 Jan 2022 15:51:18 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Jan 2022 15:51:18 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 30 Jan 2022 15:51:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8A58 42 B
64 B 75ms
74ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZypgjfHinwhyOheYHFinSXesNOza9urqI3vOoXaTCJZEPM0YFrQXeuGv0JCzFIxVIIjifyKDeYzjip1Iv08-7rbXEs8sO8SoIl2ca0dR7l5CvZ_hvBw&sai=AMfl-YT7hoveCEzz8MLDJg4pdLFjcSPNDUb3SpOXbXUO2thum4vc1TBv3yNavhyi08b7YVJhn60QFfFsQB6JaqDXokRJMarlMiRLrpvQhHN8pnMWmkTeMg3DKKeuP-v9MB8D&sig=Cg0ArKJSzN1GfBVheMcKEAE&cid=CAASPeRoggK-jusWKB0qehdzSJ9Ipz82v8dnNW700AAarWlYyCWXaVM3cs557zlLeqeXAE2lUkTg-snXy5e4YjA&id=ampim&o=561,55&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=402&tls=1402&g=100&h=100&tt=1402&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2039480262

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A103 42 B
64 B 113ms
112ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4CbDvSfFeaO6Kg5_w70bElfH0hCf0W5UpzhY-HLXbynnnrkMhPawF44G0F9tmU6PHcTiV6_YtcrKtHdtE8gsV--_AzIBBwlq1BdCCdrrhLalV3nc4EYferCy6PbxGG15Hm-X_Nmxf-uXp&sai=AMfl-YT-X3dVzY6Pct32lAnjtMefNtFZ5N6WKWpaAT1WSNqodhMx9eFwEuw45R04rjtBzmoWq0oqMvsTAaTjCF9_zrbq8TDOof4vn2uI0kzZnnNzQugFC7gXq4b8NCzGFN4&sig=Cg0ArKJSzC6VWY5zo_HLEAE&cid=CAASPeRoamdNnd-Vz73mx9xHBbc1LKNy6vPjskg4_LLySUHIAF-TiVSnEh2BfWgneT-M0O6rRa-NKgenKtz4BQE&id=ampim&o=315,684&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=290&tls=1290&g=100&h=100&tt=1290&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2039479053

Requested by

Host: www.newser.com
URL: https://www.newser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ 146 B
582 B 110ms
109ms XHR
application/x-amz-json-1.1 3.237.107.58

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.237.107.58 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 389f5b4181ea4948bc216ce0a13096a4d247a20ca10720b65c9b5e97b72b3daa

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIA44GIABD57PYVUX6G/20220130/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e09ae1d15a0388374cfd0787b28e3f236514732205f707742e5b1e43b59ac357
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: bcde118da3408c6d2f56045c057dfa0f6fc4b4336d27fc9fcbcf441eaf332a98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer: https://www.newser.com/
X-Amz-Target: Kinesis_20131202.PutRecords
X-Amz-Date: 20220130T155118Z
X-Amz-User-Agent: aws-sdk-js/2.387.0 callback

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
x-amzn-RequestId: c70210cd-6183-de02-9d72-a6fb8c2d59be
Date: Sun, 30 Jan 2022 15:51:18 GMT
Content-Length: 146
x-amz-id-2: Sme86LhPWdDC/OBVljt9g+BNVc62hGR2DOAAJP3X0UJhkHo037sYlC8FtEhu6xK96OCD9k94OPIHNNt6VoJAp0svjZpoAqGO
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 310ms
99ms Preflight 3.237.107.58

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.237.107.58 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Origin: https://www.newser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-amzn-RequestId: f05d93fa-7ee3-eb8e-aa2d-25cc934d6c32
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Date: Sun, 30 Jan 2022 15:51:18 GMT
Content-Length: 0

GET
H2 200 p Show response
i.simpli.fi/ 774 B
1 KB 15ms
15ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp

Requested by

Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=3056&m=1&referrer=http://www.newser.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

3277d7a7c8c0fb5274d1dac1434ac912b8860f057bd651ba2e2f819f5be53935

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 94ms
49ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62a41d590bfbfacbeb7dd55fd599a3dd910bca1090e06ccdf4afc7bc1d9ab597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jan 2022 15:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9046
x-xss-protection: 0

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=20169B320D604170B5202615FB8BC7ED&dongle=yf3
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=20169B320D604170B5202615FB8BC7ED&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=

37 B
354 B

11ms
10ms

Image
image/gif

13.248.245.213

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=20169B320D604170B5202615FB8BC7ED&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 13.248.245.213 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7969&xuid=20169B320D604170B5202615FB8BC7ED&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=
date: Sun, 30 Jan 2022 15:51:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=20169B320D604170B5202615FB8BC7ED

43 B
183 B

353ms
100ms

Image
image/gif

2600:1f18:612b:4200:3aa:8894:1069:c551

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=20169B320D604170B5202615FB8BC7ED
Protocol: H2
Server: 2600:1f18:612b:4200:3aa:8894:1069:c551 -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:18 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=20169B320D604170B5202615FB8BC7ED
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:51:18 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=20169B320D604170B5202615FB8BC7ED
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=20169B320D604170B5202615FB8BC7ED

95 B
425 B

20ms
19ms

Image
image/png

35.227.248.159

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=20169B320D604170B5202615FB8BC7ED

