newks.com Open in urlscan Pro
172.67.72.194  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://newks.com/ HTTP 301
   https://newks.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

• https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/tttl-embed-survey.js HTTP 302
• https://unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/tttl-embed-survey.js

Request Chain 26

• https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-a71d192a.system.js HTTP 302
• https://unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/p-a71d192a.system.js

Request Chain 50

• https://12881027.fls.doubleclick.net/activityi;src=12881027;type=invmedia;cat=newks0;ord=178326502916;gtm=45He36s0;auiddc=428406319.1688046165;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnewks.com%2F HTTP 302
• https://12881027.fls.doubleclick.net/activityi;dc_pre=CJ_Kq4DO6P8CFSvLOwIdercNGA;src=12881027;type=invmedia;cat=newks0;ord=178326502916;gtm=45He36s0;auiddc=428406319.1688046165;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnewks.com%2F

Request Chain 63

• https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-71352b19.system.js HTTP 302
• https://unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/p-71352b19.system.js

Request Chain 70

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/372717222/?random=2036573964&cv=11&fst=1688046165131&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=auHjCJCjo5ICEKbt3LEB&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20Newks&value=0&auid=428406319.1688046165&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=VYqdZPbRCZiu7_UPhIKNmAg&sscte=1&crd=&eitems=ChEI8Nf0pAYQgNzfg8PrmJjGARIdAEWJZf-hW2ktmhN3AZwBjv-nVvgRsrPoPehB51o&pscrd=Ek5DaEVJOE5mMHBBWVFvWXYwdmZURzA1UHJBUklsQUJHWDdnUjI4c0t2eG5YOGphc25vYktfYXJ2djI1eEVoYlFfbDh2U2V3MVBqNHUtMUEaWENoRUk4TmYwcEFZUXVhTEwyZTNCM3VDX0FSSXRBTENwZkdKdDhYNXNUS0NSOUdtaDNWR0owZThqZGk1Mk1LdWFsVzJSb3FYUW43ZF9XX1lyci11UHZNUEQiEwi20KeAzuj_AhUY17sIHQRBA4M HTTP 302
• https://www.google.com/pagead/1p-conversion/372717222/?random=2036573964&cv=11&fst=1688046165131&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=auHjCJCjo5ICEKbt3LEB&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20Newks&value=0&auid=428406319.1688046165&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5mMHBBWVFvWXYwdmZURzA1UHJBUklsQUJHWDdnUjI4c0t2eG5YOGphc25vYktfYXJ2djI1eEVoYlFfbDh2U2V3MVBqNHUtMUEaWENoRUk4TmYwcEFZUXVhTEwyZTNCM3VDX0FSSXRBTENwZkdKdDhYNXNUS0NSOUdtaDNWR0owZThqZGk1Mk1LdWFsVzJSb3FYUW43ZF9XX1lyci11UHZNUEQiEwi20KeAzuj_AhUY17sIHQRBA4M&is_vtc=1&ocp_id=VYqdZPbRCZiu7_UPhIKNmAg&cid=CAQSKQBygQiDHC7Kf3bZGzaHGltRo6XukialbkCd4r4GQjLvx-gvynJT_I-Y&eitems=ChEI8Nf0pAYQgNzfg8PrmJjGARIdAEWJZf-jRJRK84_DihBOhWrn4RZW0ebBmDrXokE&random=1968866580 HTTP 302
• https://www.google.de/pagead/1p-conversion/372717222/?random=2036573964&cv=11&fst=1688046165131&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=auHjCJCjo5ICEKbt3LEB&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20Newks&value=0&auid=428406319.1688046165&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5mMHBBWVFvWXYwdmZURzA1UHJBUklsQUJHWDdnUjI4c0t2eG5YOGphc25vYktfYXJ2djI1eEVoYlFfbDh2U2V3MVBqNHUtMUEaWENoRUk4TmYwcEFZUXVhTEwyZTNCM3VDX0FSSXRBTENwZkdKdDhYNXNUS0NSOUdtaDNWR0owZThqZGk1Mk1LdWFsVzJSb3FYUW43ZF9XX1lyci11UHZNUEQiEwi20KeAzuj_AhUY17sIHQRBA4M&is_vtc=1&ocp_id=VYqdZPbRCZiu7_UPhIKNmAg&cid=CAQSKQBygQiDHC7Kf3bZGzaHGltRo6XukialbkCd4r4GQjLvx-gvynJT_I-Y&eitems=ChEI8Nf0pAYQgNzfg8PrmJjGARIdAEWJZf-jRJRK84_DihBOhWrn4RZW0ebBmDrXokE&random=1968866580&ipr=y

