urlscan.io logo urlscan.io
SecurityTrails logo

eu.usatoday.com Open in urlscan Pro
151.101.14.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hatt.relefhere.com/m45go3
Effective URL: https://eu.usatoday.com/
Submission: On April 20 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 28 HTTP transactions. The main IP is 151.101.14.62, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is eu.usatoday.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on April 13th 2020. Valid for: 2 years.
This is the only time eu.usatoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 64.227.20.164 14061 (DIGITALOC...)
2 18.195.128.171 16509 (AMAZON-02)
1 25 151.101.14.62 54113 (FASTLY)
28 3
Domain Requested by
19 www.gannett-cdn.com eu.usatoday.com
4 cpt-static.gannettdigital.com eu.usatoday.com
2 arropers-vingsting.com arropers-vingsting.com
1 eu.usatoday.com arropers-vingsting.com
1 www.usatoday.com
1 hatt.relefhere.com 1 redirects
28 6

This site contains no links.

Subject Issuer Validity Valid
gannett.com
DigiCert SHA2 High Assurance Server CA		 2020-04-13 -
2022-06-21		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://eu.usatoday.com/
Frame ID: 3DF14149912BC833787794D8F9921020
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://hatt.relefhere.com/m45go3 HTTP 302
    http://arropers-vingsting.com/f55d1b5d-caf2-4aa3-837c-e69cc873177c Page URL
  2. http://arropers-vingsting.com/redirect?target=BASE64aHR0cHM6Ly93d3cudXNhdG9kYXkuY29tLw&ts=1587386850281&ha... Page URL
  3. https://www.usatoday.com/ HTTP 302
    https://eu.usatoday.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

28
Requests

86 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

3
IPs

2
Countries

272 kB
Transfer

321 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hatt.relefhere.com/m45go3 HTTP 302
    http://arropers-vingsting.com/f55d1b5d-caf2-4aa3-837c-e69cc873177c Page URL
  2. http://arropers-vingsting.com/redirect?target=BASE64aHR0cHM6Ly93d3cudXNhdG9kYXkuY29tLw&ts=1587386850281&hash=M7ezu87-0vPbJqxRdLJu3LClYlNtXkXFX83AmC9lIyQ&rm=DJ Page URL
  3. https://www.usatoday.com/ HTTP 302
    https://eu.usatoday.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://hatt.relefhere.com/m45go3 HTTP 302
  • http://arropers-vingsting.com/f55d1b5d-caf2-4aa3-837c-e69cc873177c

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set f55d1b5d-caf2-4aa3-837c-e69cc873177c
arropers-vingsting.com/
Redirect Chain
  • http://hatt.relefhere.com/m45go3
  • http://arropers-vingsting.com/f55d1b5d-caf2-4aa3-837c-e69cc873177c?
614 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://arropers-vingsting.com/f55d1b5d-caf2-4aa3-837c-e69cc873177c?
Protocol
HTTP/1.1
Server
18.195.128.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-128-171.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
arropers-vingsting.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Mon, 20 Apr 2020 12:47:30 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
614
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Set-Cookie
f55d1b5d-caf2-4aa3-837c-e69cc873177c-v4=f55d1b5d-caf2-4aa3-837c-e69cc873177c; Max-Age=86400; Expires=Tue, 21-Apr-2020 12:47:30 GMT; Domain=arropers-vingsting.com; Path=/; HttpOnly cc-v4=eEIbhliqf4bXP4dH5lsmYyVHM1Wq1um66VXzOixgWZoJekNjwk0IoYlAdxSNTn%2Fv4rfzFq4W%2FSPg%2FkscPWYISkxzomBg8KkKxzCbQyYa5rDqMmmdGQyyQwIG1GA%2FoFtQ10e1znCrdFR2TkcAcuzj8w%3D%3D; Max-Age=31536000; Expires=Tue, 20-Apr-2021 12:47:30 GMT; Domain=arropers-vingsting.com; Path=/; HttpOnly