Protocol

Server

35.227.248.159 -, , ASN (),

Reverse DNS

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:18 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=20169B320D604170B5202615FB8BC7ED
date: Sun, 30 Jan 2022 15:51:18 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=20169B320D604170B5202615FB8BC7ED
https://d.agkn.com/pixel/10751/?che=1643557878&ip=185.213.155.169&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164960304047000341559
https://um.simpli.fi/aa_px?sk=164960304047000341559

43 B
361 B

14ms
14ms

Image
image/gif

169.50.137.182

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164960304047000341559

Protocol

Server

169.50.137.182 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:51:18 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164960304047000341559
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nexage
um.simpli.fi/ 43 B
409 B 59ms
14ms Image
image/gif 169.50.137.182

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 29 Jan 2022 15:51:18 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=20169B320D604170B5202615FB8BC7ED

0
0

60ms
10ms

Image
text/html

18.66.248.92

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=20169B320D604170B5202615FB8BC7ED
Protocol: H2
Server: 18.66.248.92 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=20169B320D604170B5202615FB8BC7ED
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:51:18 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 17ms
14ms Image
image/gif 169.50.137.182

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 29 Jan 2022 15:51:18 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 17ms
14ms Image
image/gif 169.50.137.182

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 29 Jan 2022 15:51:18 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=20169B320D604170B5202615FB8BC7ED;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=20169B320D604170B5202615FB8BC7ED;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTMyODIyNDk0Mzg1OTYwOTg4Mw==
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOmQNm91qmmLI6L8lOCah14&google_cver=1

43 B
388 B

27ms
19ms

Image
image/gif

2600:1901:0:8eee::

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOmQNm91qmmLI6L8lOCah14&google_cver=1
Protocol: H2
Server: 2600:1901:0:8eee:: -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:17 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOmQNm91qmmLI6L8lOCah14&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=20169B320D604170B5202615FB8BC7ED&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=20169B320D604170B5202615FB8BC7ED&j=0&xl8blockcheck=1

0
755 B

29ms
29ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=20169B320D604170B5202615FB8BC7ED&j=0&xl8blockcheck=1
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:18 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sun, 30 Jan 2022 15:51:18 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=20169B320D604170B5202615FB8BC7ED&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 18ms
15ms Image
image/gif 169.50.137.182

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 29 Jan 2022 15:51:18 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=20169B320D604170B5202615FB8BC7ED

0
421 B

413ms
95ms

Image
text/plain

3.216.159.172

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=20169B320D604170B5202615FB8BC7ED
Protocol: HTTP/1.1
Server: 3.216.159.172 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 30 Jan 2022 15:51:18 GMT

Redirect headers

date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=20169B320D604170B5202615FB8BC7ED
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:51:18 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=20169B320D604170B5202615FB8BC7ED

62 B
603 B

237ms
179ms

Image
image/gif

104.90.192.27

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=20169B320D604170B5202615FB8BC7ED
Protocol: HTTP/1.1
Server: 104.90.192.27 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 15:51:18 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=20169B320D604170B5202615FB8BC7ED
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:51:18 GMT

GET
H2

200

tpid=20169B320D604170B5202615FB8BC7ED
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=20169B320D604170B5202615FB8BC7ED
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=20169B320D604170B5202615FB8BC7ED

49 B
735 B

41ms
41ms

Image
image/gif

52.30.140.199

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=20169B320D604170B5202615FB8BC7ED
Protocol: H2
Server: 52.30.140.199 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:18 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.20.8
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:18 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=20169B320D604170B5202615FB8BC7ED
cache-control: no-cache
x-server: 10.45.15.135
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=20169B320D604170B5202615FB8BC7ED

0
348 B

61ms
20ms

Image
text/plain

72.251.249.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=20169B320D604170B5202615FB8BC7ED
Protocol: HTTP/1.1
Server: 72.251.249.14 -, , ASN (),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:51:18 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=20169B320D604170B5202615FB8BC7ED
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:51:18 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=20169B320D604170B5202615FB8BC7ED

0
66 B

61ms
20ms

Image
text/plain

35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=20169B320D604170B5202615FB8BC7ED
Protocol: H2
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:18 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=20169B320D604170B5202615FB8BC7ED
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:51:18 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1643557878423&cv=7&fst=1643557878423&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1071816753&cv=7&fst=1643557878423&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1071816753&cv=7&fst=1643557878423&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1071816753&cv=7&fst=1643557878423&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...

42 B
548 B

134ms
50ms

Image
image/gif

2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1071816753&cv=7&fst=1643557878423&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9rP2YZCHIa3Z7_UPuZm7oAI&cid=CAQSKQCNIrLMxwr9C-BCVOkFltP8b9_OLdcLYrnYcji8MbOWHgLZ9O5Rf41I&random=3506276573&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1071816753&cv=7&fst=1643557878423&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9rP2YZCHIa3Z7_UPuZm7oAI&cid=CAQSKQCNIrLMxwr9C-BCVOkFltP8b9_OLdcLYrnYcji8MbOWHgLZ9O5Rf41I&random=3506276573&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=20169B320D604170B5202615FB8BC7ED
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=20169B320D604170B5202615FB8BC7ED&__user_check__=1&sync_id=76b52786-81e4-11ec-a646-1f057aaa0506

