newsday.pages.dev Open in urlscan Pro
172.66.47.123 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newsday.pages.dev/
Submission: On May 10 via api (May 10th 2024, 8:55:21 pm UTC) from US — Scanned from DE

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 42 IPs in 9 countries across 41 domains to perform 50 HTTP transactions. The main IP is 172.66.47.123, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsday.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on May 10th 2024. Valid for: 3 months.

This is the only time newsday.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	172.66.47.123 172.66.47.123	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::720	54113 (FASTLY) (FASTLY)
1	89.191.224.65 89.191.224.65	205220 (RHC-HOSTING) (RHC-HOSTING)
3	2a00:1450:400... 2a00:1450:4001:828::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:3a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.194.62 151.101.194.62	54113 (FASTLY) (FASTLY)
2	2a04:4e42:8e::84 2a04:4e42:8e::84	54113 (FASTLY) (FASTLY)
1	95.217.73.111 95.217.73.111	24940 (HETZNER-AS) (HETZNER-AS)
1	18.173.154.23 18.173.154.23	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::6819:e10d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.129.91 151.101.129.91	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1487	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	192.124.249.2 192.124.249.2	30148 (SUCURI-SEC) (SUCURI-SEC)
1	151.101.130.207 151.101.130.207	54113 (FASTLY) (FASTLY)
2	2a04:4e42:200... 2a04:4e42:200::367	54113 (FASTLY) (FASTLY)
1	172.67.73.150 172.67.73.150	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:12::1730:17bb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	64.227.174.144 64.227.174.144	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:440... 2606:4700:4400::ac40:911d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:e96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	87.236.16.222 87.236.16.222	198610 (BEGET-AS) (BEGET-AS)
1	18.66.192.54 18.66.192.54	16509 (AMAZON-02) (AMAZON-02)
1	18.66.188.54 18.66.188.54	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e53	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.67.71.193 172.67.71.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225b:fc00:1d:d7f6:39d3:d9e1	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.118 172.217.18.118	15169 (GOOGLE) (GOOGLE)
1	89.191.224.69 89.191.224.69	205220 (RHC-HOSTING) (RHC-HOSTING)
1	2600:9000:237... 2600:9000:237d:ea00:1d:b722:f80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c77... 2a02:6ea0:c77e::4	60068 (CDN77 _) (CDN77 _)
1	184.171.245.226 184.171.245.226	33182 (DIMENOC) (DIMENOC)
1	185.32.188.5 185.32.188.5	62416 (PTSERVIDOR) (PTSERVIDOR)
1	172.240.108.84 172.240.108.84	7979 (SERVERS-COM) (SERVERS-COM)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
50	42

2 172.66.47.123 (United States)

ASN13335 (CLOUDFLARENET, US)

newsday.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

antivirus.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::720 (United States)

ASN54113 (FASTLY, US)

imgix.bustle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.191.224.65 (Bromley, United Kingdom)

ASN205220 (RHC-HOSTING, GB)

www.designfootball.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:3a5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cinemaclock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.62 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.73.111 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: server.atyaf.co

suarapalestina.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-23.muc50.r.cloudfront.net

editorial01.shutterstock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:e10d (United States)

ASN13335 (CLOUDFLARENET, US)

www.elgrafico.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

thumbs.dreamstime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1487 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

a.espncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.2 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10002.sucuri.net

www.stretfordendarising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.207 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.albawaba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::367 (United States)

ASN54113 (FASTLY, US)

i.guim.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.guim.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.73.150 (United States)

ASN13335 (CLOUDFLARENET, US)

publicholidays.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:12::1730:17bb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.theglobeandmail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.174.144 (Bengaluru, India)

ASN14061 (DIGITALOCEAN-ASN, US)

jagrancricket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:911d (United States)

ASN13335 (CLOUDFLARENET, US)

s01.sgp1.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:e96 (United States)

ASN13335 (CLOUDFLARENET, US)

www.edarabia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.236.16.222 (St Petersburg, Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.elliot.beget.com

holidays-today.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-54.muc50.r.cloudfront.net

guitar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.188.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-188-54.muc50.r.cloudfront.net

d1bvpoagx8hqbg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00::214:8e53 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.nexilia.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.71.193 (United States)

ASN13335 (CLOUDFLARENET, US)

perezhilton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:fc00:1d:d7f6:39d3:d9e1 (United States)

ASN16509 (AMAZON-02, US)

ia.media-imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.118 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.191.224.69 (Bromley, United Kingdom)

ASN205220 (RHC-HOSTING, GB)

www.footballshirtculture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:ea00:1d:b722:f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.images.express.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c77e::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.hobbyconsolas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.171.245.226 (United States)

ASN33182 (DIMENOC, US)
PTR: server24.mcmedios.com

bloguit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.32.188.5 (Portugal)

ASN62416 (PTSERVIDOR, PT)
PTR: trinity.ptservidor.net

www.neymarjr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.108.84 (United States)

ASN7979 (SERVERS-COM, US)

abruptlydummy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tse3.mm.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tse4.mm.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	632 KB
2	bing.net tse3.mm.bing.net — Cisco Umbrella Rank: 8699 tse4.mm.bing.net — Cisco Umbrella Rank: 8637	51 KB
2	guim.co.uk i.guim.co.uk — Cisco Umbrella Rank: 17144 static.guim.co.uk — Cisco Umbrella Rank: 34048	1 MB
2	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 1942	141 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3044 maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1103	39 KB
2	pages.dev newsday.pages.dev	17 KB
1	abruptlydummy.com abruptlydummy.com
1	neymarjr.net www.neymarjr.net	124 KB
1	bloguit.com bloguit.com	203 KB
1	hobbyconsolas.com cdn.hobbyconsolas.com — Cisco Umbrella Rank: 356167	184 KB
1	express.co.uk cdn.images.express.co.uk — Cisco Umbrella Rank: 55496	33 KB
1	footballshirtculture.com www.footballshirtculture.com	420 KB
1	media-imdb.com ia.media-imdb.com — Cisco Umbrella Rank: 42350	87 KB
1	perezhilton.com perezhilton.com — Cisco Umbrella Rank: 217964	141 KB
1	nexilia.it static.nexilia.it	75 KB
1	cloudfront.net d1bvpoagx8hqbg.cloudfront.net	174 KB
1	guitar.com guitar.com — Cisco Umbrella Rank: 300996	258 KB
1	holidays-today.com holidays-today.com	278 KB
1	edarabia.com www.edarabia.com — Cisco Umbrella Rank: 505907	43 KB
1	digitaloceanspaces.com s01.sgp1.cdn.digitaloceanspaces.com	51 KB
1	jagrancricket.com jagrancricket.com	137 KB
1	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 1214	141 KB
1	theglobeandmail.com www.theglobeandmail.com — Cisco Umbrella Rank: 113186	32 KB
1	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 14945	40 KB
1	publicholidays.nl publicholidays.nl	308 KB
1	albawaba.com www.albawaba.com — Cisco Umbrella Rank: 596856	33 KB
1	stretfordendarising.com www.stretfordendarising.com	126 KB
1	espncdn.com a.espncdn.com — Cisco Umbrella Rank: 3825	81 KB
1	dreamstime.com thumbs.dreamstime.com — Cisco Umbrella Rank: 21832	194 KB
1	elgrafico.mx www.elgrafico.mx — Cisco Umbrella Rank: 313023	223 KB
1	shutterstock.com editorial01.shutterstock.com — Cisco Umbrella Rank: 424575	147 KB
1	suarapalestina.com suarapalestina.com	60 KB
1	gannett-cdn.com www.gannett-cdn.com — Cisco Umbrella Rank: 11240	39 KB
1	cinemaclock.com www.cinemaclock.com — Cisco Umbrella Rank: 973085	305 KB
1	designfootball.com www.designfootball.com	256 KB
1	bustle.com imgix.bustle.com — Cisco Umbrella Rank: 62711	76 KB
1	antivirus.my.id antivirus.my.id	715 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	24 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	964 B
0	fbsbx.com Failed lookaside.fbsbx.com Failed
0	world-guides.com Failed www.world-guides.com Failed
50	41