Redirect headers

Location
http://arropers-vingsting.com/f55d1b5d-caf2-4aa3-837c-e69cc873177c?
Content-Type
text/html;charset=UTF-8
Content-Length
0
Date
Mon, 20 Apr 2020 12:47:27 GMT
redirect
arropers-vingsting.com/ 		0
0
redirect
arropers-vingsting.com/ 		342 B
615 B 		Document
General
Check archive.org
Download Go to
Full URL
http://arropers-vingsting.com/redirect?target=BASE64aHR0cHM6Ly93d3cudXNhdG9kYXkuY29tLw&ts=1587386850281&hash=M7ezu87-0vPbJqxRdLJu3LClYlNtXkXFX83AmC9lIyQ&rm=DJ
Requested by
Host: arropers-vingsting.com
URL: http://arropers-vingsting.com/f55d1b5d-caf2-4aa3-837c-e69cc873177c?
Protocol
HTTP/1.1
Server
18.195.128.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-128-171.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
arropers-vingsting.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arropers-vingsting.com/f55d1b5d-caf2-4aa3-837c-e69cc873177c?
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
f55d1b5d-caf2-4aa3-837c-e69cc873177c-v4=f55d1b5d-caf2-4aa3-837c-e69cc873177c; cc-v4=eEIbhliqf4bXP4dH5lsmYyVHM1Wq1um66VXzOixgWZoJekNjwk0IoYlAdxSNTn%2Fv4rfzFq4W%2FSPg%2FkscPWYISkxzomBg8KkKxzCbQyYa5rDqMmmdGQyyQwIG1GA%2FoFtQ10e1znCrdFR2TkcAcuzj8w%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://arropers-vingsting.com/f55d1b5d-caf2-4aa3-837c-e69cc873177c?

Response headers

Server
nginx
Date
Mon, 20 Apr 2020 12:47:30 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
342
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
/
www.usatoday.com/ 		0
0
Primary Request /
eu.usatoday.com/
Redirect Chain
  • https://www.usatoday.com/
  • https://eu.usatoday.com/
64 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eu.usatoday.com/
Requested by
Host: arropers-vingsting.com
URL: http://arropers-vingsting.com/redirect?target=BASE64aHR0cHM6Ly93d3cudXNhdG9kYXkuY29tLw&ts=1587386850281&hash=M7ezu87-0vPbJqxRdLJu3LClYlNtXkXFX83AmC9lIyQ&rm=DJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.2 /
Resource Hash
a7066ed66dc09ae9ecd529fd6833fb50af18f75e4780ac56507c2e25a27f2322
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=600

Request headers

:method
GET
:authority
eu.usatoday.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://arropers-vingsting.com/redirect?target=BASE64aHR0cHM6Ly93d3cudXNhdG9kYXkuY29tLw&ts=1587386850281&hash=M7ezu87-0vPbJqxRdLJu3LClYlNtXkXFX83AmC9lIyQ&rm=DJ
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://arropers-vingsting.com/redirect?target=BASE64aHR0cHM6Ly93d3cudXNhdG9kYXkuY29tLw&ts=1587386850281&hash=M7ezu87-0vPbJqxRdLJu3LClYlNtXkXFX83AmC9lIyQ&rm=DJ

Response headers

status
200
server
nginx/1.15.2
content-type
text/html; charset=utf-8
content-encoding
gzip
x-robots-tag
noindex, nofollow
gannett-debug-path
region: west
gannett-debug-path-full
restarts: 0 ttl: 31536000.000 shield: true server: cache-fra19183-FRA path: region: west
accept-ranges
bytes
date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish
age
101
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=600
x-served-by
cache-fra19183-FRA
x-cache
HIT
x-cache-hits
38
x-timer
S1587386851.235712,VS0,VE0
content-length
16143

Redirect headers

status
302
retry-after
0
location
https://eu.usatoday.com/
accept-ranges
bytes
date
Mon, 20 Apr 2020 12:47:31 GMT
x-cache
HIT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=10890000
content-length
0
global.css
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/eu/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/eu/global.css
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
292abd1b2fcf9dae107b55d1ef6cd38f349ba4dd7513d86a9e1f3bbb7d7102d5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=600

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
content-encoding
gzip
age
240873
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=600
content-length
2448
x-served-by
cache-bwi5151-BWI, cache-fra19183-FRA
server
AmazonS3
x-timer
S1587386851.289830,VS0,VE0
etag
"020300ee04a8e80be76d8daad6afd290"
vary
Accept-Encoding, Origin
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=3600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-cache-hits
1, 918
logo-compact.svg
www.gannett-cdn.com/gannett-web/properties/usatoday/logos-and-branding/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/gannett-web/properties/usatoday/logos-and-branding/logo-compact.svg
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4993695f92f4e4c324f9540baa0478cb2fec43cbd86992974d33c2c4289066ec

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
2444291
x-amz-meta-goog-reserved-file-mtime
1528071453
x-guploader-uploadid
AEnB2Upw7zQQJDx0Gev-xQ5gDrGlJ76Oo9EOtafsur8kpol09it_QwyfXttH70YzaE3Slxpj5n9JW4cEOO9iaYiK1f4tbtTF6g
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
content-length
2449
x-served-by
cache-iad2132-IAD, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
last-modified
Mon, 18 Feb 2019 22:02:27 GMT
server
UploadServer
x-timer
S1587386851.293335,VS0,VE0
etag
"ae2c69e9cec8f8415c0ff2ab8a30c595"
vary
Accept-Encoding
x-goog-hash
crc32c=NfvTuA==, md5=rixp6c7I+EFcD/KrijDFlQ==
content-type
image/svg+xml
access-control-allow-origin
*
expires
Tue, 30 Jul 2019 17:28:45 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3, 213
c49d6078-a924-4170-9c35-b0983cd49d5b-AP20110819945893.jpg
www.gannett-cdn.com/presto/2020/04/20/USAT/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/04/20/USAT/c49d6078-a924-4170-9c35-b0983cd49d5b-AP20110819945893.jpg?crop=5471,3078,x0,y278&quality=50&width=1080
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
733b963f52e32a33e4bc99503ec0f6148bdea979dc3724ddde821ece866e71bc