Request Chain 71

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/434748839/?random=1566361752&cv=11&fst=1688046165128&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=N6RZCMrH9YsCEKf7ps8B&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20Newks&value=0&auid=428406319.1688046165&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=VYqdZNbQCa6n9u8PhaqUoA4&sscte=1&crd=&eitems=ChEI8Nf0pAYQgNzfg8PrmJjGARIdAEWJZf-AT-moZUGBvtJ0cr94JjYuRouoJj0dEjU&pscrd=Ek5DaEVJOE5mMHBBWVFvWXYwdmZURzA1UHJBUklsQUJHWDdnUjI4c0t2eG5YOGphc25vYktfYXJ2djI1eEVoYlFfbDh2U2V3MVBqNHUtMUEaWENoRUk4TmYwcEFZUXVhTEwyZTNCM3VDX0FSSXRBTENwZkdLM0J4NTB5N1RDM3FXRXhUcGp3bXFOa0dEcHV3QzFHcDhWOGUtU1EwRnhUamFhamdlYWtnYUYiEwiWz6eAzuj_AhWuk_0HHQUVBeQ HTTP 302
• https://www.google.com/pagead/1p-conversion/434748839/?random=1566361752&cv=11&fst=1688046165128&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=N6RZCMrH9YsCEKf7ps8B&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20Newks&value=0&auid=428406319.1688046165&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5mMHBBWVFvWXYwdmZURzA1UHJBUklsQUJHWDdnUjI4c0t2eG5YOGphc25vYktfYXJ2djI1eEVoYlFfbDh2U2V3MVBqNHUtMUEaWENoRUk4TmYwcEFZUXVhTEwyZTNCM3VDX0FSSXRBTENwZkdLM0J4NTB5N1RDM3FXRXhUcGp3bXFOa0dEcHV3QzFHcDhWOGUtU1EwRnhUamFhamdlYWtnYUYiEwiWz6eAzuj_AhWuk_0HHQUVBeQ&is_vtc=1&ocp_id=VYqdZNbQCa6n9u8PhaqUoA4&cid=CAQSKQBygQiDO_Xbs8XaOVD6YwxOSoh8uLDR_bwJRPtEF6HvEQynPyg7X3OR&eitems=ChEI8Nf0pAYQgNzfg8PrmJjGARIdAEWJZf-PN07X1owzMgO8PMhQQjz52WIz5dQSl28&random=3066075305 HTTP 302
• https://www.google.de/pagead/1p-conversion/434748839/?random=1566361752&cv=11&fst=1688046165128&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=N6RZCMrH9YsCEKf7ps8B&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20Newks&value=0&auid=428406319.1688046165&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5mMHBBWVFvWXYwdmZURzA1UHJBUklsQUJHWDdnUjI4c0t2eG5YOGphc25vYktfYXJ2djI1eEVoYlFfbDh2U2V3MVBqNHUtMUEaWENoRUk4TmYwcEFZUXVhTEwyZTNCM3VDX0FSSXRBTENwZkdLM0J4NTB5N1RDM3FXRXhUcGp3bXFOa0dEcHV3QzFHcDhWOGUtU1EwRnhUamFhamdlYWtnYUYiEwiWz6eAzuj_AhWuk_0HHQUVBeQ&is_vtc=1&ocp_id=VYqdZNbQCa6n9u8PhaqUoA4&cid=CAQSKQBygQiDO_Xbs8XaOVD6YwxOSoh8uLDR_bwJRPtEF6HvEQynPyg7X3OR&eitems=ChEI8Nf0pAYQgNzfg8PrmJjGARIdAEWJZf-PN07X1owzMgO8PMhQQjz52WIz5dQSl28&random=3066075305&ipr=y