	Domain	Requested by
5	i.ytimg.com	newsday.pages.dev
2	i.pinimg.com	newsday.pages.dev
2	newsday.pages.dev
1	tse4.mm.bing.net	newsday.pages.dev
1	tse3.mm.bing.net	newsday.pages.dev
1	abruptlydummy.com	antivirus.my.id
1	www.neymarjr.net	newsday.pages.dev
1	bloguit.com	newsday.pages.dev
1	cdn.hobbyconsolas.com	newsday.pages.dev
1	cdn.images.express.co.uk	newsday.pages.dev
1	www.footballshirtculture.com	newsday.pages.dev
1	ia.media-imdb.com	newsday.pages.dev
1	perezhilton.com	newsday.pages.dev
1	static.nexilia.it	newsday.pages.dev
1	d1bvpoagx8hqbg.cloudfront.net	newsday.pages.dev
1	guitar.com	newsday.pages.dev
1	holidays-today.com	newsday.pages.dev
1	www.edarabia.com	newsday.pages.dev
1	s01.sgp1.cdn.digitaloceanspaces.com	newsday.pages.dev
1	jagrancricket.com	newsday.pages.dev
1	static.guim.co.uk	newsday.pages.dev
1	pbs.twimg.com	newsday.pages.dev
1	www.theglobeandmail.com	newsday.pages.dev
1	1.bp.blogspot.com	newsday.pages.dev
1	publicholidays.nl	newsday.pages.dev
1	i.guim.co.uk	newsday.pages.dev
1	www.albawaba.com	newsday.pages.dev
1	www.stretfordendarising.com	newsday.pages.dev
1	a.espncdn.com	newsday.pages.dev
1	thumbs.dreamstime.com	newsday.pages.dev
1	www.elgrafico.mx	newsday.pages.dev
1	editorial01.shutterstock.com	newsday.pages.dev
1	suarapalestina.com	newsday.pages.dev
1	www.gannett-cdn.com	newsday.pages.dev
1	www.cinemaclock.com	newsday.pages.dev
1	www.designfootball.com	newsday.pages.dev
1	imgix.bustle.com	newsday.pages.dev
1	antivirus.my.id	newsday.pages.dev
1	maxcdn.bootstrapcdn.com	newsday.pages.dev
1	code.jquery.com	newsday.pages.dev
1	fonts.googleapis.com	newsday.pages.dev
1	stackpath.bootstrapcdn.com	newsday.pages.dev
0	lookaside.fbsbx.com Failed	newsday.pages.dev
0	www.world-guides.com Failed	newsday.pages.dev
50	44

This site contains no links.

Subject Issuer	Validity	Valid
newsday.pages.dev GTS CA 1P5	`2024-05-10` - `2024-08-08`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
antivirus.my.id E1	`2024-05-02` - `2024-07-31`	3 months	crt.sh
images-acceptance.weedmaps.com Certainly Intermediate R1	`2024-05-07` - `2024-06-06`	a month	crt.sh
designfootball.com cPanel, Inc. Certification Authority	`2024-03-18` - `2024-06-16`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
cinemaclock.com E1	`2024-04-28` - `2024-07-27`	3 months	crt.sh
usatoday.com R3	`2024-03-29` - `2024-06-27`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
suarapalestina.com R3	`2024-03-15` - `2024-06-13`	3 months	crt.sh
*.shutterstock.com Amazon RSA 2048 M02	`2023-07-11` - `2024-08-07`	a year	crt.sh
elgrafico.mx E1	`2024-04-15` - `2024-07-14`	3 months	crt.sh
thumbs.dreamstime.com R3	`2024-05-09` - `2024-08-07`	3 months	crt.sh
a.espncdn.com Entrust Certification Authority - L1K	`2023-09-21` - `2024-09-30`	a year	crt.sh
stretfordendarising.com Go Daddy Secure Certificate Authority - G2	`2023-07-19` - `2024-07-19`	a year	crt.sh
www.albawaba.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-01` - `2024-12-02`	a year	crt.sh
theguardian.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-14` - `2024-12-15`	a year	crt.sh
publicholidays.nl Cloudflare Inc ECC CA-3	`2024-04-10` - `2024-12-31`	9 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
www.theglobeandmail.com DigiCert EV RSA CA G2	`2024-05-09` - `2024-11-20`	6 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
jagrancricket.com R3	`2024-03-18` - `2024-06-16`	3 months	crt.sh
*.sgp1.cdn.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-19` - `2025-05-07`	a year	crt.sh
edarabia.com E1	`2024-04-27` - `2024-07-26`	3 months	crt.sh
holidays-today.com R3	`2024-03-25` - `2024-06-23`	3 months	crt.sh
guitar.com Amazon RSA 2048 M01	`2023-10-04` - `2024-11-01`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
secure.mosai.co R3	`2024-04-03` - `2024-07-02`	3 months	crt.sh
perezhilton.com E1	`2024-04-25` - `2024-07-24`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2024-01-05` - `2024-12-08`	a year	crt.sh
footballshirtculture.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-05` - `2024-11-08`	a year	crt.sh
cdn.images.express.co.uk Amazon RSA 2048 M02	`2023-08-31` - `2024-09-27`	a year	crt.sh
www.hobbyconsolas.com R3	`2024-04-08` - `2024-07-07`	3 months	crt.sh
*.bloguit.com R3	`2024-03-20` - `2024-06-18`	3 months	crt.sh
neymarjr.net R3	`2024-04-14` - `2024-07-13`	3 months	crt.sh
abruptlydummy.com R3	`2024-03-25` - `2024-06-23`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://newsday.pages.dev/
Frame ID: 639605F6B4AA8068DF3A239BC6DEFA0E
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

News Day

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

96 %
HTTPS

46 %
IPv6

41
Domains

44
Subdomains

42
IPs

9
Countries

6690 kB
Transfer

6909 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
newsday.pages.dev/ 32 KB
8 KB 165ms
116ms Document
text/html 172.66.47.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsday.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d3bb933dc0bae36549227bd885b6ef0e92d2f79384a22b85d652f0e65bd61e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 881cd43fec2b9156-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 10 May 2024 20:55:15 GMT
etag: W/"b49e01aa10bfec531bb27296940b531d"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R97tirRTrb4uXrjinGElOv8V%2FycGIjKSVWXqTd%2BHP25zfvPzL3MisOBToqUeOD%2BZN6E3J28Aqf16YQdZ5Hv7%2F1l8dYDAjFjDvwiqmA%2BUtotNa5ZsyVVkNeACMTlPpiN205wTJg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
25 KB 92ms
45ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Origin: https://newsday.pages.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 752
strict-transport-security: max-age=31536000; includeSubDomains; preload
cdn-cachedat: 03/18/2024 12:28:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 497fd49ccc895213d91eefa7e7c39bef
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 881cd4411de79f16-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 2 KB
964 B 101ms
32ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdbcbb6ab7680b6f7ee6f09ff2a54b0e8e3eb6e758efb1c0a7fe5e71fb0da118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 May 2024 20:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 May 2024 20:04:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 May 2024 20:55:15 GMT

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 93ms
24ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Origin: https://newsday.pages.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:15 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 657136
x-cache: HIT, HIT
content-length: 23856
x-served-by: cache-lga21963-LGA, cache-fra-etou8220030-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1715374515.401647,VS0,VE0
etag: W/"28feccc0-10fdd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 13, 18697

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
15 KB 103ms
57ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Origin: https://newsday.pages.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 1048
strict-transport-security: max-age=31536000; includeSubDomains; preload
cdn-cachedat: 03/18/2024 12:46:36
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9a631ccd8742f805c7b674b9d8f47a67
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 881cd4411aba71ac-FRA
cdn-requestpullsuccess: True

GET
H3 200 us.js Show response
antivirus.my.id/ 287 B
715 B 142ms
73ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://antivirus.my.id/us.js