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
33771
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=13707760 idim=5472x3648 ifmt=jpeg ofsz=57024 odim=1080x608 ofmt=jpeg
status
200
x-guploader-uploadid
AAANsUlbHLOiz1GhgJV93C1qmIprmyPebBsIm1CoDFQYT-hl46DIJam_acR8_HjwKwsU6I8mT0_QBdx15uyW4NH-LqQ
fastly-stats
io=1
content-length
57024
x-served-by
cache-bwi5127-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.308652,VS0,VE0
etag
"Pjshcz4F1Am98W3MAdmG2WrFT3sU/BvniRlBtwuyEtI"
vary
x-goog-hash
crc32c=l6zOkA==, md5=dD1PfqWHKzlFRtFEM58SKA==
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 20 Apr 2020 03:24:39 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 15
1d3c31df-c7e1-483e-8b37-2ef0fb01553e-GTY_1219427564.JPG
www.gannett-cdn.com/presto/2020/04/20/USAT/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/04/20/USAT/1d3c31df-c7e1-483e-8b37-2ef0fb01553e-GTY_1219427564.JPG?crop=5080,2858,x0,y173&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a3e4e77b3c3ac63ad5fdd700a95ddc32dd30b6662971b13328d989b73fff4923

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
18489
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=5304133 idim=5081x3479 ifmt=jpeg ofsz=6039 odim=240x135 ofmt=jpeg
status
200
x-guploader-uploadid
AEnB2Uo7bgPO31CsXa-aI-odzd7_sCg1Tudtz_xB2bwuTnL5Znqr9OnoP0I4jgMKyXD3rPPqeEFCRffnree7VNy_ChlNP4lbSw
fastly-stats
io=1
content-length
6039
x-served-by
cache-bwi5149-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.311839,VS0,VE0
etag
"8FVkwOrBV4IX3wB1L1cyFugrQwKU/BCQg7ENv79Rfx0"
vary
x-goog-hash
crc32c=eaCW6A==, md5=RrGLh+dU5iQvBnjFpoiyHg==
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 20 Apr 2020 07:39:21 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 3
95e8b500-9e77-4703-8ed4-f95543fb3d58-GTY_1219813000.JPG
www.gannett-cdn.com/presto/2020/04/20/USAT/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/04/20/USAT/95e8b500-9e77-4703-8ed4-f95543fb3d58-GTY_1219813000.JPG?crop=3886,2186,x0,y197&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
16d89fda9749e5cb7740a8fc292739d3968b60a1d941757feb4ed56fa3527990

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
41850
x-goog-storage-class
NEARLINE
x-cache
MISS, HIT
fastly-io-info
ifsz=1385341 idim=3887x2591 ifmt=jpeg ofsz=5332 odim=240x135 ofmt=jpeg
status
200
x-guploader-uploadid
AEnB2Uoq9qUWseB9L9vVSDL_4vRjzMXRoEuDIAX5j_Nki_4PxZR1Z9p7J7OfJcLV6Qip3EQgE9VpvWvodNhwHPCdU-Zqopom2g
fastly-stats
io=1
content-length
5332
x-served-by
cache-bwi5131-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.311892,VS0,VE0
etag
"J1XCu8FtKPdfNBUKPkFygRMyg2tu+qQphgAkCRkyiX4"
vary
x-goog-hash
crc32c=rjxVLg==, md5=0JmXbcy62JNXnUSeYZipwQ==
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 20 Apr 2020 01:10:00 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 3
4f22266f-7f9e-4822-adfe-21085670a63b-AFP_AFP_1QP1XK.JPG
www.gannett-cdn.com/presto/2020/04/20/USAT/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/04/20/USAT/4f22266f-7f9e-4822-adfe-21085670a63b-AFP_AFP_1QP1XK.JPG?crop=2999,1687,x1,y27&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c5090409c1e054f4c4c35b79d7b1c78de9f31945a6afb77768575cbb59988809