43 B
548 B

17ms
16ms

Image
image/gif

185.94.180.125

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=20169B320D604170B5202615FB8BC7ED&__user_check__=1&sync_id=76b52786-81e4-11ec-a646-1f057aaa0506
Protocol: HTTP/1.1
Server: 185.94.180.125 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 15:51:18 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 30
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sun, 30 Jan 2022 15:51:18 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=20169B320D604170B5202615FB8BC7ED&__user_check__=1&sync_id=76b52786-81e4-11ec-a646-1f057aaa0506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 131
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=20169B320D604170B5202615FB8BC7ED
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D20169B320D604170B5202615FB8BC7ED

43 B
1 KB

23ms
23ms

Image
image/gif

37.252.172.249

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D20169B320D604170B5202615FB8BC7ED

Protocol

HTTP/1.1

Server

37.252.172.249 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:51:18 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d9296eed-139b-4efe-928f-55e7f9c53d71
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Jan 2022 15:51:18 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 17b8554b-3265-476e-a22d-adf7862c5ae9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D20169B320D604170B5202615FB8BC7ED
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=20169B320D604170B5202615FB8BC7ED&expires=365

0
239 B

610ms
154ms

Image
image/gif

8.39.36.141

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=20169B320D604170B5202615FB8BC7ED&expires=365
Protocol: HTTP/1.1
Server: 8.39.36.141 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 5daa34953a867809056448757b76591b
Content-Type: image/gif

Redirect headers

date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=20169B320D604170B5202615FB8BC7ED&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:51:18 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=20169B320D604170B5202615FB8BC7ED

43 B
274 B

51ms
20ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=20169B320D604170B5202615FB8BC7ED
Protocol: H2
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:18 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=20169B320D604170B5202615FB8BC7ED
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 29 Jan 2022 15:51:18 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEBd5qvuOJ96CwcdBQbrrfDA&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=20169B320D604170B5202615FB8BC7ED
https://um.simpli.fi/g_match?id=

0
320 B

14ms
14ms

Image
text/plain

169.50.137.182

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

169.50.137.182 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 29 Jan 2022 15:51:18 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 15:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 15:51:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9910 13 KB
5 KB 37ms
37ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:50:56 GMT
expires: Mon, 30 Jan 2023 15:50:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 762D 783 B
534 B 48ms
48ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1511c8b8bc8ee529d636fbac20778e2b25ab69bd6fc5f79fb4d46a8e69c0a13d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dpzFlkbQaltTHL5dxgl9PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 30 Jan 2022 15:51:18 GMT
date: Sun, 30 Jan 2022 15:51:18 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-dpzFlkbQaltTHL5dxgl9PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 762D 0
0 87ms
87ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012601&jk=1065205181353160&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9910 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 20:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 242155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 20:35:23 GMT

GET generate_204
tpc.googlesyndication.com/ Frame 9910 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012601&jk=1065205181353160&bg=!HB-lH1vNAAY6OBv_Ojg7ACkAdvg8WseeoUc7eApGx4M6kM-VbrizULif8GW_OwHyKGyCiPbR6Pe3ggIAAABEUgAAAANoAQcKAB3xNE6u-mXJOcy_j6WlqcgvzkpSaUsPO9kV6HTx25kCufaCPZngL7nc7xKjLgwrf1negqhxjN5LSsZxibj4QBhKwgFlaxjozBaTInFGeijKi3gUfEcsva0jraI0ht8exS1tRLoH1H_lF6yZZEQRpnOOM3koitJqZVLWoLNdE_RtCng8JN34BQtU20BmchYItYpPEEP2nqcq8M2CDUZ1etL4QRD8LFwQyT9dybPLpl7vRoyQtdvuArF8dFTki7N9zt-CtvD1HlzSlT88A19t5ZM6ERDdyOTQOYbge87ryX_q8We3-aeyyM-FiHNVEokfYEGROlhuckVikQzZLM9QPrzuyJrMc0eFtvRfmIxBWmEcN-lhNUMstM57aaNT-lG8xS9b3rSXi0s-ZxW5Vd29llj591iA9GdZ-08EEgkjvgEoptPKpRvE_0AOiQr_aBnU5An67rj3JfPBqpQZtqr3OkwJHzLaGJIag3HLxmmry35CjAjt1_z6s8EgIHmozGppvr2bgfuGW2LOpVEfsQ3KhZ4mpJ8tR7wsZj56QChGr9sQNlkIpuefMb2uRvdPjmv5O_PKf5vr9SqYi6d34V28LmQZO28x1O65Ik-t_-OQhc9CAyiUvVfsDQAOQklZqqUjL5SseVPhGsmgsfjuIjlnwxgDUXHHUk5CmQCRGp1aG7qxSpnM4nSTrSIszgR0tlPg_DUQVpnqWmTY5eJD3QIso1ekKZM8VHlw2HNxcjVQSuwkRwdn6NxJ2G_jEmCqhjfoCX2sd6Wm_2h48jmyzkc-MzaYaim_iEuz5Np_XoykTJu1MKoHmA9TV7VR_33VaYovi5A1tEzRWt3Nn26PgTAVD-Mnjhia6egtqxcMVYh2OmsgW3pzY40AEA1Et--X9-0BOXR-p49IoLNFW6K_BtlWjKAOa4_x50flYq0HdsDTc9EYGXu18Ece_gFz26P5d2O91zzfnt81SriGanU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jan 2022 15:51:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?rBIVew

