newssitem.com Open in urlscan Pro
198.54.126.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newssitem.com/
Effective URL:
https://newssitem.com/
Submission: On March 05 via api (March 5th 2023, 6:38:52 pm UTC) from US — Scanned from DE

Summary HTTP 80 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 19 domains to perform 80 HTTP transactions. The main IP is 198.54.126.35, located in United States and belongs to NAMECHEAP-NET, US. The main domain is newssitem.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 16th 2022. Valid for: a year.

This is the only time newssitem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	198.54.126.35 198.54.126.35	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
3	104.76.158.84 104.76.158.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:600... 2a04:4e42:600::773	54113 (FASTLY) (FASTLY)
1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.123.91 104.16.123.91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:ea:... 2a02:26f0:ea:1bb::2313	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	104.17.187.237 104.17.187.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:ea:... 2a02:26f0:ea:1b7::216f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:dc:... 2a02:26f0:dc:398::24e8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:dc:... 2a02:26f0:dc:180::f33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
80	23

27 198.54.126.35 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: premium13-3.web-hosting.com

newssitem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.76.158.84 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-158-84.deploy.static.akamaitechnologies.com

www.washingtonpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::773 (United States)

ASN54113 (FASTLY, US)

media.cnn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

www.suchtv.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.123.91 (None, )

ASN13335 (CLOUDFLARENET, US)

www.geo.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ea:1bb::2313 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

static.foxnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.187.237 (None, )

ASN13335 (CLOUDFLARENET, US)

www.thenews.com.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:ea:1b7::216f (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

static.toiimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc:398::24e8 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

c.ndtvimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:dc:180::f33 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

ichef.bbci.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	newssitem.com 1 redirects newssitem.com	629 KB
9	gstatic.com fonts.gstatic.com	213 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	204 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	112 KB
4	toiimg.com static.toiimg.com — Cisco Umbrella Rank: 40804	74 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	20 KB
3	thenews.com.pk www.thenews.com.pk — Cisco Umbrella Rank: 46810	216 KB
3	washingtonpost.com www.washingtonpost.com — Cisco Umbrella Rank: 10600	287 KB
2	bbci.co.uk ichef.bbci.co.uk — Cisco Umbrella Rank: 7760	209 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	5 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8947	532 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	607 B
1	ndtvimg.com c.ndtvimg.com — Cisco Umbrella Rank: 40716	65 KB
1	foxnews.com static.foxnews.com — Cisco Umbrella Rank: 5533	245 KB
1	geo.tv www.geo.tv — Cisco Umbrella Rank: 52453	87 KB
1	suchtv.pk www.suchtv.pk	41 KB
1	cnn.com media.cnn.com — Cisco Umbrella Rank: 8795	60 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	2 KB
80	19

	Domain	Requested by
27	newssitem.com	1 redirects newssitem.com
9	fonts.gstatic.com	fonts.googleapis.com
9	www.googletagmanager.com	newssitem.com www.googletagmanager.com
6	pagead2.googlesyndication.com	newssitem.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	static.toiimg.com	newssitem.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.thenews.com.pk	newssitem.com
3	www.washingtonpost.com	newssitem.com
2	ichef.bbci.co.uk
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	c.ndtvimg.com	newssitem.com
1	static.foxnews.com	newssitem.com
1	www.geo.tv	newssitem.com
1	www.suchtv.pk	newssitem.com
1	media.cnn.com	newssitem.com
1	fonts.googleapis.com	newssitem.com
80	22

This site contains no links.

Subject Issuer	Validity	Valid
newssitem.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-16` - `2023-09-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.washingtonpost.com Entrust Certification Authority - L1M	`2022-03-23` - `2023-04-22`	a year	crt.sh
cnn.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-09` - `2024-01-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
wildcard.foxnews.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-13` - `2023-07-15`	a year	crt.sh
videoplayer.indiatimes.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
ndtv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.bbc.co.uk GlobalSign RSA OV SSL CA 2018	`2022-10-17` - `2023-11-18`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://newssitem.com/
Frame ID: 1DAF2B2EEC2C8F7023C98D419B4D6BDD
Requests: 74 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Frame ID: AFD4FF34D7741CC703539E2308169929
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2745354553562528&output=html&adk=1812271804&adf=3025194257&lmt=1678041526&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnewssitem.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678041526527&bpp=4&bdt=1236&idt=364&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5136089671188&frm=20&pv=2&ga_vid=679457688.1678041527&ga_sid=1678041527&ga_hid=762637707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44777876%2C31071756%2C31072730%2C31072742&oid=2&pvsid=3081913744814847&tmod=1991635569&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=439
Frame ID: 1550829E5193EF100D8152CCD9EFF404
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 22D62D643C0AE3E39347A2B898C0CB7F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F5A9F24F831F871B859677FE0DBB0D5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - newssitem.com

Page URL History Show full URLs

http://newssitem.com/ HTTP 301
https://newssitem.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

80
Requests

100 %
HTTPS

82 %
IPv6

19
Domains

22
Subdomains

23
IPs

5
Countries

2473 kB
Transfer

5278 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newssitem.com/ HTTP 301
https://newssitem.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
newssitem.com/
Redirect Chain

http://newssitem.com/
https://newssitem.com/

643 KB
70 KB

2286ms
1922ms

Document
text/html

198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: d5c2f57d11b0d9b3a42fcdeec271ed6420657b9b29f1c4ecd6a6d5380a4247d2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 05 Mar 2023 18:38:45 GMT
expires: Sun, 05 Mar 2023 18:38:45 GMT
link: <https://newssitem.com/wp-json/>; rel="https://api.w.org/" <https://newssitem.com/wp-json/wp/v2/pages/1405>; rel="alternate"; type="application/json" <https://newssitem.com/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 707
content-type: text/html
date: Sun, 05 Mar 2023 18:38:42 GMT
keep-alive: timeout=5, max=100
location: https://newssitem.com/
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
newssitem.com/wp-includes/css/dist/block-library/ 93 KB
12 KB 356ms
353ms Stylesheet
text/css 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:45 GMT
content-encoding: br
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11616
expires: Mon, 04 Mar 2024 18:38:45 GMT

GET
H2 200 classic-themes.min.css
newssitem.com/wp-includes/css/ 217 B
468 B 354ms
350ms Stylesheet
text/css 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:45 GMT
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
server: LiteSpeed
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 217
expires: Mon, 04 Mar 2024 18:38:45 GMT

GET
H2 200 style.css
newssitem.com/wp-content/plugins/td-newsletter/ 5 KB
1 KB 355ms
351ms Stylesheet
text/css 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-content/plugins/td-newsletter/style.css?ver=12.1.1
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: fd1af9561d6b70ff8c508d36d40f0b3f2e0cdd8b3c946c844b6ebe51863a09fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:45 GMT
content-encoding: br
last-modified: Sun, 01 Jan 2023 03:30:27 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1214
expires: Mon, 04 Mar 2024 18:38:45 GMT