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
2240
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=617030 idim=3000x2055 ifmt=jpeg ofsz=4326 odim=240x135 ofmt=jpeg
status
200
x-guploader-uploadid
AAANsUnmm441OhmFo9yNH5I9LnzNDI8-JLNG9dEapzGZ1BhO4HtX3XI3jtO29jgOF5-7FlM6K3EFBeZ24WOarEbMH7Y
fastly-stats
io=1
content-length
4326
x-served-by
cache-bwi5147-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.311946,VS0,VE1
etag
"n68K1ptMiOiMRQGcI2krTFmNqBlL3+ysf0uoEOi3XJM"
vary
x-goog-hash
crc32c=Afo3eQ==, md5=b3RY/ujS/tKgEoQ5LcOEiQ==
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 20 Apr 2020 12:10:11 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1
fee363d6-f524-4049-926c-49b69892fd2e-GTY_72441193.JPG
www.gannett-cdn.com/presto/2020/04/20/USAT/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/04/20/USAT/fee363d6-f524-4049-926c-49b69892fd2e-GTY_72441193.JPG?crop=3111,1750,x42,y94&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
49f650859644faf05447da174b9194428373c3a1e448ed3ebaaba5f3a02c29bb

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
36610
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=1674213 idim=3200x2133 ifmt=jpeg ofsz=4673 odim=240x135 ofmt=jpeg
status
200
x-guploader-uploadid
AAANsUky8yVLoV2Lh3jHo8uTKWpBifmOuCdsMDCiy5wOt9jPTvEhH34O6d1A2mLHdIn9PyFoN18VvZuHJ2SpSfqE_T4
fastly-stats
io=1
content-length
4673
x-served-by
cache-bwi5142-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.312028,VS0,VE0
etag
"JLSmCpGbrHELmwP50pEd1kikD7LzEVPy9H7pf9oXVLE"
vary
x-goog-hash
crc32c=ivOk+A==, md5=rZ+4ZE36W6jlBtmo0tB7wg==
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 20 Apr 2020 02:37:21 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 3
2ce876e8-601c-49b5-b66f-2fd2939d4092-01.JPG
www.gannett-cdn.com/presto/2020/04/18/USAT/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/04/18/USAT/2ce876e8-601c-49b5-b66f-2fd2939d4092-01.JPG?crop=1486,836,x1,y39&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a9d60801041b49d0c2ff99c6b88c6b1134c64e23cfc4bd2259563c6510b3323c

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
145209
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=595229 idim=1487x1020 ifmt=jpeg ofsz=6570 odim=240x135 ofmt=jpeg
status
200
x-guploader-uploadid
AAANsUkQwrBlXsiY7NbGEtOWRcMmRVp7GEmjYGqg45FYw0_g3R32cvRN07NsYPvk5Ld3dsoyAQ54SeixIjZJq002F7s
fastly-stats
io=1
content-length
6570
x-served-by
cache-bwi5121-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.431848,VS0,VE0
etag
"3DZgPSz4ZU8pRFnnuEcLxz3BiUAr3nIZtRIQ6GtoAAw"
vary
x-goog-hash
crc32c=io9clw==, md5=F3yjpnArIZtQTiNQNSx7pA==
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 18 Apr 2020 20:27:22 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 3
gettyimages-1167466623.jpg
www.gannett-cdn.com/-mm-/2c66e9fa6eb290e62bf7cbc6010f40bfdafd2f07/c=0-416-7952-4889/local/-/media/2020/04/14/USATODAY/usatsports/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/-mm-/2c66e9fa6eb290e62bf7cbc6010f40bfdafd2f07/c=0-416-7952-4889/local/-/media/2020/04/14/USATODAY/usatsports/gettyimages-1167466623.jpg?quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
62dcb1228fc2c7774b9096838ff57c62f6ad0431fa4fa23c7dfb39eba894dd0a

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
minimogrify==2.1.10
date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-served-byphx
default
age
417241
x-cache
MISS, HIT, HIT
fastly-io-info
ifsz=5941990 idim=7952x4473 ifmt=jpeg ofsz=6954 odim=240x135 ofmt=jpeg
status
200
fastly-stats
io=1
content-length
6954
x-served-by
cache-bwi5142-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
Apache
x-timer
S1587386851.444339,VS0,VE0
etag
"IGXUF72IgbKDwulwLTenpCNmCYx5quRYVYOYuG+7uuo"
vary
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
timing-allow-origin
*
x-served-bycnt
0
x-cache-hits
1, 3
e6d36528-782c-4b59-955a-6c1b0995ff85-24501.jpg
www.gannett-cdn.com/presto/2020/03/23/USAT/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/03/23/USAT/e6d36528-782c-4b59-955a-6c1b0995ff85-24501.jpg?crop=3737,2103,x0,y0&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9230b064f9640d23b4948ead2b0de137c041bd5f3af6b26a36d227b69b40d598