Verdicts & Comments Add Verdict or Comment

633 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.newser.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 01eynhzsl4loygoutebszdah
www.newser.com/	1970-01-23 16:08:37	Name: USERCREDENTIALS Value: EMAIL=&PASSWORD=&USERID=0&VISITORID=1558941134&VISITORCLASSIFICATION=P
.simpli.fi/	1970-01-20 09:19:40	Name: suid Value: 20169B320D604170B5202615FB8BC7ED
www.newser.com/	1970-01-20 10:01:25	Name: _cb_ls Value: 1
.scorecardresearch.com/	1970-01-20 17:49:25	Name: UID Value: 1B78f50d1aeb8b71dd65bb61643557872
.newser.com/	1970-01-20 18:03:49	Name: __utma Value: 116631449.1277182562.1643557873.1643557873.1643557873.1
.newser.com/	1969-12-31 23:59:59	Name: __utmc Value: 116631449
.newser.com/	1970-01-20 04:55:25	Name: __utmz Value: 116631449.1643557873.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.newser.com/	1970-01-20 18:03:49	Name: __utmv Value: 116631449.\|1=PWA=N=1^4=OrigRef=direct=1^5=UserClassification=P=1
.newser.com/	1970-01-20 00:32:38	Name: __utmt_pageTracker Value: 1
.newser.com/	1970-01-20 00:32:38	Name: __utmt_eventTracker Value: 1
.newser.com/	1970-01-20 00:32:39	Name: __utmb Value: 116631449.2.10.1643557873
www.newser.com/	1970-01-20 09:54:13	Name: usprivacy Value: 1---
.quantserve.com/	1970-01-20 10:02:52	Name: mc Value: 61f6b3f0-ef81e-ebbca-1651b
.newser.com/	1970-01-20 09:57:06	Name: __qca Value: P0-848342062-1643557872961
www.newser.com/	1970-01-23 16:08:37	Name: PWA Value: N
www.newser.com/	1970-01-20 10:02:52	Name: __atuvc Value: 1%7C5
www.newser.com/	1970-01-20 00:32:39	Name: __atuvs Value: 61f6b3f030f0ffce000
www.newser.com/	1970-01-20 10:01:25	Name: _cb Value: CPqKoEBxzEg6sm4hs
www.newser.com/	1970-01-20 10:01:25	Name: _chartbeat2 Value: .1643557873116.1643557873116.1.C-p-XO5m53PBJdpe7C2eNDWD1kIij.1
www.newser.com/	1970-01-20 00:32:39	Name: _cb_svref Value: null
.addthis.com/	1970-01-20 10:02:52	Name: uvc Value: 1%7C5
www.newser.com/	1970-01-23 16:08:37	Name: AB Value: N
.addthis.com/	1970-01-20 10:02:52	Name: loc Value: MDAwMDBFVURFTlcyMzIyMTg4ODAwMjAwMDBDSA==
www.newser.com/	1969-12-31 23:59:59	Name: g36FastPopSessionRequestNumber Value: 1
engine.4dsply.com/	1969-12-31 23:59:59	Name: IKSR Value: {}
engine.4dsply.com/	1969-12-31 23:59:59	Name: INF_DFL8 Value: false
engine.4dsply.com/	1970-01-23 16:11:30	Name: IUID Value: 94e4927a-4bc0-437f-b1b7-13f0ada55943
engine.4dsply.com/	1969-12-31 23:59:59	Name: ISSH Value: 60F357
engine.4dsply.com/	1969-12-31 23:59:59	Name: VMI Value:
engine.4dsply.com/	1970-01-23 16:11:30	Name: CHN Value: #[]
engine.4dsply.com/	1970-01-23 16:11:30	Name: MSSH Value: #{}
engine.4dsply.com/	1970-01-23 16:11:30	Name: MSRH Value: #{}
engine.4dsply.com/	1970-01-23 16:11:30	Name: ILP Value: null
engine.4dsply.com/	1970-01-23 16:11:30	Name: ILPLU Value: #1/1/0001 12:00:00 AM
engine.4dsply.com/	1970-01-23 16:11:30	Name: ILEALC Value: #1/1/0001 12:00:00 AM
engine.4dsply.com/	1970-01-20 00:32:52	Name: ILMPF Value: #False
engine.4dsply.com/	1970-01-23 16:11:30	Name: IPMPLU Value: #
engine.4dsply.com/	1970-01-23 16:11:30	Name: IPMUID Value: #
engine.4dsply.com/	1970-01-23 16:11:30	Name: BSWUID Value: #
engine.4dsply.com/	1970-01-23 16:11:30	Name: IBL Value: #[]
engine.4dsply.com/	1970-01-23 16:11:30	Name: ISH Value: #{"1148":[{"SId":"60F357","D":"22/1/30T7:51:13"}]}
engine.4dsply.com/	1970-01-23 16:11:30	Name: ISH_Q Value: #[1148]
.doubleclick.net/	1970-01-20 09:54:13	Name: IDE Value: AHWqTUlFKxQwM6Qgt9_8y3sgM5_LvHBH9AwTMXIa-PDzQ3BboQi6uMC9_16xasmdh_w
.newser.com/	1970-01-20 09:54:13	Name: __gads Value: ID=781e18fd164a278c-222d4df32ecd00f7:T=1643557873:S=ALNI_MaUj3vbI4quZFwW4_DNDv_rCVFrmQ
.doubleclick.net/	1970-01-20 00:32:41	Name: DSID Value: NO_DATA