Request Chain 87

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4338324&time=1688046165354&url=https%3A%2F%2Fnewks.com%2F&tm=gtmv2 HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4338324&time=1688046165354&url=https%3A%2F%2Fnewks.com%2F&tm=gtmv2&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4338324%26time%3D1688046165354%26url%3Dhttps%253A%252F%252Fnewks.com%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4338324&time=1688046165354&url=https%3A%2F%2Fnewks.com%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4338324&time=1688046165354&url=https%3A%2F%2Fnewks.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQK1rlPv6p8TMwAAAYkHZGBoJ4FGGGLJ_ra9jzyW2axGsB9sB0Z10kfyFM2GUWKvw-OpdV6CxDI0cbs6t3sKOCR_23F6xg

Request Chain 90

• https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-edc78b99.system.entry.js HTTP 302
• https://unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/p-edc78b99.system.entry.js

Request Chain 107

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685628331429671&referrer=https%3A%2F%2Fnewks.com%2F&forward= HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=31f0d25e-d69f-4da8-9567-5335a96d711d%3A1688046165.7891934&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D31f0d25e-d69f-4da8-9567-5335a96d711d%253A1688046165.7891934%26_%3D1688046165.7910419&cb=1688046165.7910764 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685628331429671&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D31f0d25e-d69f-4da8-9567-5335a96d711d%253A1688046165.7891934%26_%3D1688046165.7910419 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=31f0d25e-d69f-4da8-9567-5335a96d711d%3A1688046165.7891934&_=1688046165.7910419 HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
• https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEllQmoxuss5PlhTah4IrmQ&google_cver=1

Request Chain 108

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyODMzMTQyOTY3MQ==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEFEztzGJZmFc0NbWMhwNlv8&google_cver=1 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685628331429671&referrer={encSite}&forward= HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=13fab24f-9480-4cf9-a71e-a77e11946757%3A1688046166.0741894&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D13fab24f-9480-4cf9-a71e-a77e11946757%253A1688046166.0741894%26_%3D1688046166.0758352&cb=1688046166.0758648 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685628331429671&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D13fab24f-9480-4cf9-a71e-a77e11946757%253A1688046166.0741894%26_%3D1688046166.0758352 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=13fab24f-9480-4cf9-a71e-a77e11946757%3A1688046166.0741894&_=1688046166.0758352 HTTP 307
• https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
• https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7336952721320447288

Request Chain 109

• https://ib.adnxs.com/setuid?entity=18&code=5109685628331429671 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685628331429671

Request Chain 110

• https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685628331429671&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685628331429671&redir=

Request Chain 113

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5109685628331429671&bid=omt9pi0

Request Chain 116

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685628331429671&forward= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685628331429671&forward=&C=1

Request Chain 119

• https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685628331429671&img=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685628331429671&img=1&__user_check__=1&sync_id=d4537b95-1682-11ee-8ee1-1860f0710406

Request Chain 123

• https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685628331429671&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685628331429671&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

Request Chain 124

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZJ2KVQAVWrW75gBS HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=ZJ2KVQAVWrW75gBS&_test=ZJ2KVQAVWrW75gBS