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
98147
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=1746982 idim=3738x2496 ifmt=jpeg ofsz=4816 odim=240x135 ofmt=jpeg
status
200
x-guploader-uploadid
AEnB2UpKQcnzfRMT2ksXLE29lWGum2PMNYEOrYwmroiiMbf4oMLEmyaYnaKkVTI9jBgUEpv0psk8QSxm3tkYBN4nzbsT7a64rw
fastly-stats
io=1
content-length
4816
x-served-by
cache-bwi5143-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.445214,VS0,VE0
etag
"xzCcy5kHU7fxJi7+kbP7RXxZGKhlEHUsmktpATDhfos"
vary
x-goog-hash
crc32c=MmgseA==, md5=5Km+KgNlVObImpIM8fHBGg==
content-type
image/jpeg
access-control-allow-origin
*
expires
Sun, 19 Apr 2020 09:31:44 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 3
501087d0-c900-4c0a-a4d4-1634aa48d05e-AFP_AFP_1PT4JD.JPG
www.gannett-cdn.com/presto/2020/03/12/USAT/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/03/12/USAT/501087d0-c900-4c0a-a4d4-1634aa48d05e-AFP_AFP_1PT4JD.JPG?crop=2999,1687,x0,y227&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
43445f41565c9c57782cc96d97e1abce5bbaeabd552b1f3f8fdfa5c4a9a805f4

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
731943
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=930738 idim=3000x2149 ifmt=jpeg ofsz=5260 odim=240x135 ofmt=jpeg
status
200
x-guploader-uploadid
AEnB2UpTjzxEbdh7Lz3QVnOnxJuQFrtF7aA4vmDiRLog7W6JRfhK2ymWhpCt7_vix6IUKVX2EmA7qAeWUrDPlJTMcjaFnluLfQ
fastly-stats
io=1
content-length
5260
x-served-by
cache-bwi5143-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.445210,VS0,VE0
etag
"S6QS+oVGZoUxyRMPYC3yTWZp5J2sx2rsAvPStRPfoy8"
vary
x-goog-hash
crc32c=ih6eRQ==, md5=LM3GmadbSVDHxiPK/yYgDA==
content-type
image/jpeg
access-control-allow-origin
*
expires
Sun, 12 Apr 2020 01:28:27 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 3
3abac42a-a5de-4e8e-b6e5-3c7c2e86d931-COMP_applause_covid_patients_leave_hospital_16x9_Thumbnail_1.jpg
www.gannett-cdn.com/presto/2020/04/17/USAT/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/04/17/USAT/3abac42a-a5de-4e8e-b6e5-3c7c2e86d931-COMP_applause_covid_patients_leave_hospital_16x9_Thumbnail_1.jpg?crop=1911,1075,x8,y0&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1413e5e5465adb652ac5edebce4c723be5df52a6fe7658d1e4531dba960a452f

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
253417
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=515752 idim=1920x1080 ifmt=jpeg ofsz=5535 odim=240x135 ofmt=jpeg
status
200
x-guploader-uploadid
AAANsUl48K_1gnhZsWkYeAq7y93vUtQW914hsd19ID3LmNvuajGxPDOC6AcNN_68R4cOkESCp8MWfOyh1H1se3sK-lo
fastly-stats
io=1
content-length
5535
x-served-by
cache-bwi5129-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.445193,VS0,VE0
etag
"coElhZITsyzyD+1axOd0RbXQDWUZgt8LsnSyr02d91w"
vary
x-goog-hash
crc32c=FqWlKg==, md5=mNex3i94q3aaIjtccCWbqw==
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 17 Apr 2020 14:23:55 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 3
686fa1c4-a1b0-47d3-901f-b126c071795a-XXX_TH_marijuana_coronavirus_2020_276.JPG
www.gannett-cdn.com/presto/2020/04/14/USAT/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/04/14/USAT/686fa1c4-a1b0-47d3-901f-b126c071795a-XXX_TH_marijuana_coronavirus_2020_276.JPG?crop=3362,1892,x0,y703&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b279046358e0bd8e6d01defdd318f2f623465fc1896d8249427e4dccf2a326f8

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
25046
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=1077634 idim=3363x3515 ifmt=jpeg ofsz=4440 odim=240x135 ofmt=jpeg
status
200
x-guploader-uploadid
AAANsUmwYnb2iAiVZmuPaoelYBrp80XG5SK1AxZtdN2UQ8b4ceULoyjDHL2XNFvP9C1vfk9GAc2IalitCQ0_pnaejeM
fastly-stats
io=1
content-length
4440
x-served-by
cache-bwi5124-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.445248,VS0,VE0
etag
"Y05rKjveGP/IhI0djO2hthwNPe457y614LqFVGw2Qls"
vary
x-goog-hash
crc32c=jCMsLQ==, md5=5pMO3Icl0F5WpjSnYcaD+w==
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 20 Apr 2020 05:50:04 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 4
b1dbd540-8a8b-425f-966b-fa73ae2dec5a-protest.jpg
www.gannett-cdn.com/presto/2020/04/15/PLOU/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/04/15/PLOU/b1dbd540-8a8b-425f-966b-fa73ae2dec5a-protest.jpg?crop=2047,1152,x0,y189&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9a0cfe88ac879bbbb96b614f94b68b45d8ddc5fab163f4bcac5097a1cb7eee07