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

463b7afcdb5e0023ee76d46a4362aa6bb85eb0bcc2bd52edf6fe8ac5e66ed3d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:15 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3492dad1f0e92f474f9cd61dc39ab92b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q17qOCXxanw5zqWvYzXs7Y7j56wQbCG4vlC4IsIrDoIZYNg2DRjS32AbBvvsBEGZIxnILi%2BMLlWavMGQMvGR2GolxEo7EnX6QWaakLo03sZ91RHAYQjqNpLbcuxsJzHjOi4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 881cd44149791e6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 c6a2b093-37a5-4ff5-b9a2-51188a8ffec2-getty-1246417478.jpg
imgix.bustle.com/uploads/getty/2023/3/30/ 76 KB
76 KB 282ms
179ms Image
image/avif 2a04:4e42:400::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgix.bustle.com/uploads/getty/2023/3/30/c6a2b093-37a5-4ff5-b9a2-51188a8ffec2-getty-1246417478.jpg?w=800&fit=crop&crop=faces&auto=format%2Ccompress

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

8ab5b050e9e4f37e82fb96d3fd781390e794343662ea0ae8237c859505f4ecd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:15 GMT
x-content-type-options: nosniff
age: 5234
x-cache: HIT, MISS
x-imgix-id: 266bfe9d7abf27b76b1863c74e97fc06dbe4eec0
cross-origin-resource-policy: cross-origin
content-length: 77749
x-served-by: cache-sjc10024-SJC, cache-fra-etou8220073-FRA
last-modified: Fri, 10 May 2024 19:28:01 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK oxfordu1_20130315_1776018949.jpg
www.designfootball.com/images/joomgallery/originals/football_crests_8/ 255 KB
256 KB 212ms
57ms Image
image/jpeg 89.191.224.65
RHC-HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.designfootball.com/images/joomgallery/originals/football_crests_8/oxfordu1_20130315_1776018949.jpg
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 89.191.224.65 Bromley, United Kingdom, ASN205220 (RHC-HOSTING, GB),
Reverse DNS
Software: Apache /
Resource Hash: 44a12b38aa7b9ae83398dc943fa14f808b91c24b789a2f8e12c893839c09ab32

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 10 May 2024 20:55:15 GMT
Last-Modified: Fri, 15 Mar 2013 13:05:27 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 261627
Expires: Sat, 10 May 2025 20:55:15 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/SwnKxdMY7mI/ 93 KB
93 KB 229ms
128ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/SwnKxdMY7mI/maxresdefault.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9634d63763cb1478394452d15fdf8352d09b1f47355cbeec376f59317f5880a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:15 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95252
x-xss-protection: 0
server: sffe
etag: "1675968850"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 May 2024 22:55:15 GMT

GET
H2 200 the-princess-bride-1987-us-poster.jpg
www.cinemaclock.com/images/posters/1000x1500/17/ 304 KB
305 KB 839ms
739ms Image
image/jpeg 2606:4700:20::681a:3a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cinemaclock.com/images/posters/1000x1500/17/the-princess-bride-1987-us-poster.jpg
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:3a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b40738900917d1d3201fdae685115e08d876bb3261699b8898b38e728d3ba25

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Jun 2016 14:20:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "946242f09ee05ae6-4c0be-535dea358f086"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AKCXigVodp5gX3AXpP0HsO4M9s2vbK9YuPftRFSfNW7DvivHKY0%2BucbCNdpH5DCbhPOSMVdQHyzPvj0uGyaP62sOoS8a0N5RGZZmzvj9qben9gRRlTBnhCiTJ1TmyKxEietb8Kmxiuj0xP6mfnoDpn4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 881cd4424bf21c05-FRA
content-length: 311486
expires: Sat, 10 May 2025 20:55:15 GMT

GET
H2 200 635966691686163960-unh-use.jpg
www.gannett-cdn.com/-mm-/64e1963df6c5d336eb3f80c4e94ed39e722d8264/c=77-70-614-374/local/-/media/2016/04/19/Nashville/Nashville/ 38 KB
39 KB 237ms
113ms Image
image/webp 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/-mm-/64e1963df6c5d336eb3f80c4e94ed39e722d8264/c=77-70-614-374/local/-/media/2016/04/19/Nashville/Nashville/635966691686163960-unh-use.jpg?width=3200&height=1680&fit=crop

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

26ae0bd56e700d8d1f6e2356fffbbb27ac160c4a9b4de6389b9c80f25b24b2f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by: vpop-kiad7010246
x-amz-meta-goog-reserved-file-mtime: 1461086818
age: 1233116
x-cache: MISS, HIT, MISS
fastly-stats: io=1
content-length: 38890
etag: "m17WmSPCHSWf4mubmBAQ4I/U/v5HiMbzKR1HOdNaeOg"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-checksum-crc32c: RY7WaA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 25, 0

GET
H2 200 b0d9a01bb176970a36af21b5fcbe5cd3.jpg
i.pinimg.com/736x/b0/d9/a0/ 41 KB
41 KB 74ms
27ms Image
image/jpeg 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/b0/d9/a0/b0d9a01bb176970a36af21b5fcbe5cd3.jpg
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5f5a71d65e62d39dfb3ca37ee06109620cc50aead1dd2c0e3a909cdfa6df0e61

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:15 GMT
x-cdn: fastly
etag: "57ac179164e498cd48139d89e5cd99db"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
x-amz-replication-status: COMPLETED
accept-ranges: bytes
alt-svc: h3=":443";ma=600
content-length: 41595

GET
H2 200 xr2LY.jpg
suarapalestina.com/img/830x506/ 60 KB
60 KB 236ms
95ms Image
image/jpeg 95.217.73.111
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://suarapalestina.com/img/830x506/xr2LY.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.217.73.111 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.atyaf.co

Software

nginx /

Resource Hash

1ce6578253f1a952bd25f326f38a4437b91061d0ce17ddaa6f2eebf6a8a0acf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 09 Jul 2024 20:55:15 GMT
date: Fri, 10 May 2024 20:55:15 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 07:28:07 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 61082
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 natalie-elphicke-mp-dover-uk-shutterstock-editorial-10513406j.jpg
editorial01.shutterstock.com/wm-preview-1500/10513406j/1b5ee352/ 146 KB
147 KB 427ms
58ms Image
image/jpeg 18.173.154.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://editorial01.shutterstock.com/wm-preview-1500/10513406j/1b5ee352/natalie-elphicke-mp-dover-uk-shutterstock-editorial-10513406j.jpg
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-23.muc50.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.30.0 /
Resource Hash: 2f37cd445754c0dab21ec9221dc05fddc0cafbddc1cf71df140036ec93e0731c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 19:28:01 GMT
via: 1.1 3721bbb571fa1179150d81f8194461ae.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu) mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.30.0
x-amz-cf-pop: MUC50-P3
age: 5234
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=900,public
alt-svc: h3=":443"; ma=86400
content-length: 149526
x-amz-cf-id: NN9S0aSxevDt6gvduye0rm1l3rrbg73o4p9v2cTDDblCTepcfaM0Aw==

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/Co8sugc0yh8/ 147 KB
147 KB 171ms
72ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Co8sugc0yh8/maxresdefault.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1f5675ece832cc5d56959a8a68694e78859735b4d62621fc5f0d7dd393c3992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:15 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 150018
x-xss-protection: 0
server: sffe
etag: "1472910628"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 May 2024 22:55:15 GMT

GET
H2 200 real_madrid_vs_bayern_munich.jpg
www.elgrafico.mx/sites/default/files/2018/05/01/ 222 KB
223 KB 805ms
707ms Image
image/jpeg 2606:4700:20::6819:e10d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.elgrafico.mx/sites/default/files/2018/05/01/real_madrid_vs_bayern_munich.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:e10d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8261f931ad538e9496d27891166792721762dab2bdf7d6df42cd56e0c7da647d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
level: AwsGraf:443
content-length: 227210
last-modified: Tue, 01 May 2018 18:39:12 GMT
server: cloudflare
etag: "3778a-56b29496176de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nCHkQvy7%2FLVBe%2BG6ivRjHm5N6NTWNT1clev19i7Dq2pVogRdEI1aCN9fiFSjamUvqvgfKq7hvlnrTmwB5evBdi%2FEuOYhMv2IfIsTgtmJomWhOcCTcfS5OweYjC2PzFNXOakJFY3ZefSCjYoOJ9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 881cd4424f19916b-FRA
expires: Fri, 24 May 2024 20:55:15 GMT