GET
H2 200 style.css
newssitem.com/wp-content/plugins/td-composer/td-multi-purpose/ 37 KB
5 KB 356ms
352ms Stylesheet
text/css 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=e815948e5c9ec5801de67b92a1d5a59fxx
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:45 GMT
content-encoding: br
last-modified: Sun, 01 Jan 2023 03:29:59 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4410
expires: Mon, 04 Mar 2024 18:38:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 212ms
34ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Kanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CPlayfair+Display%3A700%2C400%7CLato%3A400%2C700%2C900%7CABeeZee%3A900%2C400&display=swap&ver=12.1.1

Requested by

Host: newssitem.com
URL: https://newssitem.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

900788cf2f9c151f990cebc043b711498fb1ab451ed0eb6862f89399ed8f63a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://newssitem.com/
Origin: https://newssitem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Mar 2023 18:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 18:38:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Mar 2023 18:38:45 GMT

GET
H2 200 tds-front.css
newssitem.com/wp-content/plugins/td-subscription/assets/css/ 44 KB
7 KB 356ms
352ms Stylesheet
text/css 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-content/plugins/td-subscription/assets/css/tds-front.css?ver=1.4.1
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 3becd57686ec6f9c6048cba1a5c0768c0db78ed6b8bf962efbd9708806c380f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:45 GMT
content-encoding: br
last-modified: Thu, 23 Feb 2023 17:15:49 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 6985
expires: Mon, 04 Mar 2024 18:38:45 GMT

GET
H2 200 typicons.css
newssitem.com/wp-content/plugins/td-composer/assets/fonts/typicons/ 26 KB
3 KB 356ms
353ms Stylesheet
text/css 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-content/plugins/td-composer/assets/fonts/typicons/typicons.css?ver=e815948e5c9ec5801de67b92a1d5a59fxx
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: afa044028d4cd864e1efdda28ab20692e487cf33738a7d0c07084244ccace0a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:45 GMT
content-encoding: br
last-modified: Sun, 01 Jan 2023 03:29:59 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3150
expires: Mon, 04 Mar 2024 18:38:45 GMT

GET
H2 200 font-awesome.css
newssitem.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 43 KB
7 KB 531ms
528ms Stylesheet
text/css 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=e815948e5c9ec5801de67b92a1d5a59fxx
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: af49f53268c08752ca4c11e7f467dbb93d1c3a192a123c837e278869754f94f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:45 GMT
content-encoding: br
last-modified: Sun, 01 Jan 2023 03:29:59 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 6642
expires: Mon, 04 Mar 2024 18:38:45 GMT

GET
H2 200 style.css
newssitem.com/wp-content/themes/Newspaper/ 148 KB
24 KB 532ms
529ms Stylesheet
text/css 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-content/themes/Newspaper/style.css?ver=12.1.1
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5f16485a3166302635a203c123c2f30d7bfd86104a698229f0c61bd0dbf1ff81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:45 GMT
content-encoding: br
last-modified: Sun, 01 Jan 2023 03:29:52 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 24189
expires: Mon, 04 Mar 2024 18:38:45 GMT

GET
H2 200 td_legacy_main.css
newssitem.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 160 KB
23 KB 532ms
530ms Stylesheet
text/css 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=e815948e5c9ec5801de67b92a1d5a59fxx
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 8c21de3b659aaa30693e28670ce6526645a4af8ce4d49c38f9fe410552d36e4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:45 GMT
content-encoding: br
last-modified: Sun, 01 Jan 2023 03:29:59 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 23325
expires: Mon, 04 Mar 2024 18:38:45 GMT

GET
H2 200 td_standard_pack_main.css
newssitem.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 715 KB
57 KB 534ms
531ms Stylesheet
text/css 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=48767bfdc5698c9103b4ef9b700012fd
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 1008e0fea1bcea71d721ce0187eba5979aee7626901ea11940898b0db51320c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:45 GMT
content-encoding: br
last-modified: Sun, 01 Jan 2023 03:30:54 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 58378
expires: Mon, 04 Mar 2024 18:38:45 GMT

GET
H2 200 tdb_main.css
newssitem.com/wp-content/plugins/td-cloud-library/assets/css/ 29 KB
5 KB 711ms
709ms Stylesheet
text/css 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=87b3292f51aec51c00e6ce7db9b73ed1
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 8fe457e08539bb6275fda6ccfe7666b6ab9216800193c897200d4c35770f0507

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:45 GMT
content-encoding: br
last-modified: Sun, 01 Jan 2023 03:30:07 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4642
expires: Mon, 04 Mar 2024 18:38:45 GMT

GET
H2 200 jquery.min.js Show response
newssitem.com/wp-includes/js/jquery/ 88 KB
30 KB 713ms
710ms Script
application/javascript 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:45 GMT
content-encoding: br
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30324
expires: Mon, 04 Mar 2024 18:38:45 GMT

GET
H2 200 jquery-migrate.min.js Show response
newssitem.com/wp-includes/js/jquery/ 11 KB
4 KB 718ms
716ms Script
application/javascript 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:45 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3995
expires: Mon, 04 Mar 2024 18:38:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 314ms
69ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-241410879-1

Requested by

Host: newssitem.com
URL: https://newssitem.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd07cc45b2934b12882633cccb037296fae706b209a9c554ca7affa960392ae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44820
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Mar 2023 18:38:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
48 KB 318ms
81ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2745354553562528&host=ca-host-pub-2644536267352236

Requested by

Host: newssitem.com
URL: https://newssitem.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e3793c3c05e88cf20e5a80ad3e0dbe4f0a222f6bc6eb0b231d82738d4ef24b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newssitem.com/
Origin: https://newssitem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48210
x-xss-protection: 0
server: cafe
etag: 16652133696259204076
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 18:38:46 GMT

GET
H2 200 wp-emoji-release.min.js Show response
newssitem.com/wp-includes/js/ 18 KB
5 KB 232ms
231ms Script
application/javascript 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4619
expires: Mon, 04 Mar 2024 18:38:46 GMT

GET
H2 200 rec-1.jpg
newssitem.com/wp-content/uploads/2022/09/ 32 KB
33 KB 233ms
232ms Image
image/jpeg 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newssitem.com/wp-content/uploads/2022/09/rec-1.jpg
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: edfcf8e31786de31c3f49e8775a3dd8823ed7faa674d240847bcadf7f1e819cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
last-modified: Mon, 19 Sep 2022 08:42:11 GMT
server: LiteSpeed
vary: User-Agent,Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 33246
expires: Mon, 03 Jul 2023 18:38:46 GMT