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
400060
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=459076 idim=2048x1536 ifmt=jpeg ofsz=6248 odim=240x135 ofmt=jpeg
status
200
x-guploader-uploadid
AEnB2UpN-A8WhQPzVnB8dy8-R-QJtG8vjMIip-KaQWzzErK51AZblvR69iIaxY_EjM-7CStcM2YKwx6oMm4vXr7dkjdo1JDv6g
fastly-stats
io=1
content-length
6248
x-served-by
cache-bwi5124-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.466977,VS0,VE0
etag
"OH2+BC4uJKS2VCS3/KF3HXwS7NuJJVYCr+H45mxb7OI"
vary
x-goog-hash
crc32c=6bL/Eg==, md5=Xi8hMnqJmT0PXqeXFMnIRQ==
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 15 Apr 2020 21:39:51 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 3
a1043161-5bda-4918-8a54-f81f0fb8652b-Driehaus_TherapyDogs_001.JPG
www.gannett-cdn.com/presto/2020/03/26/PNDN/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/03/26/PNDN/a1043161-5bda-4918-8a54-f81f0fb8652b-Driehaus_TherapyDogs_001.JPG?crop=4860,2734,x0,y301&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2128f2f123ddbaaee5693f55a8fe3faa9af04871d2ed8053217b2935bfe3ee05

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
2055266
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=2944761 idim=4861x3241 ifmt=jpeg ofsz=3805 odim=240x135 ofmt=jpeg
status
200
x-guploader-uploadid
AEnB2UqVSppUsWvsvJB0COQ-Cl_rG3o-gB5P5JqvFGmsHyAxDOdXXbgYDZ1rF4F5wDSDanbWlSVO1VAhYP-nYWrjdgQhjKxmmw
fastly-stats
io=1
content-length
3805
x-served-by
cache-bwi5146-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.484843,VS0,VE0
etag
"PqmcTgfQSzygF0Bz7H5RdPwHjDVf8b+dxgRgnY4F+EQ"
vary
x-goog-hash
crc32c=fHf8hQ==, md5=KzSzvVQhsxvLZ/x9PVh8ZQ==
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 27 Mar 2020 17:53:04 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 234
25492c4e-bed0-41b8-9ba8-4316bb1215ad-PS_GroceriesThumbnail.png
www.gannett-cdn.com/presto/2020/04/15/USAT/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/04/15/USAT/25492c4e-bed0-41b8-9ba8-4316bb1215ad-PS_GroceriesThumbnail.png?crop=1911,1075,x8,y0&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fa34907c26a5e7bc63baac3d32298be1aa762552f2884690dc8f62340d4f1279

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
44810
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=1520568 idim=1920x1080 ifmt=png ofsz=51733 odim=240x135 ofmt=png
status
200
x-guploader-uploadid
AEnB2UrUhqz4x9T3kyPg7JWkusd9uHgMPpfhu-TYlaxZgMn7qHfdVL1c_-HrxOGLQChehKVxmBBH-JhD3hpcqf_vY0tn9KLvVw
fastly-stats
io=1
content-length
51733
x-served-by
cache-bwi5130-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.484839,VS0,VE0
etag
"kHFW4pLPm18sYqErevTXxRv2Z3eOcY3mj3hOZhW9ZA0"
vary
x-goog-hash
crc32c=S7ReJA==, md5=F5+JVogI0mRNoa2O3A7aig==
content-type
image/png
access-control-allow-origin
*
expires
Mon, 20 Apr 2020 00:20:41 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 4
f3dcc31a-f251-4d8f-be2f-fe23eb02345b-Ella_Canady_2.jpeg
www.gannett-cdn.com/presto/2020/04/17/USAT/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/04/17/USAT/f3dcc31a-f251-4d8f-be2f-fe23eb02345b-Ella_Canady_2.jpeg?crop=2702,1520,x0,y946&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
66e451b97439c543a91c0ae3141e9b9386e7b4d45fa98eea9a86a7abcc41cd84