GET
H2 200 rio-grande-rio-grande-do-sul-brazil-august-naerial-view-rio-grande-port-located-southern-state-rio-grande-do-sul-108539731.jpg
thumbs.dreamstime.com/z/ 194 KB
194 KB 197ms
111ms Image
image/webp 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thumbs.dreamstime.com/z/rio-grande-rio-grande-do-sul-brazil-august-naerial-view-rio-grande-port-located-southern-state-rio-grande-do-sul-108539731.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1530d6546a788a32d97fb77581fccc3971fdc5500ad8926d82a7ca8f2fb2700e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000
via: 1.1 varnish, 1.1 varnish
date: Fri, 10 May 2024 20:55:15 GMT
fastly-io-served-by: vpop-kiad7010229
age: 1572788
x-cache: HIT, MISS
vcl-version: 30
fastly-stats: io=1
content-length: 198332
x-served-by: cache-iad-kiad7000101-IAD, cache-fra-etou8220102-FRA
server: nginx
x-timer: S1715374516.645410,VS0,VE88
etag: "KS1O32wRdJygZbcz3g9AO7zfWo0O8FerXgrF0JxT5TM"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 6, 0

GET
H2 200 r410802_1296x518_5-2.jpg
a.espncdn.com/photo/2018/0806/ 81 KB
81 KB 838ms
677ms Image
image/jpeg 2a02:26f0:3500:16::215:1487
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.espncdn.com/photo/2018/0806/r410802_1296x518_5-2.jpg
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1487 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9da2423569121d4529e64d411931731c2cc804accc6c55d147737b20dd0ba0ea

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
last-modified: Thu, 06 Sep 2018 23:36:02 GMT
server: AmazonS3
etag: "c78d3a317d340fca4d99f47324ef5de9"
edge-cache-key: r410802
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17084
accept-ranges: bytes
content-length: 82961

GET
H2 200 Joe-Rothwell-Joins-Oxford-United.jpg
www.stretfordendarising.com/blog/wp-content/uploads/2016/07/ 125 KB
126 KB 155ms
100ms Image
image/jpeg 192.124.249.2
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.stretfordendarising.com/blog/wp-content/uploads/2016/07/Joe-Rothwell-Joins-Oxford-United.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.2 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10002.sucuri.net

Software

nginx /

Resource Hash

753624d4f42977a6ded93a88f2191f6889976c8da7bdbb547563ffc5e70616cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: MISS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 127985
x-xss-protection: 1; mode=block
last-modified: Sun, 17 Oct 2021 13:25:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15002
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET brazil_rio_grande_norte_map.jpg
www.world-guides.com/images/rio_grande_do_norte/ 0
0

GET
H2 200 tuchel.jpg
www.albawaba.com/sites/default/files/styles/default/public/2023-11/ 32 KB
33 KB 110ms
38ms Image
image/webp 151.101.130.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.albawaba.com/sites/default/files/styles/default/public/2023-11/tuchel.jpg?itok=ooLAA-xf

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.207 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

611e1258137b568b0db3c0f34746b6aff2dd8454309f5f23239294b3254f513c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15768000
date: Fri, 10 May 2024 20:55:15 GMT
x-content-type-options: nosniff, nosniff
x-b3-traceid: 6293c3fe75a64599bc7e0a5007c1dd9f
fastly-io-served-by: img07-europe-west2
x-cache: HIT, MISS
fastly-io-info: ifsz=101448 idim=1200x800 ifmt=jpeg ofsz=32816 odim=1200x800 ofmt=webp
mrf-cache-status: HM
fastly-stats: io=1
x-b3-traceid-primal: 40de40b5692541c1be1177affa050505
content-length: 32816
x-xss-protection: 1; mode=block, 1; mode=block
x-served-by: cache-lcy-eglc8600079-LCY, cache-fra-etou8220056-FRA
mrf-tech: CDN
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.18.0 (Ubuntu)
x-timer: S1715374516.793998,VS0,VE14
etag: "+W7jb1DawCSm/O0+bnQOfr84gN+oxojZvP6Q82y5siA"
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept, User-Agent
content-type: image/webp
cache-control: public, max-age=8640000, stale-if-error=2592000
feature-policy: microphone 'none'
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 Steve-Albini-at-Face-the--010.jpg
i.guim.co.uk/img/static/sys-images/Guardian/Pix/pictures/2014/11/15/1416092875825/ 25 KB
25 KB 93ms
24ms Image
image/webp 2a04:4e42:200::367
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.guim.co.uk/img/static/sys-images/Guardian/Pix/pictures/2014/11/15/1416092875825/Steve-Albini-at-Face-the--010.jpg?width=1200&height=630&quality=85&auto=format&fit=crop&overlay-align=bottom%2Cleft&overlay-width=100p&overlay-base64=L2ltZy9zdGF0aWMvb3ZlcmxheXMvdGctZGVmYXVsdC5wbmc&enable=upscale&s=d403f780f6fc6884907ce8b85482b644
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb3fbb3b5010b07ca7756ead78d444547f447e7bd3004e18218fc4c2146881bb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:15 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: img05-europe-west2
age: 110939
x-cache: HIT, HIT
fastly-io-info: ifsz=33671 idim=620x372 ifmt=jpeg ofsz=25596 odim=1200x630 ofmt=webp
fastly-stats: io=1
content-length: 25596
x-served-by: cache-lcy-eglc8600051-LCY, cache-fra-etou8220041-FRA
server: AmazonS3
x-timer: S1715374516.818491,VS0,VE2
etag: "h7mOG5rmWbVFDDfdTS07+y2gxTpv8Ef/AahoD1C3xZg"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.theguardian.com
x-cache-hits: 1, 0

GET
H3 200 Netherlands_Dutch_AscensionDay_Output.jpg
publicholidays.nl/wp-content/uploads/2018/06/ 307 KB
308 KB 218ms
165ms Image
image/jpeg 172.67.73.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://publicholidays.nl/wp-content/uploads/2018/06/Netherlands_Dutch_AscensionDay_Output.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ba1335fb1de42998ac323c2af3d7936afdd67a2b6a269e87faa9518e1a9a143

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:15 GMT
content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 314475
cf-bgj: h2pri
last-modified: Mon, 25 Nov 2019 19:34:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zah6%2FydRx6xIcPNv2q%2F1i76VB61YYHq%2BiosoPKdXmOfBjbl8ie%2BQE3bT5L6TPGozZUVLKrDOl62EIfhgqKrCoq51bhnsb4XyKWBUFT3I66sVGALHKqcxuOzxxhFVKM1oWITwEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 881cd4440f889019-FRA
priority: u=4,i

GET
H2 200 eca7d4a15e7243492b2f6b708b86f472.jpg
i.pinimg.com/originals/ec/a7/d4/ 100 KB
100 KB 298ms
298ms Image
image/jpeg 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/ec/a7/d4/eca7d4a15e7243492b2f6b708b86f472.jpg
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a7ea54a8e99e76e0f1c972b4b9d49cddcce56386de57954aa03d4d7bdd29f10

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
x-cdn: fastly
etag: "1199aedacca17204b466e497589ae183"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443";ma=600
content-length: 102337

GET
H2 200 Bayer-Leverkusen-vs-AS-Roma.jpg
1.bp.blogspot.com/-F5CNVqRL_54/ViZeAehRzSI/AAAAAAAADHM/K_oLWRLiIjs/s1600/ 39 KB
40 KB 455ms
366ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-F5CNVqRL_54/ViZeAehRzSI/AAAAAAAADHM/K_oLWRLiIjs/s1600/Bayer-Leverkusen-vs-AS-Roma.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