GET
H2 200 rec-1-mob.jpg
newssitem.com/wp-content/uploads/2022/09/ 28 KB
28 KB 410ms
409ms Image
image/jpeg 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newssitem.com/wp-content/uploads/2022/09/rec-1-mob.jpg
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 98421aeb209016fdd5670342c8cd2b438ffc54cfa2a59a825989a9bda12965eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
last-modified: Mon, 19 Sep 2022 08:42:12 GMT
server: LiteSpeed
vary: User-Agent,Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 28425
expires: Mon, 03 Jul 2023 18:38:46 GMT

GET
H2 200 rec-2.jpg
newssitem.com/wp-content/uploads/2022/09/ 44 KB
44 KB 357ms
356ms Image
image/jpeg 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newssitem.com/wp-content/uploads/2022/09/rec-2.jpg
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7215b430f7522b7afa812b85ab48a368fc99d9e6325ac409d339ea2d5cca2bfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
last-modified: Mon, 19 Sep 2022 08:42:13 GMT
server: LiteSpeed
vary: User-Agent,Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 45111
expires: Mon, 03 Jul 2023 18:38:46 GMT

GET
H2 200 rec-2-mob.jpg
newssitem.com/wp-content/uploads/2022/09/ 40 KB
40 KB 588ms
587ms Image
image/jpeg 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newssitem.com/wp-content/uploads/2022/09/rec-2-mob.jpg
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4e0c4747febe602f0f0fdada5980659aab4c3ae9be0092aceab88b93124d3638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
last-modified: Mon, 19 Sep 2022 08:42:14 GMT
server: LiteSpeed
vary: User-Agent,Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 40535
expires: Mon, 03 Jul 2023 18:38:46 GMT

GET
H2 200 underscore.min.js Show response
newssitem.com/wp-includes/js/ 18 KB
7 KB 191ms
191ms Script
application/javascript 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
content-encoding: br
last-modified: Tue, 27 Sep 2022 15:18:25 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7179
expires: Mon, 04 Mar 2024 18:38:46 GMT

GET
H2 200 js_posts_autoload.min.js Show response
newssitem.com/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 214ms
214ms Script
application/javascript 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=87b3292f51aec51c00e6ce7db9b73ed1
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
content-encoding: br
last-modified: Sun, 01 Jan 2023 03:30:07 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1874
expires: Mon, 04 Mar 2024 18:38:46 GMT

GET
H2 200 tagdiv_theme.min.js Show response
newssitem.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 298 KB
68 KB 414ms
413ms Script
application/javascript 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.1.1
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 887880bbd37c109dca66464d026c316a5747e607b6c70cfd8addbf047ef42e95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
content-encoding: br
last-modified: Sun, 01 Jan 2023 03:29:59 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 69726
expires: Mon, 04 Mar 2024 18:38:46 GMT

GET
H2 200 js_files_for_front.min.js Show response
newssitem.com/wp-content/plugins/td-subscription/assets/js/ 34 KB
9 KB 219ms
217ms Script
application/javascript 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-content/plugins/td-subscription/assets/js/js_files_for_front.min.js?ver=1.4.1
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: a029209ef3e4d32e3a95d52b56bb3452e3bdbc9785b44a80bc1e12c974851207

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
content-encoding: br
last-modified: Thu, 23 Feb 2023 17:15:49 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 8440
expires: Mon, 04 Mar 2024 18:38:46 GMT

GET
H2 200 js_files_for_front.min.js Show response
newssitem.com/wp-content/plugins/td-cloud-library/assets/js/ 160 KB
37 KB 231ms
229ms Script
application/javascript 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=87b3292f51aec51c00e6ce7db9b73ed1
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: f4a496329cb5cb5897f921ebb6fbbc2b232d5952d5b38f714007d80fdd53ebd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
content-encoding: br
last-modified: Sun, 01 Jan 2023 03:30:07 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 37329
expires: Mon, 04 Mar 2024 18:38:46 GMT

GET
H2 200 newspaper.woff
newssitem.com/wp-content/themes/Newspaper/images/icons/ 32 KB
32 KB 583ms
583ms Font
font/woff 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?21
Requested by: Host: newssitem.com
URL: https://newssitem.com/wp-content/themes/Newspaper/style.css?ver=12.1.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: c21a4f4dea997c97bf301a6d477a7968fabb123e8e00f99ae6fac7f4767324d6

Request headers

Referer: https://newssitem.com/wp-content/themes/Newspaper/style.css?ver=12.1.1
Origin: https://newssitem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
last-modified: Sun, 01 Jan 2023 03:29:52 GMT
server: LiteSpeed
vary: User-Agent,Accept-Encoding
content-type: font/woff
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 32832
expires: Mon, 03 Jul 2023 18:38:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 355ms
120ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CPlayfair+Display%3A700%2C400%7CLato%3A400%2C700%2C900%7CABeeZee%3A900%2C400&display=swap&ver=12.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newssitem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:23:05 GMT
x-content-type-options: nosniff
age: 281741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:23:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 274ms
40ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newssitem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:13:56 GMT
x-content-type-options: nosniff
age: 278690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:13:56 GMT

GET
H2 200 imrs.php
www.washingtonpost.com/wp-apps/ 76 KB
76 KB 751ms
485ms Image
image/avif 104.76.158.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.washingtonpost.com/wp-apps/imrs.php?src=https://arc-anglerfish-washpost-prod-washpost.s3.amazonaws.com/public/BOTM3FV2RMI63MG7RSQU3ZTZVU.jpg&w=1440

Requested by

Host: newssitem.com
URL: https://newssitem.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.158.84 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-158-84.deploy.static.akamaitechnologies.com

Software

Resource Hash

1c37d2300e768e70af9984f75478e57dd998039f55f159a3b859a305f403e2d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

akamai-true-ttl: 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sun, 05 Mar 2023 18:38:46 GMT
last-modified: Sat, 04 Mar 2023 17:25:01 GMT
etag: "951a682b8f4222ee307222a9711a6e95"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: no-transform, max-age=31536000
server-timing: ak_p; desc="466122_34754052_157918579_43800_11818_30_0";dur=1
content-length: 77312
expires: Sun, 03 Mar 2024 17:24:57 GMT