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
13604
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=2029701 idim=2718x3693 ifmt=jpeg ofsz=4655 odim=240x135 ofmt=jpeg
status
200
x-guploader-uploadid
AAANsUnwB1bkA1RHppuay4nPWdeU2oMrRFRQXvYvaeMuOoAor8p3kPFHGwEc_8kY5594w0pCHpC82lrmHHIFbxPFdZM
fastly-stats
io=1
content-length
4655
x-served-by
cache-bwi5150-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.484820,VS0,VE0
etag
"vuePA0m2beq7r4rA3c46fiZEuKo8Hd42/ApRZ8a86WI"
vary
x-goog-hash
crc32c=0FGJww==, md5=r5j1BA6aEO4gDmlTf6UYxA==
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 20 Apr 2020 09:00:47 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 3
dcc6f6cc-474d-44d8-85f1-2f979f0ce51a-AFP_AFP_1QM66K.JPG
www.gannett-cdn.com/presto/2020/04/17/USAT/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/04/17/USAT/dcc6f6cc-474d-44d8-85f1-2f979f0ce51a-AFP_AFP_1QM66K.JPG?crop=5394,3035,x0,y220&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
31aa23cbb21732ec60f584c786dd733713488b10b855ce818bc2bbe07fc72bc8

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
8217
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=1231441 idim=5395x3489 ifmt=jpeg ofsz=5666 odim=240x135 ofmt=jpeg
status
200
x-guploader-uploadid
AAANsUkVUqz3Y398J24btc7K68kVdM-_uJrifSuKfK24sVZMzHAzUKqYfPI5AdDkY_U5b3QvOF6AaaSzkdxphd1vbiI
fastly-stats
io=1
content-length
5666
x-served-by
cache-bwi5146-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.484805,VS0,VE0
etag
"CLvo1QiMRy+GMsoklm3V4ploNKGM+rBpVatwoIla3WQ"
vary
x-goog-hash
crc32c=LLAKTA==, md5=o18y7XgvZ55TTV2+F0xJRA==
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 20 Apr 2020 10:30:33 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 4
7dd23c4a-d9e2-46f7-8b91-393ffe05fd83-Virtual_Party.jpg
www.gannett-cdn.com/presto/2020/04/16/USAT/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/04/16/USAT/7dd23c4a-d9e2-46f7-8b91-393ffe05fd83-Virtual_Party.jpg?crop=1911,1075,x8,y0&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d7afc2868757e54a7ec7c095bb6c82dfaebd75ea2bcd9d10996338e628b68f2f

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
337799
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=587222 idim=1920x1080 ifmt=jpeg ofsz=5298 odim=240x135 ofmt=jpeg
status
200
x-guploader-uploadid
AEnB2Uq1YHz82H1kNLdNJc8YPXYjrn972nHcgDVVgEJnrOwrtl8f6Exw6ECH1ceD-14J66Zrptd0bZm2GKC3E7otI8CWtFyODw
fastly-stats
io=1
content-length
5298
x-served-by
cache-bwi5137-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.484794,VS0,VE0
etag
"x+eBfOb6yggENfIdULtvDI3RD83OVuWnKwM2i8NY01A"
vary
x-goog-hash
crc32c=CMKXiA==, md5=Ufk584MfjrVissSlsZMMpA==
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 16 Apr 2020 14:57:32 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 3
c102b116-a754-457a-ba6d-7a72c90f5c2d-AP_Britain_Commonwealth_Day.JPG
www.gannett-cdn.com/presto/2020/03/09/USAT/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/03/09/USAT/c102b116-a754-457a-ba6d-7a72c90f5c2d-AP_Britain_Commonwealth_Day.JPG?crop=4641,2611,x0,y77&quality=50&width=240
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
54bd494b5442dbe6fdafb35a0b8264e634fc9889f93bb6c153df8165057759c7

Request headers

Referer
https://eu.usatoday.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
2025052
x-goog-storage-class
NEARLINE
x-cache
HIT, HIT
fastly-io-info
ifsz=3969673 idim=4642x3095 ifmt=jpeg ofsz=5514 odim=240x135 ofmt=jpeg
status
200
x-guploader-uploadid
AEnB2UqC0f1n3ahILFs6_noydgXuP3QUQlU6QzfN1leOHIK775Urs1ypzXSLZiKnggx4mHK_IKdKhIM169gIzJmEUqChbTLC2w
fastly-stats
io=1
content-length
5514
x-served-by
cache-bwi5146-BWI, cache-fra19183-FRA
vcl_data
4teo2sTrkRpe2BJzz4IyqE.218_19-db90f589cf4668f4d1a4c6c4b13b0c80
server
UploadServer
x-timer
S1587386851.498695,VS0,VE1
etag
"bgtzXEuj0KpCQbcO/9ZsIxYT0jThL8/TOSLm8LFrOFo"
vary
x-goog-hash
crc32c=XhBgBw==, md5=v8LTajAUbJhmW1+M0pLiEg==
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 28 Mar 2020 02:16:38 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1
UnifySans_W_Rg.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_Rg.woff2
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/eu/global.css
Origin
https://eu.usatoday.com