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other	warning	URL: https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/032201141909000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=20169B320D604170B5202615FB8BC7ED Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=20169B320D604170B5202615FB8BC7ED Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
adservice.google.com
adservice.google.de
api.ipify.org
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn.ampproject.org
cdn.engine.4dsply.com
cdn.intergi.com
cdn.intergient.com
ce.lijit.com
cm.g.doubleclick.net
config.playwire.com
connect.facebook.net
d.agkn.com
eb2.3lift.com
ee36b528bd9f4c49479abaa9ba6b95bf.safeframe.googlesyndication.com
engine.4dsply.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
img1-azrcdn.newser.com
img2-azrcdn.newser.com
kinesis.us-east-1.amazonaws.com
load77.exelator.com
loadm.exelator.com
loadus.exelator.com
m.addthis.com
mb.moatads.com
newser.com
pagead2.googlesyndication.com
pbid.pro-market.net
ping.chartbeat.net
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
rddywd.com
rules.quantcount.com
s7.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
ssl.google-analytics.com
stags.bluekai.com
static.chartbeat.com
static1-azrcdn.newser.com
static2-azrcdn.newser.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
syndication.twitter.com
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
v1.addthisedge.com
www.google.com
www.google.de
www.googleadservices.com
www.googleapis.com
www.googletagservices.com
www.gstatic.com
www.newser.com
z.moatads.com
s7.addthis.com
tpc.googlesyndication.com
104.244.42.8
104.90.192.27
13.224.197.4
13.225.80.38
13.248.245.213
142.250.184.226
169.50.137.176
169.50.137.182
172.217.18.98
18.66.248.92
184.30.24.121
185.94.180.125
216.58.212.130
2600:1901:0:8eee::
2600:1f18:612b:4200:3aa:8894:1069:c551
2600:9000:20eb:3400:12:4abd:d340:93a1
2600:9000:20eb:4400:6:44e3:f8c0:93a1
2600:9000:20eb:5c00:1a:1459:5cc0:93a1
2600:9000:20eb:6e00:14:2602:6e80:93a1
2600:9000:20eb:b000:18:1fcd:34f:cdc1
2606:2800:234:59:254c:406:2366:268c
2606:4700:3035::6815:40f1
2606:4700::6810:9e11
2620:116:800d:21:fcb8:22d2:d390:5f1b
2620:1ec:46::45
2620:1ec:bdf::45
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9c
2a02:6ea0:c700::10
2a03:2880:f02d:100:face:b00c:0:3
3.122.111.84
3.216.159.172
3.222.213.29
3.237.107.58
3.68.148.208
34.252.133.182
34.254.143.3
35.227.248.159
35.244.159.8
35.244.174.68
37.252.172.249
40.114.51.62
52.30.140.199
54.91.59.199
72.251.249.14
8.39.36.141
92.122.255.233
010f79ff223b1327fe3cdf6917e85bb107ea03962c191dbc4ac8f7dbf3f90bfb
02990729bbbb066fccf5f274626c1f0f7e7edbaeaa2d15451fb7062a7264377b
034b0077589cb2fdf5f045f587740877d385374de54fb733c7626bb1119a67ce
04230c3031ba7b616cd9f7c720d87023387dd16cf74c56188edc2049de753bc8
04321424ef276f3762e2cc09dd99a03188d641f3a2cd02d0c8c08b7b95799f24
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
055a79615ea3b8aed4be585c1d66cbe69395e3653b8e9944c01d18c128242c3b
059e5a44ec9f8bab93a45cbf617ac529605f99891cfe7f5e9cb19a5b4cf9cdfe
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
0629f743a7f2e66a09dbb03908062b6a53a33133525eb19471b930a048e6aa43
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
097f27605ca0d079486d606eb3ab573a5685710b4f6d9d906327bcbffa45bec5
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b7fd6d5e58c021a19ea46b59a1f91f7596fe7e5df982282a2f3a70b3e35638c
0c82e3739d9fd652c6ac2d8a3745d4a35fbd7a9277b0ef2b2885c1db030c3cb8
0d06df2e703c6ea6489fa19139cfd5f375495183c4145762127dfb5208f2540d
0e95603a1b75398990e8e6c8396068f556799d4efcbe58671ddceb1ab5ba0fc8
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
134c165adca320e5fe0db5fa155e5bd92a55b44879c0dc3c6b9f0a9fe343d994
13aff0812c49276fdb1ef2b2292b396ce5e3325a7c13e9582212577d2f0ce975
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1451ee6689bb7b5d7a1178a8463049bec9f06ff87a25828256a418ab73df275d
14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f
1511c8b8bc8ee529d636fbac20778e2b25ab69bd6fc5f79fb4d46a8e69c0a13d
1794ce66c6f7b83e3a027cc5b104ad113159a32529a70e3380d47f6e09dbfff5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185b7539076b9f8d807c5740180aac4e2a4b3bc2912b4e9485950ccddb4cb39e