GET
H2 200 230303022546-01-wuxi-covid-testing-070122-file-restricted.jpg
media.cnn.com/api/v1/images/stellar/prod/ 60 KB
60 KB 321ms
119ms Image
image/jpeg 2a04:4e42:600::773
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/230303022546-01-wuxi-covid-testing-070122-file-restricted.jpg?c=16x9&q=w_800,c_fill
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::773 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b5ab8d57dd022fde5d5ea1d515852113db2bfba615f4af1f157f16db5dd6b12a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100022-IAD, cache-hhn-etou8220055-HHN
date: Sun, 05 Mar 2023 18:38:46 GMT
via: 1.1 varnish, 1.1 varnish
age: 34159
x-timer: S1678041526.290016,VS0,VE94
x-cache: HIT, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0004; build-version=v4.1.0; build-commit-hash=8beefd5ea
accept-ranges: bytes
content-length: 61419
x-cache-hits: 66, 0

GET
H2 200 f35377caf98e867daf5b78ecfe4346b6_XL.jpg
www.suchtv.pk/media/k2/items/cache/ 41 KB
41 KB 333ms
137ms Image
image/jpeg 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.suchtv.pk/media/k2/items/cache/f35377caf98e867daf5b78ecfe4346b6_XL.jpg

Requested by

Host: newssitem.com
URL: https://newssitem.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45ee562e611b57c99e3d380b8b85b00f7f699104a06a856cf7c33311582f561d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: MISS
last-modified: Thu, 02 Mar 2023 05:43:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xW7yw1Vin5Msxw2IXBCSg%2Fqlgk9gVlvdcPBFRcfSZjW9wsHDk2c7ylLVKOyb59zWpQFwZRN4tAOWtWPMQokZy9ovjsrj7z9KHOLPEvbLFQLkuzkolkoQnUb%2BZr2NxanZncEBEAXTyGGeJeA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800, s-maxage=10
accept-ranges: bytes
cf-ray: 7a347a534d559262-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41871

GET
H2 200 473669_083517_updates.jpg
www.geo.tv/assets/uploads/updates/2023-03-01/ 87 KB
87 KB 383ms
188ms Image
image/jpeg 104.16.123.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-03-01/473669_083517_updates.jpg
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.123.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1492148df416fdc881cfc02752c120ad3aa8e65df9360ec10d65fb05fb5cc8bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 88949
last-modified: Wed, 01 Mar 2023 15:35:17 GMT
server: cloudflare
vary: Accept-Encoding
x-varnish: 810535409
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a347a534f44927a-FRA
expires: Thu, 04 May 2023 18:38:46 GMT

GET
H2 200 ALL_CUSTOM_FS_LOCAL_NEWS_WA_GENERAL.png
static.foxnews.com/foxnews.com/content/uploads/2022/06/ 244 KB
245 KB 428ms
146ms Image
image/webp 2a02:26f0:ea:1bb::2313
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.foxnews.com/foxnews.com/content/uploads/2022/06/ALL_CUSTOM_FS_LOCAL_NEWS_WA_GENERAL.png

Requested by

Host: newssitem.com
URL: https://newssitem.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ea:1bb::2313 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1d88b712600742d94a07803d1ef66bb500d2295821abcb61e904334047797f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31557600
date: Sun, 05 Mar 2023 18:38:46 GMT
fastly-io-info: ifsz=280380 idim=1280x720 ifmt=png ofsz=250140 odim=1280x720 ofmt=webp
fastly-stats: io=1
content-length: 250140
x-served-by: cache-iad-kiad7000103-IAD, cache-hhn-etou8220027-HHN
x-timer: S1673289547.680983,VS0,VE3
etag: "wm6BmB6DXS24483RIst5zTdYbECjS7W948G7ufhv9K4"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=533700
access-control-allow-credentials: false
accept-ranges: bytes
x-debug-path: /foxnews.com/content/uploads/2022/06/ALL_CUSTOM_FS_LOCAL_NEWS_WA_GENERAL.png
access-control-allow-headers: *
x-cache-hits: 24, 1

GET
H2 200 1046873_095855_updates.jpg
www.thenews.com.pk/assets/uploads/updates/2023-03-05/ 52 KB
53 KB 242ms
42ms Image
image/webp 104.17.187.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenews.com.pk/assets/uploads/updates/2023-03-05/1046873_095855_updates.jpg
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.187.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 027147ce6965d676b00d2fc365363da975afa8b1fc552f9daf3a0d218c414841

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 2751
cf-polished: qual=85, origFmt=jpeg, origSize=90832
x-cache: MISS
content-disposition: inline; filename="1046873_095855_updates.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53334
cf-bgj: imgq:85,h2pri
last-modified: Sun, 05 Mar 2023 16:58:55 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 328167
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a347a534d2e3816-FRA
expires: Thu, 04 May 2023 18:38:46 GMT

GET
H2 200 photo.jpg
static.toiimg.com/thumb/msid-98383157,width-1070,height-580,imgsize-25134,resizemode-75,overlay-toi_sw,pt-32,y_pad-40/ 18 KB
18 KB 285ms
68ms Image
image/webp 2a02:26f0:ea:1b7::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/thumb/msid-98383157,width-1070,height-580,imgsize-25134,resizemode-75,overlay-toi_sw,pt-32,y_pad-40/photo.jpg

Requested by

Host: newssitem.com
URL: https://newssitem.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ea:1b7::216f Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

002a5e3571623152f84b73f9a06020f0acdaca65248defaeb4f40fc59854a4f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Sun, 05 Mar 2023 18:38:46 GMT
x-content-type-options: nosniff
server: Bhoot
etag: 25134
x-frame-options: sameorigin
content-type: image/webp
imagemagick_im4java: 1
cache-control: max-age=30889494
appgn: 17229387201231677825371972
content-length: 17998
x-xss-protection: 1; mode=block
expires: Mon, 26 Feb 2024 07:03:40 GMT

GET
H2 200 r3rfbrm_pvr-home_625x300_07_March_22.jpg
c.ndtvimg.com/2022-03/ 65 KB
65 KB 1006ms
763ms Image
image/webp 2a02:26f0:dc:398::24e8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.ndtvimg.com/2022-03/r3rfbrm_pvr-home_625x300_07_March_22.jpg?im=FaceCrop,algorithm=dnn,width=1200,height=675
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:398::24e8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 749bbbe74d8dcf8fc8d69d1d57986258f00f1dada8544870b75cd180c4feca2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:47 GMT
last-modified: Mon, 30 Jan 2023 00:22:54 GMT
server: Akamai Image Manager
etag: "4ad11b70e115c8d2309c85af0fad918d-1"
content-type: image/webp
cache-control: private, no-transform, max-age=1930923
content-length: 66530
expires: Tue, 28 Mar 2023 03:00:50 GMT

GET
H2 200 photo.jpg
static.toiimg.com/thumb/msid-98355348,width-1070,height-580,imgsize-25402,resizemode-75,overlay-toi_sw,pt-32,y_pad-40/ 17 KB
17 KB 355ms
190ms Image
image/webp 2a02:26f0:ea:1b7::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/thumb/msid-98355348,width-1070,height-580,imgsize-25402,resizemode-75,overlay-toi_sw,pt-32,y_pad-40/photo.jpg