02ec5f8850c6a124506dc4d389d750afad72a800a0ea8f2fca5b2ab763e519b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
x-content-type-options: nosniff
server: fife
etag: "vc74"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Bayer-Leverkusen-vs-AS-Roma.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40296
x-xss-protection: 0
expires: Sat, 11 May 2024 20:55:16 GMT

GET
H2 200 ZIMDMARM3NIHXD2OYZSMSLPVN4.jpg
www.theglobeandmail.com/resizer/LilCyf_Xu4feFkmiUBsRTFhwwW0=/1200x800/filters:quality(80)/cloudfront-us-east-1.images.arcpublishing.com/tgam/ 31 KB
32 KB 611ms
487ms Image
image/avif 2a02:26f0:3500:12::1730:17bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theglobeandmail.com/resizer/LilCyf_Xu4feFkmiUBsRTFhwwW0=/1200x800/filters:quality(80)/cloudfront-us-east-1.images.arcpublishing.com/tgam/ZIMDMARM3NIHXD2OYZSMSLPVN4.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6d06fb9e3635b690ea15c0a896857e4142934773e89bfbe013ae3af957e6521b

Security Headers

Name

Value

Content-Security-Policy

media-src https: blob:; connect-src 'self' https: blob: wss:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data: blob:;, upgrade-insecure-requests, media-src https: blob:; connect-src 'self' https: blob: wss:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data: blob:;

Strict-Transport-Security

max-age=86400

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

akamai-true-ttl: 31536000
content-security-policy: media-src https: blob:; connect-src 'self' https: blob: wss:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data: blob:;, upgrade-insecure-requests, media-src https: blob:; connect-src 'self' https: blob: wss:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data: blob:;
date: Fri, 10 May 2024 20:55:16 GMT
strict-transport-security: max-age=86400
last-modified: Fri, 10 May 2024 17:50:12 GMT
server: Akamai Image Manager
x-serial: 1469
etag: "ed37ba44dd9d22013d40439c8b6aea7908dd0bea"
x-arc-request-id: 0.bb163017.1715374516.10a321c0
content-type: image/avif
cache-control: private, no-transform, max-age=31524945
server-timing: cdn-cache; desc=HIT, edge; dur=367, origin; dur=0, ak_p; desc="1715374515911_389027515_279126464_36726_13364_36_116_146";dur=1
content-length: 32022
expires: Sat, 10 May 2025 17:51:01 GMT

GET
H2 200 CS0R6YwXAAA-h8B.jpg
pbs.twimg.com/media/ 140 KB
141 KB 938ms
849ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/CS0R6YwXAAA-h8B.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

2f046508bcbd63c1c91f3096bc5738e0cdf3e28fe5f83c3254f71a5cee80177f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 143327
x-response-time: 523
surrogate-key: media media/bucket/9 media/661204415068700672
last-modified: Mon, 02 Nov 2015 15:31:11 GMT
server: ECS (frb/6772)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: c7ac7e4c2404ce34
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7402827104
x-connection-hash: e8354a3e1ad9aa96ae0d1b56b746653846132a04c72fc83a846b5b31d1d33137
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Bayern-Munich-v-Arsenal-014.jpg
static.guim.co.uk/sys-images/Football/Clubs/Club_Home/2014/3/11/1394570499765/ 1 MB
1 MB 311ms
310ms Image
image/jpeg 2a04:4e42:200::367
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.guim.co.uk/sys-images/Football/Clubs/Club_Home/2014/3/11/1394570499765/Bayern-Munich-v-Arsenal-014.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

91a639870aef55c1a61db38bbf294a5072590cc0178f0348a031aae199cba665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: TQPHC30FCTTSCJ97
age: 0
x-cache: MISS
fastly-restarts: 1
x-amz-id-2: AHa5gySSosg1vuGaHF7mEoB1OOUYzl1TWPyQ3rBX1ci9tV+8Y5kRWB2Icl7p5XjxJAKLwUk2BZsbnFWllsfw7g==
x-served-by: cache-fra-etou8220041-FRA
content-length: 1527100
last-modified: Thu, 10 Mar 2016 23:13:26 GMT
server: AmazonS3
x-timer: S1715374516.854403,VS0,VE285
etag: "fc5c89e4cd5b6f1aca7ac652cec481ce"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 MI-vs-RCB-1.jpg
jagrancricket.com/wp-content/uploads/2023/04/ 136 KB
137 KB 541ms
173ms Image
image/jpeg 64.227.174.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jagrancricket.com/wp-content/uploads/2023/04/MI-vs-RCB-1.jpg
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.227.174.144 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx centminmod / centminmod
Resource Hash: 8b11f73a2876df65cb4a234c047514ffc39558d2ff4c3437199341377c40163a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
last-modified: Mon, 03 Apr 2023 12:40:28 GMT
server: nginx centminmod
etag: "642ac93c-22186"
x-powered-by: centminmod
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 139654
expires: Sun, 09 Jun 2024 20:55:16 GMT

GET
H2 200 142350-tqdisvlemg-1591169790.jpg
s01.sgp1.cdn.digitaloceanspaces.com/article/ 50 KB
51 KB 411ms
337ms Image
binary/octet-stream 2606:4700:4400::ac40:911d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.sgp1.cdn.digitaloceanspaces.com/article/142350-tqdisvlemg-1591169790.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53dab56b2bfeefa1eacf105f9a42d9d382106d9802875a077333fe3bb59fb999

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-amz-request-id: tx000000000000009a44177-00663e89b4-3db1653d-sgp1a
x-envoy-upstream-healthchecked-cluster
content-length: 51440
last-modified: Wed, 03 Jun 2020 07:36:31 GMT
server: cloudflare
etag: "c18563ec17a55144536da4291020ec00"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: binary/octet-stream
x-do-cdn-uuid: 3e079fc0-79db-44d9-9b2b-2467f388d713
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 881cd4450db91c73-FRA

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/B4frGLWvPdQ/ 51 KB
51 KB 102ms
101ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/B4frGLWvPdQ/maxresdefault.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34ae8a95daeba6b046934335aa01c924e58cf6b7aa8873a8f9e71cfe3c07dbe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:15 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52548
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 May 2024 22:55:15 GMT

GET
H2 200 ascension-day.jpg
www.edarabia.com/wp-content/uploads/2019/09/ 42 KB
43 KB 111ms
42ms Image
image/jpeg 2606:4700:10::ac43:e96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edarabia.com/wp-content/uploads/2019/09/ascension-day.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fae524581d4757da1e62b7cfa6489712ef56a64a68cf464ac5d7adad4d23e3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 06 Aug 2020 12:09:33 GMT
server: cloudflare
age: 194580
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 881cd4455ed69162-FRA
content-length: 43441
expires: Wed, 15 May 2024 14:52:16 GMT

GET
H2 200 33-630x420.png
holidays-today.com/holidays/wp-content/uploads/2019/02/ 278 KB
278 KB 266ms
69ms Image
image/png 87.236.16.222
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://holidays-today.com/holidays/wp-content/uploads/2019/02/33-630x420.png
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.222 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.elliot.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: a70f4c63469d7f6afecfd984d26f9da6b4c510e150ec7435fc45e4d4db22c496

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
last-modified: Sun, 23 May 2021 12:18:02 GMT
server: nginx-reuseport/1.21.1
etag: "60aa47fa-4561c"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 284188
expires: Sun, 09 Jun 2024 20:55:16 GMT

GET /
lookaside.fbsbx.com/lookaside/crawler/media/ 0
0

GET
H2 200 Elvis-Costello-Steve-Albini-Photo-Larry-Busacca-Getty-Images-Scott-Dudelson-WireImage@1400x1050-1392x1044.jpg
guitar.com/wp-content/uploads/2020/12/ 257 KB
258 KB 125ms
50ms Image
image/jpeg 18.66.192.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guitar.com/wp-content/uploads/2020/12/Elvis-Costello-Steve-Albini-Photo-Larry-Busacca-Getty-Images-Scott-Dudelson-WireImage@1400x1050-1392x1044.jpg
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-54.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dfc31e3c4705b5013c21e005af91e96b17a342df733f9f54bcad9b0d4e67640c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 16:43:28 GMT
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
last-modified: Mon, 25 Dec 2023 07:25:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 187909
etag: "267322fc5b78c944d42878a27275dce8"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=946080000
accept-ranges: bytes
content-length: 263075
x-amz-cf-id: pvyno_smROWZ6wmBxZa_Z8MDcsXH99Q91Dy4-y-R3VeSW8N17xD30g==
expires: Wed, 17 Dec 2053 02:46:50 GMT