1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0
1b38f2172e240cd582d97f048c5e8cb35554e3c405d03fa229b4e82c3f01438a
1ba7d96e96816ad55477d28aa986a4a867c7531d2168feb5066585dd94195743
1be3ecbdae57ca411ab97f5447e69535659b58815f06d4b9790d403f2fc8356b
1fa72666b437fd3fc5a9283ad1b7d64ca681f2a4e7508d1de0eaad6e0bf10750
21349b60e999f29bb11fd1384e57ea43faf7bb39d7822e81c1e30de505663228
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
23130a986b2d780260ca7295774432d7c5ee94cf277a8052a136b910b05f120e
23248ff4b7464d9f03a44d8ca0738f1c418f0e002b3431a33eb78da15eea8d03
237a4fa7a3bc563cc5806f5d26917eb241fb6f2176fcc094e342c473016cedf2
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
286e0981e7354c418fc0334ddf4b3b8fb930b623c5b67d41ed1a5bfe6fbaf2c8
2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762
2c51afdc0fd95e6e553d0a5f3ecc8f517f4f6efb240053d5bcee8cb43e811b58
2cddcc76dd7b01e07130b647637c2c81f27ab4a0214973a010e712813f311138
2dd76b128ad19839d224eb21e2f208e9894bea040b9429bf695eb32d511e6e21
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba
2ff8684ee0e3acfe08494f09ab05494bc7cc842af6834e3877eb160a949f0c7e
307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb
316f775333e0567a2ea23141b96349652855962025964f0ba097c64c06fb639a
31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b
3277d7a7c8c0fb5274d1dac1434ac912b8860f057bd651ba2e2f819f5be53935
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3740532989eefa6c15895ca294973e460770de8e660850efc95cd560d817a1bc
389f5b4181ea4948bc216ce0a13096a4d247a20ca10720b65c9b5e97b72b3daa
3aaa5c9fc7d99f8a956ca2481a72f36d142246ad42f68d6ba90ac4edb95a7515
3b556e6cee32c4b0c80ef893fd00eaea90330b3a127a8dffecabbedaf6aba7c5
3bbf185a378e69925f774e6d5844a9884d37561698c585cc9b748cea127c2c2f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f9ebf128c9383c5fc8f3a73439f0e2dfb997f34318383e554b124e37c319c2e
3ff1c2b22a22f605896511bca1355785ea2ed61d904a4220c49da9112008fc0a
411626d5e8eb3616fad95e39e91afe59dcfd424b9492c2c43c76a5199dc69768
41f9fdd28cd3937d5e42d631b42b9779215ffafe8bf13e9472c4583d94265f7c
41fa061fd8a72f16e9eee21d78b071c6bca68ddc63ca4df9588986ecc62dae28
43a9d053c33ab061ab1cc70ddeebb86270a32c7db64742a1326852d81c0df9e0
4475d2347dac904117a6f94f0c6ae4de9c7c022f44731afa213e4ea9ae86c0a1
44da54fd69c8966482bc49d3744fff0a7fd944dc2dd5732d9f710da7df4329bf
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
486ab000e859d030da7f768b4c96401d995b79f5b8620eefaafcc2cfcbdd057c
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
49f8584d1d0dbff1c1347ad1db13ef74f8edd89e3f6ccdb5636e3c7b0ca8ea6b
4a517e84097a36e411922caf77510661b58ae21755bd2927057916420e0c4dc4
4a5d81507b6b90d018c7b1ad981d08416582cd454c72a8d93ece700f92f24936
4aa42d7442c394096d40efad6d8d533232c025738083b5c07b34691696888dd1
4acb147613215546355b164d0c0d22b09873bd655aeace6b19b4760fd0cac803
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5
4cf78867a393a23274a43383286db269486ae19f44c656c4d6b9061d14fc95bc
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d51312ee5a72f1a96b6b5dc7c3bad427a65c0cab8812e49bb40018919232f67
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
4e5703b23d96dbffc24fa6f316bad0cfc3d8221f487d45fdbeceb8b26c85b14b
4e7305acb88ef6d07c54958cfa21ab76ce94e637678140ac4abf5ebc3ae76a92
4e7fc8052650e22f03ac26e86cb617119d57ec5d3198b8559e3cf433b279e99f
50bd57f4bdc1ee6ea9a3457cd38b3c0cb3f8293230f579da45e43fb5d66d5fca
5122ba93a9303c1dd09b760b3195122db1beef3b3d673b2274ec5ff2e8512ad1
51b3d1a2d7433f93d0cd3dfcf5838e7221e07329c4806adc9d860e788a17d4fc
5347c78f51c7cf4a4e84d4be12317338a93ff8da7df24519360728769e48a91b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594deea2cdcf15cb176a4cf6bcfb074ba22cc55c698833db25a8ac30d5ede92c
5aefa167c7b8f3305b610d93f3a198818ade815d5f9150df9fbedf00b34b705a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c8e2b63593c31e87391f96f1a9b4b1c19b67966e560256a40cea1ac6c51307b
5d4fdbd46d6083390a561c90d45d68d23843ec3053b58e25fa3cc702a87b2b7a
5ec80b688833a13ec1a4799e36cfb5d3d3cf8ce76917ad2b36a32cda0e9386c1
607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba
62a41d590bfbfacbeb7dd55fd599a3dd910bca1090e06ccdf4afc7bc1d9ab597
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