Requested by

Host: newssitem.com
URL: https://newssitem.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ea:1b7::216f Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

db894881247675129021b9428d3ba6268eecda15df0c08c28636e85658c9a62a

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Sun, 05 Mar 2023 18:38:46 GMT
x-content-type-options: nosniff
server: Bhoot
etag: 25402
x-frame-options: sameorigin
content-type: image/webp
imagemagick_im4java: 1
cache-control: max-age=30908338
appgn: 17229386501231677841497348
content-length: 16900
x-xss-protection: 1; mode=block
expires: Mon, 26 Feb 2024 12:17:44 GMT

GET
H2 200 1045466_064059_updates.jpg
www.thenews.com.pk/assets/uploads/updates/2023-03-01/ 111 KB
111 KB 351ms
203ms Image
image/jpeg 104.17.187.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenews.com.pk/assets/uploads/updates/2023-03-01/1045466_064059_updates.jpg
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.187.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb19acc7e907b0857e18b10d9dc438d2a025e19b67be6b5804855d037dea1126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
cf-polished: degrade=85, origSize=184848, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 113687
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Mar 2023 13:40:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 393224
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a347a534d293816-FRA
expires: Thu, 04 May 2023 18:38:46 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 304ms
109ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newssitem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:03:59 GMT
x-content-type-options: nosniff
age: 322487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 01:03:59 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 323ms
128ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newssitem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:23:04 GMT
x-content-type-options: nosniff
age: 281742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:23:04 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 238ms
44ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newssitem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:34:57 GMT
x-content-type-options: nosniff
age: 255829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 19:34:57 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 35 KB
35 KB 338ms
143ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newssitem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:52:06 GMT
x-content-type-options: nosniff
age: 254800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35764
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 19:52:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 283ms
90ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newssitem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:57:30 GMT
x-content-type-options: nosniff
age: 351676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:57:30 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 345ms
152ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newssitem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 06:48:54 GMT
x-content-type-options: nosniff
age: 42592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Mar 2024 06:48:54 GMT

GET
H2 200 nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v12/ 19 KB
19 KB 327ms
138ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v12/nKKZ-Go6G5tXcraVGwA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af6af03bf35af06cad1ac9a366d09e024ae0e5daf6c01d455dc4caedc3d4be2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newssitem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:35:46 GMT
x-content-type-options: nosniff
age: 324180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19104
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:50:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 00:35:46 GMT

GET
H2 200 fontawesome-webfont.woff2
newssitem.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 75 KB
76 KB 464ms
463ms Font
font/woff2 198.54.126.35
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://newssitem.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: newssitem.com
URL: https://newssitem.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=e815948e5c9ec5801de67b92a1d5a59fxx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.126.35 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium13-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://newssitem.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=e815948e5c9ec5801de67b92a1d5a59fxx
Origin: https://newssitem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
last-modified: Sun, 01 Jan 2023 03:29:59 GMT
server: LiteSpeed
vary: User-Agent,Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 77160
expires: Mon, 03 Jul 2023 18:38:46 GMT

GET
DATA 200
OK truncated
/ 101 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/ 362 KB
119 KB 165ms
93ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2745354553562528&plah=newssitem.com&bust=31072742

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2745354553562528&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29562f06c5df96696a930fc0078b2517f3b97dfecefe0a93b61d51a6f4b19237

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122001
x-xss-protection: 0
server: cafe
etag: 354164398263477734
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 18:38:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/ Frame AFD4 10 KB
5 KB 165ms
70ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2745354553562528&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newssitem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 07:46:10 GMT
etag: 2378337311435320485
expires: Sun, 19 Mar 2023 07:46:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 78ms
22ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-241410879-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 05 Mar 2023 17:19:39 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4747
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 05 Mar 2023 19:19:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
67 KB 68ms
67ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5W7DJH64HE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-241410879-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

108b515237d87c32cfd7b1bef37c237d2a9d8d164fb26a8d3fb5e3bdc0391b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68855
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 18:38:46 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 37ms
32ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=762637707&t=pageview&_s=1&dl=https%3A%2F%2Fnewssitem.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20newssitem.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1635307776&gjid=1211136776&cid=679457688.1678041527&tid=UA-241410879-1&_gid=1086364875.1678041527&_r=1&gtm=457e3310&did=dZTNiMT&gdid=dZTNiMT&z=2136312627

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newssitem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 18:38:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newssitem.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 133ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5W7DJH64HE&gtm=45je3310&_p=762637707&gdid=dZTNiMT&cid=679457688.1678041527&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678041526&sct=1&seg=0&dl=https%3A%2F%2Fnewssitem.com%2F&dt=Home%20-%20newssitem.com&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5W7DJH64HE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 18:38:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newssitem.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 82ms
80ms Image
text/html 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5W7DJH64HE&cv=1&v=3&t=t&pid=516466701&rv=3310&es=1&e=gtm.init_consent&eid=0&h=Ag&tc=5&dl=newssitem.com%2F&tdp=G-5W7DJH64HE;93740896;0;2;0&z=0

Requested by

Host: newssitem.com
URL: https://newssitem.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 75ms
73ms Image
image/gif 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-5W7DJH64HE&cv=1&v=3&t=t&pid=516466701&rv=3310&es=1&e=gtm.init_consent&eid=0&h=Ag&tc=5&dl=newssitem.com%2F&tdp=G-5W7DJH64HE;93740896;0;2;0&z=0
Requested by: Host: newssitem.com
URL: https://newssitem.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 18:38:46 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 115ms
113ms Image
text/html 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5W7DJH64HE&cv=1&v=3&t=t&pid=516466701&rv=3310&es=1&e=gtm.init&eid=1&h=Ag&tc=5&tr=1ccdgaregscope.1ccdconversionmarking.1setproductsettings.1ogtgooglesignals&ti=2ccdgaregscope.2ccdconversionmarking.2setproductsettings.2ogtgooglesignals&z=0

Requested by

Host: newssitem.com
URL: https://newssitem.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 115ms
114ms Image
text/html 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5W7DJH64HE&cv=1&v=3&t=t&pid=516466701&rv=3310&es=1&e=gtm.js&eid=2&h=Ag&tc=5&tr=1gct&ti=1gct&z=0

Requested by

Host: newssitem.com
URL: https://newssitem.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 135ms
134ms Image
text/html 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5W7DJH64HE&cv=1&v=3&t=t&pid=516466701&rv=3310&es=1&e=gtag.config&eid=4&h=Ag&tc=5&z=0