GET
H2 200 madrid-e40b0a0bb69c3a3a0c20c8e74b52c3b9.jpg
d1bvpoagx8hqbg.cloudfront.net/originals/ 174 KB
174 KB 107ms
41ms Image
image/jpeg 18.66.188.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1bvpoagx8hqbg.cloudfront.net/originals/madrid-e40b0a0bb69c3a3a0c20c8e74b52c3b9.jpg
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-54.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: effc99647b47efb56d89133525837803bfc147e143127b376530e2723d056a90

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 07:37:57 GMT
via: 1.1 dcfe318aa268be733627ea7884246be4.cloudfront.net (CloudFront)
last-modified: Sat, 24 Sep 2016 01:55:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 479839
etag: "22b869fe9d2793ebe43da2ecbd77b209"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public ,max-age=31536000
accept-ranges: bytes
content-length: 177691
x-amz-cf-id: 12e24L_y83LAA9HT77DXU0XD5BttQ5FxkaIMfnvNsjqA91PmTfg_rw==

GET
H2 200 Leverkusen-Twitter-ufficiale.jpg
static.nexilia.it/alfredopedulla/2020/05/ 74 KB
75 KB 231ms
135ms Image
image/webp 2a02:26f0:ab00::214:8e53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nexilia.it/alfredopedulla/2020/05/Leverkusen-Twitter-ufficiale.jpg
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8e53 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: BunnyCDN-DE1-874 /
Resource Hash: 800e91cb9c73a62e1320867906225115b10a35f838e31106d93e53a7b58dc2d3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cdn-requestpullsuccess: True
date: Fri, 10 May 2024 20:55:16 GMT
x-downloadsize: 94802
cdn-edgestorageid: 1054
x-bo-processingtime: 6
cdn-cachedat: 05/10/2024 20:55:16
cdn-pullzone: 2181148
content-length: 75984
x-bo-server: DE-264
last-modified: Fri, 10 May 2024 20:55:16 GMT
server: BunnyCDN-DE1-874
cdn-requestpullcode: 200
cdn-proxyver: 1.04
access-control-max-age: 86400
x-bo-origindownloadtime: 11
content-type: image/webp
cdn-cache: BYPASS
access-control-allow-methods: GET,POST
cdn-uid: d6585431-3dfd-460d-b276-e5ff87b981fc
cache-control: max-age=7776000
x-bo-compressionratio: 19.85%
access-control-allow-credentials: false
access-control-allow-origin: *
cdn-requestid: 710870c232bacdeaf01cca605895f20b
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: *
expires: Thu, 08 Aug 2024 20:55:16 GMT

GET
H2 200 justin-bieber-hailey-pregnant-860x871.jpg
perezhilton.com/wp-content/uploads/2019/04/ 141 KB
141 KB 420ms
359ms Image
image/jpeg 172.67.71.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://perezhilton.com/wp-content/uploads/2019/04/justin-bieber-hailey-pregnant-860x871.jpg
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e324cb70d829ca29a4b0bf514bce50f0b1bb580911d9d4a873f956962ab5d21

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=150301
content-length: 143905
cf-bgj: imgq:100,h2pri
last-modified: Sun, 28 Jun 2020 12:41:21 GMT
server: cloudflare
etag: "5ef88ff1-24b1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kJo8yTI3gbEaqo1rTaWZa6xCpphQEvvh3F1Imtt2L1Z7dvbIOueUIZmOZ%2BIumRtWQuIoPOoa6pIavgRIfgyCEdEkr79ET%2Fudd3hC60ESDbnNNQ2buQE0KR0STIUG3A0qzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 881cd4482d4a9c10-FRA
expires: Fri, 17 May 2024 19:39:41 GMT

GET
H2 200 MV5BMTUzNjQ0NTAyMF5BMl5BanBnXkFtZTgwNjQ5NzA3NTE@._V1_UY1200_CR109,0,630,1200_AL_.jpg
ia.media-imdb.com/images/M/ 87 KB
87 KB 228ms
131ms Image
image/jpeg 2600:9000:225b:fc00:1d:d7f6:39d3:d9e1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.media-imdb.com/images/M/MV5BMTUzNjQ0NTAyMF5BMl5BanBnXkFtZTgwNjQ5NzA3NTE@._V1_UY1200_CR109,0,630,1200_AL_.jpg
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 682d543a7a502b3a447113dd896a74166db6d1546f316386fa0d3b1e4638801f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 14:12:22 GMT
via: 1.1 ec12d3de4ccd821a7e749609dcc62010.cloudfront.net (CloudFront)
age: 110574
x-amz-cf-pop: MUC50-P1
edge-cache-tag: x-cache-659,/images/M/MV5BMTUzNjQ0NTAyMF5BMl5BanBnXkFtZTgwNjQ5NzA3NTE@
x-nginx-cache-status: MISS
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="MUC50-P1",cdn-rid;desc="xGa-ZDjPk4FbK6tRNbxYuuOSVWm8N3nICmbqgIHLjBqQhggWT9D7AQ==",cdn-hit-layer;desc="Origin Shield",cdn-downstream-fbl;dur=103,provider;desc="cf"
alt-svc: h3=":443"; ma=86400
content-length: 88671
surrogate-key: x-cache-659 /images/M/MV5BMTUzNjQ0NTAyMF5BMl5BanBnXkFtZTgwNjQ5NzA3NTE@
last-modified: Fri, 15 May 2015 09:17:38 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 88b56ba3-39aa-43b8-8c01-a949c2e7574b
accept-ranges: bytes
x-amz-cf-id: xGa-ZDjPk4FbK6tRNbxYuuOSVWm8N3nICmbqgIHLjBqQhggWT9D7AQ==
expires: Wed, 04 May 2044 14:12:22 GMT

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/pC64WDwq69k/ 163 KB
163 KB 116ms
116ms Image
image/jpeg 172.217.18.118
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/pC64WDwq69k/maxresdefault.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.118 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f22.1e100.net

Software

sffe /

Resource Hash

54d7b7de37c01d9cccccedb72a54f8aaa7031a89e5d01a738bcc1cb1ebe19173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166869
x-xss-protection: 0
server: sffe
etag: "1614107176"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 May 2024 22:55:16 GMT

GET
H/1.1 200
OK bayer_04_leverkusen_2021_2022_third_kit_a.jpeg
www.footballshirtculture.com/images/stories/bayer-04-leverkusen-2021-2022-third-kit/ 419 KB
420 KB 187ms
49ms Image
image/jpeg 89.191.224.69
RHC-HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.footballshirtculture.com/images/stories/bayer-04-leverkusen-2021-2022-third-kit/bayer_04_leverkusen_2021_2022_third_kit_a.jpeg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

89.191.224.69 Bromley, United Kingdom, ASN205220 (RHC-HOSTING, GB),

Reverse DNS

Software

Apache /

Resource Hash

1e09fe7820b35ba279577b629c8d10b5d9a025a79e046130c9cb87e37832292b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 10 May 2024 20:55:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 09 Mar 2022 00:48:17 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 429553
Expires: Sat, 10 May 2025 20:55:16 GMT

GET
H2 200 Natalie-Elphicke-replaced-her-estranged-husband-as-Dover-MP-3159820.jpg
cdn.images.express.co.uk/img/dynamic/139/590x/secondary/ 33 KB
33 KB 243ms
165ms Image
image/jpeg 2600:9000:237d:ea00:1d:b722:f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.images.express.co.uk/img/dynamic/139/590x/secondary/Natalie-Elphicke-replaced-her-estranged-husband-as-Dover-MP-3159820.jpg?r=1626871176004
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ea00:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ac91386e662fd431e21cab1b82e5da6491cad3c3a5b003e54bd50bca399f844