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response newks.com/ Redirect Chain http://newks.com/ https://newks.com/	26 KB 10 KB	484ms 464ms	Document text/html	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Craft CMS Resource Hash a9afd9b3c4a3bb74fec862fc0afeffb95c407e03da386f4d376f6632be9daaaa Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 7dee982ed8ba9189-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 29 Jun 2023 13:42:44 GMT link <https://newks.com/>; rel="canonical" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer-when-downgrade report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2F8Ey6WGOseF8IfaP0c19FbXMVsoz3PkOV8UfDphQHDF2fXKeDnFf4q2FAUswM9ZzCtwUUhGU0ZBaznaCkyjzFzj%2BXw2EkQm%2B3HORxXma02v9AhUCZPcCwlGOA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000 vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-powered-by Craft CMS x-xss-protection 1; mode=block Redirect headers CF-RAY 7dee982e8b0e9a15-FRA Cache-Control max-age=3600 Connection keep-alive Date Thu, 29 Jun 2023 13:42:44 GMT Expires Thu, 29 Jun 2023 14:42:44 GMT Location https://newks.com/ NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnAFW9cRiFCLXoSxcbWV9u5uV009y85p0OLDkRyP0KFW%2BsXMhehfiOlHHkIQC1Zp38ATH10vWP1QFQHthy40%2BKTa5JiGkKKDTES55H%2F6YKg1pbyBLkrC6Kx7sQ%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding
GET H2	200	main-344171c723.css newks.com/assets/css/	157 KB 17 KB	21ms 19ms	Stylesheet text/css	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newks.com/assets/css/main-344171c723.css Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a85c388efd8b76b17e49c4d99b6da0e64e64303de769bcf2ec4067cd9e73102d Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 19 Oct 2021 22:06:16 GMT server cloudflare age 238684 cf-polished origSize=160625 etag W/"616f4158-27371" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0P%2F2m22a7AN8u0DxDbMMMg%2BX001DBaDCJh1g5kGPx6XWojFrQ9hSJ19bFrPDJiSLnJT0AFxJqz3Chq11ZpZ7lCbppAQ2%2FknFYD3MWWkhlhWNuH9%2Bcm%2FQZ6%2Bkg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control public, max-age=31536000 cf-ray 7dee9831bbee9189-FRA
GET H2	200	utility.css newks.com/assets/css/	305 B 511 B	17ms 14ms	Stylesheet text/css	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newks.com/assets/css/utility.css?ver=20221010d Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67234bcd796aefe8b584cbba6027eeab277012c7eabcb7e127f341cea72c58dd Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 11 Oct 2022 01:05:49 GMT server cloudflare age 271283 cf-polished origSize=406 etag W/"6344c16d-196" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYKH5qfDSfgK8p5fmvTB5OQLNnGxuAOL5CsgJpr4n8wHUKxBwJMWnsGNkGtW9eyDJzcb7BnKCeqnu30SX1lukeOhmEtGRQs9Bqna3WspXShFItn9uASJ4IPyrw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control public, max-age=31536000 cf-ray 7dee9831cbef9189-FRA
GET H2	200	animate.min.css cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/	70 KB 5 KB	42ms 18ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 8443721 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 4216 last-modified Mon, 07 Sep 2020 12:33:38 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f5628a2-11846" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LebAOI7OPx4X%2FkgXbtQ0cpQphsWK678TPPG%2FnFep%2BaIlsngxWVtFuOUsHtbgWsG14yy87CMz5wVuICB52OnrjRAO2KLT87SzAtr6PzQGxGhRALp2Ik6P1%2Bxiq2acYmV9e0EC7pdCEb0pTDzU90C9PHR9"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7dee9831efe2bbd3-FRA expires Tue, 18 Jun 2024 13:42:44 GMT
GET H2	200	owl.carousel.min.css newks.com/owlcarousel/	3 KB 1 KB	24ms 22ms	Stylesheet text/css	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newks.com/owlcarousel/owl.carousel.min.css Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT content-encoding br cf-cache-status HIT last-modified Tue, 10 Aug 2021 00:07:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 681037 etag W/"6111c359-d17" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKyOOuiKwpVJmLCF9rPYUIAq8RQ7wVm01bg8kY%2ByFHGHt9Uo%2BGOGg5jaXolIg3Pvgp%2Fo6HVgCJArD2Isa6dTwvmTWE3yw1MRFeixhu9yRZAxXhwGCjp4ATaBJQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 7dee9831cbf09189-FRA