Requested by

Host: newssitem.com
URL: https://newssitem.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 135ms
134ms Image
text/html 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5W7DJH64HE&cv=1&v=3&t=t&pid=516466701&rv=3310&es=1&e=gtag.config&eid=5&u=AAAAAAAAAAAAACA&h=Ag&tc=5&epr=1G.2G&z=0

Requested by

Host: newssitem.com
URL: https://newssitem.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
607 B 86ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=newssitem.com&callback=_gfp_s_&client=ca-pub-2745354553562528

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2745354553562528&plah=newssitem.com&bust=31072742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7879444aedb5b742bfe1b4131a9cd600652361050d522a7bc6697541b10ac5dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
532 B 159ms
63ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newssitem.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 151ms
57ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newssitem.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1550 603 B
219 B 205ms
204ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2745354553562528&output=html&adk=1812271804&adf=3025194257&lmt=1678041526&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnewssitem.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678041526527&bpp=4&bdt=1236&idt=364&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5136089671188&frm=20&pv=2&ga_vid=679457688.1678041527&ga_sid=1678041527&ga_hid=762637707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44777876%2C31071756%2C31072730%2C31072742&oid=2&pvsid=3081913744814847&tmod=1991635569&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=439

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newssitem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 18:38:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 87ms
86ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230301&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1749278682f691fb52bb5eb3cd65e7ab5160d3dec3b52773a55583585054a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11260
x-xss-protection: 0

GET
H2 200 1046873_095855_updates.jpg
www.thenews.com.pk/assets/uploads/updates/2023-03-05/ 52 KB
52 KB 45ms
44ms Image
image/webp 104.17.187.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenews.com.pk/assets/uploads/updates/2023-03-05/1046873_095855_updates.jpg
Requested by: Host: newssitem.com
URL: https://newssitem.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.187.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 027147ce6965d676b00d2fc365363da975afa8b1fc552f9daf3a0d218c414841

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:47 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 2752
cf-polished: qual=85, origFmt=jpeg, origSize=90832
x-cache: MISS
content-disposition: inline; filename="1046873_095855_updates.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53334
cf-bgj: imgq:85,h2pri
last-modified: Sun, 05 Mar 2023 16:58:55 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 328167
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a347a5a899f3816-FRA
expires: Thu, 04 May 2023 18:38:47 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 193ms
88ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 18:38:47 GMT

GET
H2 200 photo.jpg
static.toiimg.com/thumb/msid-98433142,width-1070,height-580,imgsize-29038,resizemode-75,overlay-toi_sw,pt-32,y_pad-40/ 19 KB
20 KB 65ms
65ms Image
image/webp 2a02:26f0:ea:1b7::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/thumb/msid-98433142,width-1070,height-580,imgsize-29038,resizemode-75,overlay-toi_sw,pt-32,y_pad-40/photo.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ea:1b7::216f Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

6ee6234b4ffe30a80833efc02e45bb6443859c7de21c552d9eeb4f08cfc51273

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Sun, 05 Mar 2023 18:38:47 GMT
x-content-type-options: nosniff
server: Bhoot
etag: 29038
x-frame-options: sameorigin
content-type: image/webp
imagemagick_im4java: 1
cache-control: max-age=31093969
appgn: 172244010401231678031526152
content-length: 19740
x-xss-protection: 1; mode=block
expires: Wed, 28 Feb 2024 15:51:36 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 22D6 13 KB
5 KB 38ms
35ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newssitem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7533
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 16:33:14 GMT
expires: Mon, 04 Mar 2024 16:33:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7F5A 783 B
1 KB 149ms
57ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6cebf08ee8de2c05f1e535e28a6bc5846bfe4d8c72e9d49f60ffa97eb21af70b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hOOrXDRrAfBhhfe3aVYugg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newssitem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-hOOrXDRrAfBhhfe3aVYugg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 18:38:47 GMT
expires: Sun, 05 Mar 2023 18:38:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 _128745388_8c826216b44060cd0bc3ec890aaaa845933de953.jpg
ichef.bbci.co.uk/news/1024/branded_news/15922/production/ 104 KB
105 KB 264ms
32ms Image
image/jpeg 2a02:26f0:dc:180::f33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ichef.bbci.co.uk/news/1024/branded_news/15922/production/_128745388_8c826216b44060cd0bc3ec890aaaa845933de953.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:dc:180::f33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: ec58c3d4ed43b62d242ebdc987fba421900310bfdb62cf727eed4b661c519f9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:47 GMT
x-amz-server-side-encryption: AES256
content-length: 106400
last-modified: Fri, 03 Mar 2023 00:36:26 GMT
server: Apache
etag: "fade1f5bb7130888e3a149e89f066eff"
access-control-max-age: 300
access-control-allow-methods: HEAD,GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers: *
expires: Sat, 02 Mar 2024 00:40:21 GMT

GET
H2 200 imrs.php
www.washingtonpost.com/wp-apps/ 105 KB
106 KB 103ms
103ms Image
image/avif 104.76.158.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.washingtonpost.com/wp-apps/imrs.php?src=https://arc-anglerfish-washpost-prod-washpost.s3.amazonaws.com/public/66SGTQVY6MI63MG7RSQU3ZTZVU.jpg&w=1440

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.158.84 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-158-84.deploy.static.akamaitechnologies.com

Software

Resource Hash

b47f692fd486d528b5516053a9ace0ce49f1b7c30732049b7278dfb9fc61a83d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

akamai-true-ttl: 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sun, 05 Mar 2023 18:38:47 GMT
last-modified: Thu, 02 Mar 2023 12:17:40 GMT
etag: "0c344c06807a4e88eb8fcd1ee6fc4e05"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: no-transform, max-age=31536000
server-timing: ak_p; desc="466122_34754052_157922973_2675_11244_30_0";dur=1
content-length: 107430
expires: Fri, 01 Mar 2024 12:18:20 GMT

GET
H3 200 9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js Show response
pagead2.googlesyndication.com/bg/ Frame 22D6 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 190877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14343
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 13:37:30 GMT

GET
H2 200 photo.jpg
static.toiimg.com/thumb/msid-98433142,width-1070,height-580,imgsize-29038,resizemode-75,overlay-toi_sw,pt-32,y_pad-40/ 19 KB
20 KB 46ms
46ms Image
image/webp 2a02:26f0:ea:1b7::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/thumb/msid-98433142,width-1070,height-580,imgsize-29038,resizemode-75,overlay-toi_sw,pt-32,y_pad-40/photo.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ea:1b7::216f Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