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:17 GMT
via: 1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 33399
last-modified: Wed, 21 Jul 2021 10:09:13 GMT
server: AmazonS3
etag: "b179e8aedf098ea4193b4ddf5eb822af"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=300
accept-ranges: bytes
x-amz-cf-id: Qvi99bhOk5vhAbM8rZ9bExh1I89HpP2FrVX4kyUqaHrHq7TmLFYSEA==

GET
H2 200 bayern-vs-real-madrid.jpg
cdn.hobbyconsolas.com/sites/navi.axelspringer.es/public/media/image/2017/04/ 184 KB
184 KB 105ms
23ms Image
image/webp 2a02:6ea0:c77e::4
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hobbyconsolas.com/sites/navi.axelspringer.es/public/media/image/2017/04/bayern-vs-real-madrid.jpg
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c77e::4 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: /
Resource Hash: c08f025f8cdc89d420bea7d9f97b8758c1525ffa95d3eff5ccb8b1381f67fa46

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 15:01:05 GMT
tp-cache: hit
age: 194050
vary
content-type: image/webp
cache-control: max-age=2592000, s-maxage=30
accept-ranges: bytes
content-length: 188398

GET
H/1.1 200
OK bayer-leverkusen.jpg
bloguit.com/wp-content/uploads/2009/04/ 203 KB
203 KB 737ms
135ms Image
image/jpeg 184.171.245.226
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloguit.com/wp-content/uploads/2009/04/bayer-leverkusen.jpg
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 184.171.245.226 , United States, ASN33182 (DIMENOC, US),
Reverse DNS: server24.mcmedios.com
Software: Apache /
Resource Hash: 2ffdef3b343157d516611f66304566dd09219d2fb20ba135e5bf03bd616f5756

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 10 May 2024 20:55:17 GMT
Last-Modified: Fri, 02 May 2014 07:08:42 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 208128

GET
H2 200 real-madrid-vs-bayern-munich-champions-league.jpg
www.neymarjr.net/wp-content/uploads/2014/04/ 123 KB
124 KB 374ms
142ms Image
image/jpeg 185.32.188.5
PTSERVIDOR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.neymarjr.net/wp-content/uploads/2014/04/real-madrid-vs-bayern-munich-champions-league.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.32.188.5 , Portugal, ASN62416 (PTSERVIDOR, PT),

Reverse DNS

trinity.ptservidor.net

Software

Apache /

Resource Hash

94cf35b8b0ef14601ca725d1919766dedd5a892c0ce1349ca5132bc821d1fb4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
date: Fri, 10 May 2024 20:55:17 GMT
last-modified: Tue, 22 Apr 2014 22:35:49 GMT
server: Apache
accept-ranges: bytes
content-length: 126358
content-type: image/jpeg

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/7kWdcpdiUE4/ 178 KB
178 KB 167ms
167ms Image
image/jpeg 172.217.18.118
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/7kWdcpdiUE4/maxresdefault.jpg

Requested by

Host: newsday.pages.dev
URL: https://newsday.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.118 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f22.1e100.net

Software

sffe /

Resource Hash

a388c29393f50893aa0d8ac7d2a9aa630e579cb62dffd074af635b9fe2697e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181862
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 May 2024 22:55:16 GMT

GET
H/1.1 403
Forbidden invoke.js
abruptlydummy.com/fdae8844bc7825ebf87e99850df6f527/ 0
0 344ms
110ms Script
application/javascript 172.240.108.84
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://abruptlydummy.com/fdae8844bc7825ebf87e99850df6f527/invoke.js
Requested by: Host: antivirus.my.id
URL: https://antivirus.my.id/us.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 10 May 2024 20:55:15 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 th
tse3.mm.bing.net/ 32 KB
32 KB 159ms
85ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tse3.mm.bing.net/th?id=OIP.nwqQZ96RwAvM28Sasry4zwHaFu&pid=15.1
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfd53f1cc8f15c0bd174edccc007146ec2aedf1af9114478bb36537359abc508

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 74BD153AB55E483BB23A0949879E52D2 Ref B: DUS30EDGE0418 Ref C: 2024-05-10T20:55:16Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_MISS
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type: image/jpeg
cache-control: public, max-age=1209600
timing-allow-origin: *
access-control-allow-headers: *
content-length: 33050

GET
H2 200 th
tse4.mm.bing.net/ 18 KB
18 KB 65ms
58ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tse4.mm.bing.net/th?id=OIP.CHlURgppBiORCtFvhpJdnQHaEH&pid=15.1
Requested by: Host: newsday.pages.dev
URL: https://newsday.pages.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fba5c9263a1ddeb27d197534b98ddd78fcf1940cf53696ac6a06d5eb46a708b4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:16 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 56A3C64571E24C2AB1CCBA2720DDA634 Ref B: DUS30EDGE0418 Ref C: 2024-05-10T20:55:16Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_MISS
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type: image/jpeg
cache-control: public, max-age=1209600
timing-allow-origin: *
access-control-allow-headers: *
content-length: 17958

GET
H3 200 favicon.ico
newsday.pages.dev/ 32 KB
8 KB 104ms
103ms Other
text/html 172.66.47.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsday.pages.dev/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d3bb933dc0bae36549227bd885b6ef0e92d2f79384a22b85d652f0e65bd61e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newsday.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 20:55:17 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b49e01aa10bfec531bb27296940b531d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=emts4Bgssn69HIiCdDryeh7qaBe%2BAJe%2Fj5PEisx1nKcThrKLJIl%2F2PGmjD%2BS3c%2BUe1XtNm4lf2WPbXWxhwloXPK5gWYe9OFIH6Eab9jozFrgpJvE1BnKljA9hHUJBi4a6F37Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 881cd450cb129156-FRA
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.world-guides.com
URL: https://www.world-guides.com/images/rio_grande_do_norte/brazil_rio_grande_norte_map.jpg

Domain: lookaside.fbsbx.com
URL: https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=625765152916095

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap object| atOptions

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.elgrafico.mx/	1969-12-31 23:59:59	Name: __cfruid Value: 1e2858a06b30104764fefb21ebb3d3b8e1dd8a20-1715374516
			www.theglobeandmail.com/	1970-01-21 06:05:34	Name: akaas_tgam_tgam_sandbox Value: 2147483647~rv=19~id=a4a9e9dbc57d6cffb0f052608dff695c