658032138bb2e1a026be5f4f3bc8923d522b2aa591175b7887f5bdb6caae4cb1
65db3d75c61bd51568b39a016efa0cb90f3df0514fcfb6ca65c83892d66e1691
69c11828cc2905f5ddbfd2b0d8f78a685c5b7a3502f5235887a22c91b5da6ee9
6ccd35debd97aeb571fe1ef51527c921c9790ea3b3e2a466ddacfe5cc5e02705
6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14
714f7ca1e900b9c6cb9e4f395e0c18198004690a6ee756a416a172c2ed9414eb
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
73f0cc9da2374ff54b9647526db4113ab88116b60f6e72ca118cd10b291fae24
7429bbb6e441779ffb6c4e1d576d35c8e9cd92be8562a6017e10e67090437523
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77c997e2ca9694c65e3ec1cbb1a8c7a82f6fbdfee8d560d36084bedf90e3cca7
78df9e9e47f5809e3438e700f53dd96ae52a3751c8b6f15f68c16f98f8aab900
798f04d4f989a6f4062a630a1e1d642749391b9d4d8ec416f6554c0bc3bbf408
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95
7d900ebc614ac1d2adfe556578ff35cd8ba0b821dbf70aefe901684e22e29008
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
870c196156856ec66eb4e1d7b376eca50e218883c93775524484b4fe4603f5ed
89b437689e6221d2ec4d9d2b45490f39d542322fb882c996a5fe7fec1b047d62
8b38afb8226ce92ae65edd3bb8011a83628178ca577ef4a2148f0c99a1d80e4f
8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192
8c853ed75b7345b3d2d9f5af9fb56be87fef7bcf2863f8836345ec318396758d
8cd898214e275702c8334ad5a771326582c3298ddf418760b09b8b6d043289d8
8db3cdae20a2cc55562a300687c0e6863a51e53c9735457ad313c09f501422c7
8eef6ec74a5d580cc3f8147131f97094fed7507ad69b79c23fc74f7bde66f421
93f0ec34228e9151b334449d32c5d17945e69fcf81c2579da92c11ea892d8927
94360a6ab3ea5a75cb34a06ef2ff905d7ea0a7dc43eefcff9b6f90e737fa4e41
9464c8837610579e5ac316fc46c1e136c65433f989cf1c6a30c62e840e258348
9769b09b9532fb94b22909364ad7ab7dc2683f4575ef1ee606cb3a6db73748f2
978f69abae4d7fa60114fcea9ee790caa3599e4aa961d630bf8204e8ceb883b4
97dde2799af977e4004e45c29b84b8be9b26ed417ef708b702b34af287ff254d
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
9a1c965417bb6122a80900a20c8fdfb7cf87cd495713c142d93d3c07a64e75cb
9d5019bd2fae955cf530cf7f1a6d48a40595abadfa86a956c118b2c97e9d4779
9da3111da1b3998343d9494f461bc6d38b46947e5651ad71e5c455f9713f7cb3
9dd77e07919ca643d4e7976497fda21e4484c64936e15b54ad6c348257af48f8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86
a162db4d4ec665954b0c34e7fdec5dc2c7f1f42b54072683b5d5cccfcaf3b11d
a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67
a3a5dcc2dcf4364d3af72694d52da570a64059f757acb3ba9e67e72a0c0e5cbd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a5a55d04b4ac5561544c97f9d552b1e45ecfdab797c37d2b1e5d941b8648c4ff
a5e0a2f44a9b19aab51c0429ab10594535ded41e004c5dc2ebdcf022b84b1944
a62348491ab317874ea90c67adea37df3ca6ff3c768af7c293c019ebae858d42
a67c13f917d49cb6abae4b521e55f61a83da2c4b5ba4393b4e59acc954be1c20
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
a87d4c2682d10f0750f0e1142e25fce055f0ae596c7a277bbaf2427ddae146bc
a8f20718bcf79ae5797599afb4e59612f2bb75334dc8d40aa8a56d21417ac73c
a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6
aab91e03195f6ed926bf4c021e99056cfb5e91a9865f0c6952548dbb23a5954e
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac95d8cf8cb82ae4d077cb942c54f3a130d83902cd407743a770c6b34c4d98b9
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae
ae016db0ac37e888abe7b814b86cc2a309055e3f5eeb3d3b0be63009661b3c98
ae9bbf46f555cadf47a513b7b2dc08dee5744046a8a1fd645a6250710f8857ae
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc
af9661ddc030cee02bfbd41baf7608e14327ce95a3199e6714dd8d3a12f21c71
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
b427bf3f448caf3677fabce3ccdbfd6b0d832362665297b8c392efec64c6ee4b
b4fb0434eba77c4e60becbf6a700e1b1f53f8ecc7331a59fb38f1d8771b7efa6
b889e344c4f8d84fbcb58cea388201a47caaab2ab9fcb6769a01b2152b9304e2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9b673f70e36909c34e071263c99d8fdade84b1ced55968c3b658ea5c3f0fa8
bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703
bc779eca15675ccd4bf6aa23f0e6d04638f805f346d46092add71be913fa621d
bd51c6d77f3f20cc41d472110d0bde8dbf406f754773eec6103d40bf5c9df0c1
bddc841f91f5c39676abff8eed53be5c5a23cb2fde6051b72caf1b758e487d64
be045d5a8274db64724bbb9a8c2846e2247c17ec9ea7e13f2a319dde7626ec8e
bed31c2062d8bcd1167d1be160c5d65dbf8b1ea2a75fe7f91a5396fe71e51cc0