6ee6234b4ffe30a80833efc02e45bb6443859c7de21c552d9eeb4f08cfc51273

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Sun, 05 Mar 2023 18:38:47 GMT
x-content-type-options: nosniff
server: Bhoot
etag: 29038
x-frame-options: sameorigin
content-type: image/webp
imagemagick_im4java: 1
cache-control: max-age=31093969
appgn: 172244010401231678031526152
content-length: 19740
x-xss-protection: 1; mode=block
expires: Wed, 28 Feb 2024 15:51:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7F5A 0
0 67ms
67ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230301&jk=3081913744814847&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 74ms
74ms Image
text/html 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5W7DJH64HE&cv=1&v=3&t=t&pid=516466701&rv=3310&es=1&e=gtm.load&eid=7&u=AgAAAAAAAAAAACA&h=Ag&tc=5&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:47 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 22D6 0
10 B 36ms
36ms Image
text/plain 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5pvRwQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 _128745388_8c826216b44060cd0bc3ec890aaaa845933de953.jpg
ichef.bbci.co.uk/news/1024/branded_news/15922/production/ 104 KB
105 KB 32ms
32ms Image
image/jpeg 2a02:26f0:dc:180::f33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ichef.bbci.co.uk/news/1024/branded_news/15922/production/_128745388_8c826216b44060cd0bc3ec890aaaa845933de953.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:dc:180::f33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: ec58c3d4ed43b62d242ebdc987fba421900310bfdb62cf727eed4b661c519f9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:38:48 GMT
x-amz-server-side-encryption: AES256
content-length: 106400
last-modified: Fri, 03 Mar 2023 00:36:26 GMT
server: Apache
etag: "fade1f5bb7130888e3a149e89f066eff"
access-control-max-age: 300
access-control-allow-methods: HEAD,GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers: *
expires: Sat, 02 Mar 2024 00:40:21 GMT

GET
H2 200 imrs.php
www.washingtonpost.com/wp-apps/ 105 KB
106 KB 86ms
85ms Image
image/avif 104.76.158.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.washingtonpost.com/wp-apps/imrs.php?src=https://arc-anglerfish-washpost-prod-washpost.s3.amazonaws.com/public/66SGTQVY6MI63MG7RSQU3ZTZVU.jpg&w=1440

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.158.84 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-158-84.deploy.static.akamaitechnologies.com

Software

Resource Hash

b47f692fd486d528b5516053a9ace0ce49f1b7c30732049b7278dfb9fc61a83d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