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
177417
x-cache
HIT, HIT
status
200
access-control-max-age
86400
strict-transport-security
max-age=600
content-length
16620
x-served-by
cache-bwi5144-BWI, cache-fra19178-FRA
server
AmazonS3
x-timer
S1587386852.708970,VS0,VE0
etag
"3813aba0274244941c060a0cba29c5a2"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Location
cache-control
max-age=3600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-cache-hits
1, 153
UnifySans_W_SBd.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_SBd.woff2
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/eu/global.css
Origin
https://eu.usatoday.com

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
70609
x-cache
HIT, HIT
status
200
access-control-max-age
86400
strict-transport-security
max-age=600
content-length
17876
x-served-by
cache-bwi5139-BWI, cache-fra19178-FRA
server
AmazonS3
x-timer
S1587386852.709155,VS0,VE0
etag
"eec61fc37ea7dff16e6503e33ab66949"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Location
cache-control
max-age=3600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-cache-hits
1, 149
UnifySans_W_Bd.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_Bd.woff2
Requested by
Host: eu.usatoday.com
URL: https://eu.usatoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd3371cdc79f60cdd3b435f3b8dd3de44e37cb3636e6e193235b87386624652a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/eu/global.css
Origin
https://eu.usatoday.com

Response headers

date
Mon, 20 Apr 2020 12:47:31 GMT
via
1.1 varnish, 1.1 varnish
age
230003
x-cache
HIT, HIT
status
200
access-control-max-age
86400
strict-transport-security
max-age=600
content-length
17984
x-served-by
cache-bwi5123-BWI, cache-fra19178-FRA
server
AmazonS3
x-timer
S1587386852.709215,VS0,VE0
etag
"79f7fee52a3077ef23d7fb327d25836a"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Location
cache-control
max-age=3600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-cache-hits
1, 156

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
arropers-vingsting.com
URL
http://arropers-vingsting.com/redirect?target=BASE64aHR0cHM6Ly93d3cudXNhdG9kYXkuY29tLw&ts=1587386850281&hash=M7ezu87-0vPbJqxRdLJu3LClYlNtXkXFX83AmC9lIyQ&rm=DJ
Domain
www.usatoday.com
URL
https://www.usatoday.com/

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| ga_data

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arropers-vingsting.com
cpt-static.gannettdigital.com
eu.usatoday.com
hatt.relefhere.com
www.gannett-cdn.com
www.usatoday.com
arropers-vingsting.com
www.usatoday.com
151.101.14.62
18.195.128.171
64.227.20.164
02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9
1413e5e5465adb652ac5edebce4c723be5df52a6fe7658d1e4531dba960a452f
16d89fda9749e5cb7740a8fc292739d3968b60a1d941757feb4ed56fa3527990
2128f2f123ddbaaee5693f55a8fe3faa9af04871d2ed8053217b2935bfe3ee05
292abd1b2fcf9dae107b55d1ef6cd38f349ba4dd7513d86a9e1f3bbb7d7102d5
31aa23cbb21732ec60f584c786dd733713488b10b855ce818bc2bbe07fc72bc8
43445f41565c9c57782cc96d97e1abce5bbaeabd552b1f3f8fdfa5c4a9a805f4
4993695f92f4e4c324f9540baa0478cb2fec43cbd86992974d33c2c4289066ec
49f650859644faf05447da174b9194428373c3a1e448ed3ebaaba5f3a02c29bb
54bd494b5442dbe6fdafb35a0b8264e634fc9889f93bb6c153df8165057759c7
62dcb1228fc2c7774b9096838ff57c62f6ad0431fa4fa23c7dfb39eba894dd0a
66e451b97439c543a91c0ae3141e9b9386e7b4d45fa98eea9a86a7abcc41cd84
733b963f52e32a33e4bc99503ec0f6148bdea979dc3724ddde821ece866e71bc
9230b064f9640d23b4948ead2b0de137c041bd5f3af6b26a36d227b69b40d598
9a0cfe88ac879bbbb96b614f94b68b45d8ddc5fab163f4bcac5097a1cb7eee07
a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a
a3e4e77b3c3ac63ad5fdd700a95ddc32dd30b6662971b13328d989b73fff4923
a7066ed66dc09ae9ecd529fd6833fb50af18f75e4780ac56507c2e25a27f2322
a9d60801041b49d0c2ff99c6b88c6b1134c64e23cfc4bd2259563c6510b3323c
b279046358e0bd8e6d01defdd318f2f623465fc1896d8249427e4dccf2a326f8
bd3371cdc79f60cdd3b435f3b8dd3de44e37cb3636e6e193235b87386624652a
c5090409c1e054f4c4c35b79d7b1c78de9f31945a6afb77768575cbb59988809
d7afc2868757e54a7ec7c095bb6c82dfaebd75ea2bcd9d10996338e628b68f2f
fa34907c26a5e7bc63baac3d32298be1aa762552f2884690dc8f62340d4f1279