bf93cf51f40cdffc7e84c2267d234704d29fe9941fd22a738c0fea22f221f82b
c00e4b444e4089660152f10bb0cf87d45be907756bf33150841afc2f8a69d791
c0d8c7a6bf76c57da334c1b75724fbb20f592e5040c9088779bc21ed33b177a7
c0e2de1910c51b9146fec0cc847f64b28a62b86f030e1ea05a7d8b05c130dc9f
c14bc74eb84a60374cafb46143c0b2ea118ce9622b75c12cd7196fc129cd8a5c
c3a99bb651bce59ca498c2c9c97290408da53d49dc917232ed4a0dadf10a57e5
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c6147bd9ef55a8d63dc00d57f9bbf6aa9577e5baff33b6a0e11242b1ee588294
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7dff2266b8de79be9543dc8c2aff1b841cdfd58ac0d59c082d9e6f3db5d43f2
c86dd20594d0c4ac6874b84f72ca727f390e0c2948807088a789ddaf38ea5f07
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7cd2a4608296a9ff32e81e120d27a5a37a77f7e67079efba169b43a8743ea2
cb1d81dcdd0c75501b06b9ed426e48509ee709ce4883fcc8ba3a2e1b42d0646d
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cba00eeef256b0662dfe41916464ddbd5c1b30f701e8373b760e0cbaf425c98e
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
cd894fd0d07d985171809c5a1bc653a3388ced6b2e32a44e53c63fc1ea30cec9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c
d27516c986b068ec31188f9787d4489255df48361ff089c815b8c2aec5a1bb9c
d4b287e248a1bb66341367e98c58dd2c3ea543ca857717ddb94485a174dcdb63
d5ee43ffd22efce6a405cb805a86f3f6c28c7ed9b4a9427a2e10fad69accf2ef
d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7996ae15bbdf9fa23302679f82c6341f27dcbf3709e6d033c3e3f3ae7876b24
d8396d650599691373314b1cf6fb728df811aba509f8a9bfc0b2499a89da3aab
d8f64ca73c0faaf5d9d1e56252a2d89a23262ea516e7d731adaf5f255d4081a3
d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211
d97e795abc94a584e788c78eaa25a21d61935d7d514fa04655ddadd8e0a44896
da4cf27b9fe0ae190ef96fdbd0d9cc1a69d561ae0172d4d38bf10380d4d33957
da8a4f547b33fd0f6139098d6945e4a4868fcad70204ab34aa4e49bb41a90c01
dd93a97df4a101c9d0b60d1e6ab6ce5a33c8e00b10d4f2f0fdba7554faffd73b
e07fac4323e918dbe03b5112e649861c72aeb3e596ef9acbedeaaec547f529ef
e10b19c837b2c17d7e4b3cb62a9646323d4d0829b88bdb922aa6296dbca9e4cc
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc
e40d12b256074d2ba43d1e8098a8bc039e3197ce0fd446a5ced2b9234f741d5c
e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca
e4ad92e954944eac3807c7f50b2c213d8ddc2bc8a1324ed8986a733d4196e94a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d27c512409b83116fcdfae6070d5bc7611c9d162f29555944972e9f4a94922
e755eee43bcdcb69b3f7b2dbff081a9af26e9da32c92ec2f175ac0efe0f51423
e990f8a7023db06444f9552e7bde007060d0e1e86b72ae845f24471bce3339e5
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
ed368cad0bbc6e127f5fb037181b2e55eb59258a4d995901b380888630ec2df5
ee860898fcc938895b1b12a278cb8f997f65b23214b102ba2c42738a028f1a17
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3
f33f6446320fb034227d51337ec86a0f263cb1ed53e4275cae2fb55b322504cc
f414033c9b93d7223d3651dc723bf66c6c368d2a6616f4500b300e805efc4419
f61df7e2e9d9ed5566a8054d238a9cd5c119307b4abb3411dd527a76822fa6ca
f807b7652390cbf0f3caef0abc752e93c026cf7d2c46fa8e20b9e3f3a2dfd867
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fa2f0e9c789e85c558c08a5b84edbc14ebd795915d13987a53032214e8fc3b1a
fb0da9c5679e4e04fe036c10e42d93ed5a9a3a8f632db1cfdcdf6352ee4ff789
fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fd9059540c5bb32f45b021521cd9f463b6ce7cb74d39d1477ce9e7181b8ac3c3
fe443970eb7a49a4749815af2e1002e4b65aac7635a1ea7a92b9ef708e3cac4a
febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8
ff76febbb198182768c97dc65c99a48194b9f837e8aea60b94c6f9b776e51977
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4

www.newser.com Open in urlscan Pro 40.114.51.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

284 Requests

92 %HTTPS

50 %IPv6

46 Domains

70 Subdomains

57 IPs

5 Countries

6547 kBTransfer

11179 kBSize

46 Cookies

4 Outgoing links

Redirected requests

284 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newser.com Open in urlscan Pro
40.114.51.62 Public Scan

Screenshot
Live screenshot

Full Image

284
Requests

92 %
HTTPS

50 %
IPv6

46
Domains

70
Subdomains

57
IPs

5
Countries

6547 kB
Transfer

11179 kB
Size

46
Cookies

284 HTTP transactions
4 data transactions