akamai-true-ttl: 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sun, 05 Mar 2023 18:38:48 GMT
last-modified: Thu, 02 Mar 2023 12:17:40 GMT
etag: "0c344c06807a4e88eb8fcd1ee6fc4e05"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: no-transform, max-age=31536000
server-timing: ak_p; desc="466122_34754052_157924562_274_12493_30_0";dur=1
content-length: 107430
expires: Fri, 01 Mar 2024 12:18:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
70ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230301&jk=3081913744814847&bg=!vL-lv-vNAAbv3-2Ez987ADkAdvg8WnQfe4bYgYHkTtWEZyTGlY15YnuQAJPFh_7sU2XHgOmBOCRaIXeZAGtcpaFPaSZKjGtksvsCAAAAe1IAAAADaAEHCgDq3YXjAvfT-TTgMs0rsZFKwbsiI7r-sHV3KhwzRbXU5mChx_xLMq4h1834piRliyiRIbKjx9OJj-Rh1AAuMxo5ivRD8pdP_WfMW2jSpVLPb1ULwdQZnIpzubN2s700E1dA3a8NTDnKsZ_8QNlZLDL1axKsrZb5cTH-3LE51ivmzOc1YhcKmd7sJmC2q8q39V8xFu0r6J8ck8XYVLCdgi4pdxNXG6LUr3H2jxO2neBN0youYtbxIS7Mm1is6dzdMWgIEuo9gQvqcG22pthLBqDp48tAaYWHCk6w12j1n7fqbTQpDvpQnbFYhGuTmQKNBq_HEzUqckM4-RVa0ZTy4bC_cS4p-7GQgbfq18PZUX4xeQkF-WdgmqMjvVAhsCXybvsVr-_3ZoE5-92rTr4fvQ015qxmfK-4eVuH_uykFWBeV3DI8p-xU-3zTyx2EZwiccxTMYAVXTQ8mOU_81_Ay9UibnFr555oebtOUHEJ-6xtGhdjCvb-92WEoEJUvp2O7Zp7ijK8fwY6tRavLgkdJm1XXGyVBDDnj6TTzrvrFxP0wXZM7_7yV10G0tX2KpF9CIu9TWZh2z-RxyTog5sPn4wvTh7qAi8da7VP4V2JxFidjXM-USMBIh4kk6z9SxPfwty-Vfk83A5EwVRKeENAXMA9lWbf8Mfdb0Cn45P0y6_O3ZVa39YXSTdXQIQvai-Nyr5RBtAIrAjIMv0nu6wxXG_7_9TKhpbrVD9AQa38BTtMkJThcXNLmJMr4_mYLSHQ_deX1vy-qJaY8S1Wb44Aad3irHJaMc3oXiE4tDCBdSoqzFMR1MjLJNcM7j5uF2DyUj_lk_kwpJOpM_oo_6z9eASt4aDgYYx-zN4g0GjRb_npfSP_112L9KMjSCsDc7Dy59bwOuaTf8ltIbI_bAXKQabBi3MW9-_HiOKWhHTENM79Xs5D82J2ZqSnKWkrriYpZLukeq515WWfzPAE6152j0X6HR11GzabuEBFqduW-goYmiWrGJ8CTs4cHl1rCyv51w9VACeSaQKDNzzUadi9wQwxH95V5kqbjeWOqcDk3ZeLRvBYNAsHpmNJKsXUDGti6gEJ0YlOSLGJc8oZp9vd6SPCyMEhEQZlU9CyEJ6U4BmOZoFEodovXf5hcLqsZMoBm6hfZG4wdl8gxWGc734SEMT3_DiPBMz_l4n3fdo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newssitem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cnn.com/	1969-12-31 23:59:59	Name: countryCode Value: DE
.cnn.com/	1969-12-31 23:59:59	Name: stateCode Value: TH
.cnn.com/	1969-12-31 23:59:59	Name: geoData Value: erfurt\|TH\|99084\|DE\|EU\|100\|broadband\|50.980\|11.030
.newssitem.com/	1970-01-20 10:08:47	Name: _gid Value: GA1.2.1086364875.1678041527
.newssitem.com/	1970-01-20 10:07:21	Name: _gat_gtag_UA_241410879_1 Value: 1
.newssitem.com/	1970-01-20 19:43:21	Name: _ga_5W7DJH64HE Value: GS1.1.1678041526.1.0.1678041526.0.0.0
.newssitem.com/	1970-01-20 19:43:21	Name: _ga Value: GA1.1.679457688.1678041527
.washingtonpost.com/	1970-01-20 18:52:57	Name: wp_ak_wab Value: 1\|1\|2\|0\|1\|1\|1\|20230130
.washingtonpost.com/	1970-01-20 10:07:25	Name: wp_geo Value: DE\|HE\|\|\|EEA
.newssitem.com/	1970-01-20 19:28:57	Name: __gads Value: ID=326ce0f9634ef2be-22941cf243dd00ac:T=1678041526:RT=1678041526:S=ALNI_MbBn-UnrVC8h4rEOqCiFsappfiEiA
.newssitem.com/	1970-01-20 19:28:57	Name: __gpi Value: UID=00000bc0de711277:T=1678041526:RT=1678041526:S=ALNI_MYlzjAcATVa5sJTbJ15rvPKgtHh5Q
.doubleclick.net/	1970-01-20 10:07:22	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2745354553562528&output=html&adk=1812271804&adf=3025194257&lmt=1678041526&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnewssitem.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678041526527&bpp=4&bdt=1236&idt=364&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5136089671188&frm=20&pv=2&ga_vid=679457688.1678041527&ga_sid=1678041527&ga_hid=762637707&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44777876%2C31071756%2C31072730%2C31072742&oid=2&pvsid=3081913744814847&tmod=1991635569&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=439 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.ndtvimg.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ichef.bbci.co.uk
media.cnn.com
newssitem.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
static.foxnews.com
static.toiimg.com
tpc.googlesyndication.com
www.geo.tv
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.suchtv.pk
www.thenews.com.pk
www.washingtonpost.com
104.16.123.91
104.17.187.237
104.76.158.84
198.54.126.35
2001:4860:4802:32::36
2001:4860:4802:36::178
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2002
2a00:1450:400d:804::2001
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2003
2a00:1450:400d:80d::2008
2a00:1450:400d:80e::2002
2a02:26f0:dc:180::f33
2a02:26f0:dc:398::24e8
2a02:26f0:ea:1b7::216f
2a02:26f0:ea:1bb::2313
2a04:4e42:600::773
2a06:98c1:3121::c
002a5e3571623152f84b73f9a06020f0acdaca65248defaeb4f40fc59854a4f8
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
027147ce6965d676b00d2fc365363da975afa8b1fc552f9daf3a0d218c414841
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
1008e0fea1bcea71d721ce0187eba5979aee7626901ea11940898b0db51320c0
108b515237d87c32cfd7b1bef37c237d2a9d8d164fb26a8d3fb5e3bdc0391b22
1492148df416fdc881cfc02752c120ad3aa8e65df9360ec10d65fb05fb5cc8bf
1c37d2300e768e70af9984f75478e57dd998039f55f159a3b859a305f403e2d5
1d88b712600742d94a07803d1ef66bb500d2295821abcb61e904334047797f0c
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
29562f06c5df96696a930fc0078b2517f3b97dfecefe0a93b61d51a6f4b19237
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3becd57686ec6f9c6048cba1a5c0768c0db78ed6b8bf962efbd9708806c380f1
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
45ee562e611b57c99e3d380b8b85b00f7f699104a06a856cf7c33311582f561d
4e0c4747febe602f0f0fdada5980659aab4c3ae9be0092aceab88b93124d3638
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5f16485a3166302635a203c123c2f30d7bfd86104a698229f0c61bd0dbf1ff81
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cebf08ee8de2c05f1e535e28a6bc5846bfe4d8c72e9d49f60ffa97eb21af70b
6ee6234b4ffe30a80833efc02e45bb6443859c7de21c552d9eeb4f08cfc51273
7215b430f7522b7afa812b85ab48a368fc99d9e6325ac409d339ea2d5cca2bfc
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
749bbbe74d8dcf8fc8d69d1d57986258f00f1dada8544870b75cd180c4feca2c
7879444aedb5b742bfe1b4131a9cd600652361050d522a7bc6697541b10ac5dc
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
887880bbd37c109dca66464d026c316a5747e607b6c70cfd8addbf047ef42e95
8c21de3b659aaa30693e28670ce6526645a4af8ce4d49c38f9fe410552d36e4a
8e3793c3c05e88cf20e5a80ad3e0dbe4f0a222f6bc6eb0b231d82738d4ef24b2
8fe457e08539bb6275fda6ccfe7666b6ab9216800193c897200d4c35770f0507
900788cf2f9c151f990cebc043b711498fb1ab451ed0eb6862f89399ed8f63a5
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98421aeb209016fdd5670342c8cd2b438ffc54cfa2a59a825989a9bda12965eb
a029209ef3e4d32e3a95d52b56bb3452e3bdbc9785b44a80bc1e12c974851207
a1749278682f691fb52bb5eb3cd65e7ab5160d3dec3b52773a55583585054a47
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
af49f53268c08752ca4c11e7f467dbb93d1c3a192a123c837e278869754f94f7
af6af03bf35af06cad1ac9a366d09e024ae0e5daf6c01d455dc4caedc3d4be2d
afa044028d4cd864e1efdda28ab20692e487cf33738a7d0c07084244ccace0a8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b47f692fd486d528b5516053a9ace0ce49f1b7c30732049b7278dfb9fc61a83d
b5ab8d57dd022fde5d5ea1d515852113db2bfba615f4af1f157f16db5dd6b12a
bb19acc7e907b0857e18b10d9dc438d2a025e19b67be6b5804855d037dea1126
bd07cc45b2934b12882633cccb037296fae706b209a9c554ca7affa960392ae3
c21a4f4dea997c97bf301a6d477a7968fabb123e8e00f99ae6fac7f4767324d6
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d5c2f57d11b0d9b3a42fcdeec271ed6420657b9b29f1c4ecd6a6d5380a4247d2
db894881247675129021b9428d3ba6268eecda15df0c08c28636e85658c9a62a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec58c3d4ed43b62d242ebdc987fba421900310bfdb62cf727eed4b661c519f9d
edfcf8e31786de31c3f49e8775a3dd8823ed7faa674d240847bcadf7f1e819cd
f4a496329cb5cb5897f921ebb6fbbc2b232d5952d5b38f714007d80fdd53ebd7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1
fd1af9561d6b70ff8c508d36d40f0b3f2e0cdd8b3c946c844b6ebe51863a09fa

newssitem.com Open in urlscan Pro 198.54.126.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

100 %HTTPS

82 %IPv6

19 Domains

22 Subdomains

23 IPs

5 Countries

2473 kBTransfer

5278 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

newssitem.com Open in urlscan Pro
198.54.126.35 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

100 %
HTTPS

82 %
IPv6

19
Domains

22
Subdomains

23
IPs

5
Countries

2473 kB
Transfer

5278 kB
Size

12
Cookies

80 HTTP transactions
1 data transactions