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://newsday.pages.dev/ Message: Mixed Content: The page at 'https://newsday.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://a.espncdn.com/photo/2018/0806/r410802_1296x518_5-2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://newsday.pages.dev/ Message: Mixed Content: The page at 'https://newsday.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://www.world-guides.com/images/rio_grande_do_norte/brazil_rio_grande_norte_map.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://newsday.pages.dev/ Message: Mixed Content: The page at 'https://newsday.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://static.guim.co.uk/sys-images/Football/Clubs/Club_Home/2014/3/11/1394570499765/Bayern-Munich-v-Arsenal-014.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://newsday.pages.dev/ Message: Mixed Content: The page at 'https://newsday.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://www.neymarjr.net/wp-content/uploads/2014/04/real-madrid-vs-bayern-munich-champions-league.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	warning	URL: https://antivirus.my.id/us.js(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://abruptlydummy.com/fdae8844bc7825ebf87e99850df6f527/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://antivirus.my.id/us.js(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://abruptlydummy.com/fdae8844bc7825ebf87e99850df6f527/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.world-guides.com/images/rio_grande_do_norte/brazil_rio_grande_norte_map.jpg Message: Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR
network	error	URL: https://abruptlydummy.com/fdae8844bc7825ebf87e99850df6f527/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	URL: https://newsday.pages.dev/(Line 479) Message: Mixed Content: The page at 'https://newsday.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://a.espncdn.com/photo/2018/0806/r410802_1296x518_5-2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://newsday.pages.dev/(Line 479) Message: Mixed Content: The page at 'https://newsday.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://www.world-guides.com/images/rio_grande_do_norte/brazil_rio_grande_norte_map.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://newsday.pages.dev/(Line 479) Message: Mixed Content: The page at 'https://newsday.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://static.guim.co.uk/sys-images/Football/Clubs/Club_Home/2014/3/11/1394570499765/Bayern-Munich-v-Arsenal-014.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://newsday.pages.dev/(Line 479) Message: Mixed Content: The page at 'https://newsday.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://www.neymarjr.net/wp-content/uploads/2014/04/real-madrid-vs-bayern-munich-champions-league.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://newsday.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newsday.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
a.espncdn.com
abruptlydummy.com
antivirus.my.id
bloguit.com
cdn.hobbyconsolas.com
cdn.images.express.co.uk
code.jquery.com
d1bvpoagx8hqbg.cloudfront.net
editorial01.shutterstock.com
fonts.googleapis.com
guitar.com
holidays-today.com
i.guim.co.uk
i.pinimg.com
i.ytimg.com
ia.media-imdb.com
imgix.bustle.com
jagrancricket.com
lookaside.fbsbx.com
maxcdn.bootstrapcdn.com
newsday.pages.dev
pbs.twimg.com
perezhilton.com
publicholidays.nl
s01.sgp1.cdn.digitaloceanspaces.com
stackpath.bootstrapcdn.com
static.guim.co.uk
static.nexilia.it
suarapalestina.com
thumbs.dreamstime.com
tse3.mm.bing.net
tse4.mm.bing.net
www.albawaba.com
www.cinemaclock.com
www.designfootball.com
www.edarabia.com
www.elgrafico.mx
www.footballshirtculture.com
www.gannett-cdn.com
www.neymarjr.net
www.stretfordendarising.com
www.theglobeandmail.com
www.world-guides.com
lookaside.fbsbx.com
www.world-guides.com
104.18.10.207
104.18.11.207
151.101.129.91
151.101.130.207
151.101.194.62
172.217.18.118
172.240.108.84
172.66.47.123
172.67.71.193
172.67.73.150
18.173.154.23
18.66.188.54
18.66.192.54
184.171.245.226
185.32.188.5
188.114.97.3
192.124.249.2
2600:9000:225b:fc00:1d:d7f6:39d3:d9e1
2600:9000:237d:ea00:1d:b722:f80:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700:10::ac43:e96
2606:4700:20::6819:e10d
2606:4700:20::681a:3a5
2606:4700:4400::ac40:911d
2620:1ec:c11::200
2a00:1450:4001:80f::2001
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2016
2a02:26f0:3500:12::1730:17bb
2a02:26f0:3500:16::215:1487
2a02:26f0:ab00::214:8e53
2a02:6ea0:c77e::4
2a04:4e42:200::367
2a04:4e42:400::720
2a04:4e42:600::649
2a04:4e42:8e::84
64.227.174.144
87.236.16.222
89.191.224.65
89.191.224.69
95.217.73.111
02ec5f8850c6a124506dc4d389d750afad72a800a0ea8f2fca5b2ab763e519b5
0b40738900917d1d3201fdae685115e08d876bb3261699b8898b38e728d3ba25
1530d6546a788a32d97fb77581fccc3971fdc5500ad8926d82a7ca8f2fb2700e
1a7ea54a8e99e76e0f1c972b4b9d49cddcce56386de57954aa03d4d7bdd29f10
1ce6578253f1a952bd25f326f38a4437b91061d0ce17ddaa6f2eebf6a8a0acf7
1e09fe7820b35ba279577b629c8d10b5d9a025a79e046130c9cb87e37832292b
1e324cb70d829ca29a4b0bf514bce50f0b1bb580911d9d4a873f956962ab5d21
26ae0bd56e700d8d1f6e2356fffbbb27ac160c4a9b4de6389b9c80f25b24b2f0
2f046508bcbd63c1c91f3096bc5738e0cdf3e28fe5f83c3254f71a5cee80177f
2f37cd445754c0dab21ec9221dc05fddc0cafbddc1cf71df140036ec93e0731c
2ffdef3b343157d516611f66304566dd09219d2fb20ba135e5bf03bd616f5756
34ae8a95daeba6b046934335aa01c924e58cf6b7aa8873a8f9e71cfe3c07dbe5
44a12b38aa7b9ae83398dc943fa14f808b91c24b789a2f8e12c893839c09ab32
463b7afcdb5e0023ee76d46a4362aa6bb85eb0bcc2bd52edf6fe8ac5e66ed3d5
4ba1335fb1de42998ac323c2af3d7936afdd67a2b6a269e87faa9518e1a9a143
53dab56b2bfeefa1eacf105f9a42d9d382106d9802875a077333fe3bb59fb999
54d7b7de37c01d9cccccedb72a54f8aaa7031a89e5d01a738bcc1cb1ebe19173
5ac91386e662fd431e21cab1b82e5da6491cad3c3a5b003e54bd50bca399f844
5f5a71d65e62d39dfb3ca37ee06109620cc50aead1dd2c0e3a909cdfa6df0e61
611e1258137b568b0db3c0f34746b6aff2dd8454309f5f23239294b3254f513c
682d543a7a502b3a447113dd896a74166db6d1546f316386fa0d3b1e4638801f
6d06fb9e3635b690ea15c0a896857e4142934773e89bfbe013ae3af957e6521b
753624d4f42977a6ded93a88f2191f6889976c8da7bdbb547563ffc5e70616cf
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
800e91cb9c73a62e1320867906225115b10a35f838e31106d93e53a7b58dc2d3
8261f931ad538e9496d27891166792721762dab2bdf7d6df42cd56e0c7da647d
8ab5b050e9e4f37e82fb96d3fd781390e794343662ea0ae8237c859505f4ecd0
8b11f73a2876df65cb4a234c047514ffc39558d2ff4c3437199341377c40163a
91a639870aef55c1a61db38bbf294a5072590cc0178f0348a031aae199cba665
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
94cf35b8b0ef14601ca725d1919766dedd5a892c0ce1349ca5132bc821d1fb4b
9da2423569121d4529e64d411931731c2cc804accc6c55d147737b20dd0ba0ea
a1f5675ece832cc5d56959a8a68694e78859735b4d62621fc5f0d7dd393c3992
a388c29393f50893aa0d8ac7d2a9aa630e579cb62dffd074af635b9fe2697e04
a70f4c63469d7f6afecfd984d26f9da6b4c510e150ec7435fc45e4d4db22c496
b5d3bb933dc0bae36549227bd885b6ef0e92d2f79384a22b85d652f0e65bd61e
c08f025f8cdc89d420bea7d9f97b8758c1525ffa95d3eff5ccb8b1381f67fa46
cdbcbb6ab7680b6f7ee6f09ff2a54b0e8e3eb6e758efb1c0a7fe5e71fb0da118
d9634d63763cb1478394452d15fdf8352d09b1f47355cbeec376f59317f5880a
dfc31e3c4705b5013c21e005af91e96b17a342df733f9f54bcad9b0d4e67640c
dfd53f1cc8f15c0bd174edccc007146ec2aedf1af9114478bb36537359abc508
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
effc99647b47efb56d89133525837803bfc147e143127b376530e2723d056a90
fae524581d4757da1e62b7cfa6489712ef56a64a68cf464ac5d7adad4d23e3ed
fb3fbb3b5010b07ca7756ead78d444547f447e7bd3004e18218fc4c2146881bb
fba5c9263a1ddeb27d197534b98ddd78fcf1940cf53696ac6a06d5eb46a708b4

newsday.pages.dev Open in urlscan Pro 172.66.47.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

96 %HTTPS

46 %IPv6

41 Domains

44 Subdomains

42 IPs

9 Countries

6690 kBTransfer

6909 kBSize

2 Cookies

0 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newsday.pages.dev Open in urlscan Pro
172.66.47.123 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

96 %
HTTPS

46 %
IPv6

41
Domains

44
Subdomains

42
IPs

9
Countries

6690 kB
Transfer

6909 kB
Size

2
Cookies

50 HTTP transactions
0 data transactions