GET H2	200	owl.theme.default.min.css newks.com/owlcarousel/	1013 B 727 B	18ms 16ms	Stylesheet text/css	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newks.com/owlcarousel/owl.theme.default.min.css Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT content-encoding br cf-cache-status HIT last-modified Tue, 10 Aug 2021 00:07:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 238684 etag W/"6111c359-3f5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Cca9Vi5t0EFUTikkH6qhaFDSig8Vuj1SULcq6o48AhCaSYf9VEAr4q5IZmneNF%2FLCaK2HmDm%2FTNmderKvctWyujBvlTLzxELlOCgYREprmcZQfpNIJBCNktXw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 7dee9831cbf19189-FRA
GET H2	200	modernizr-custom.js Show response newks.com/assets/js/scripts/vendor/	54 KB 22 KB	18ms 16ms	Script application/javascript	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newks.com/assets/js/scripts/vendor/modernizr-custom.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e4d7a564b9fa4ea91c98069b144720415f53b57ffae33e522f9b96ef6488cbf Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 19 Oct 2021 22:06:19 GMT server cloudflare age 238684 cf-polished origSize=54960 etag W/"616f415b-d6b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F60bZp%2FovxwtBOvqNbbj417f%2F%2F81RsDgW0lAf3qhRUZIQZuFF%2B0q2smNhLYevxVPUGEfxXJzpyPA7AhotYhl9%2B32TqpKECjkH5C%2FF9LV%2BTCXXYT9yy8QT%2BWZbQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control public, max-age=31536000 cf-ray 7dee9831cbf29189-FRA
GET H2	200	tttl-embed-survey.js Show response unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/ Redirect Chain https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/tttl-embed-survey.js https://unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/tttl-embed-survey.js	120 KB 40 KB	23ms 23ms	Script application/javascript	2606:4700::6810:7daf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/tttl-embed-survey.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Server 2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3d563c9835949c03d69342e5f107618510c2e49eb0561d2c9047bb07dee4b14 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 3538621 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01H0T7JH2SF0E6Z6GQTSY8GEAZ-fra server cloudflare etag W/"1ded1-gshnFQmva96fqEvCzEH/VpY/INI" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7dee98333ac89b76-FRA Redirect headers date Thu, 29 Jun 2023 13:42:44 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status EXPIRED fly-request-id 01H43P8PT0NJSAQRMKCSPQKYHS-fra server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * location /tttl-embed-survey@0.2.11/dist/tttl-embed-survey/tttl-embed-survey.js cache-control public, s-maxage=600, max-age=60 cf-ray 7dee9831e9129b76-FRA
GET H2	200	email-decode.min.js Show response newks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	13ms 11ms	Script application/javascript	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 22 Jun 2023 09:29:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64941465-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qznoAAHyxH0ciJk5aJ%2F2mCvvJE76ViJAj8zbRD8N8pHtKqes%2BmPQzt9WM1uPFX8ogCx7vM6b55%2BpyNB%2B6oWB9%2F2Kf4DNz1usirxDw6BMJcKw%2B2%2FmkqxF%2BH5jVA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 7dee9831cbf39189-FRA expires Sat, 01 Jul 2023 13:42:44 GMT
GET H2	200	fslightbox.js Show response newks.com/assets/js/scripts/	30 KB 10 KB	22ms 21ms	Script application/javascript	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newks.com/assets/js/scripts/fslightbox.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c35f26ded7d21acd288910e2e746bf932bb7fe94b2b9815d552690b535f764d Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 19 Oct 2021 22:06:18 GMT server cloudflare age 30242 etag W/"616f415a-7771" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7T5GQoTQXIJ2hOLrZCDgX22TD3LbkHUUkRnQFclXTPWzIuVbY6tH8LXuhc3McMsmU6s6%2BBOcaf4q4JRgg94a2v81cVJzqgwhFOTNTfrSFWovitMGXAADyRSfA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 7dee9831cbf49189-FRA
GET H2	404	lightgallery.js newks.com/assets/js/scripts/	0 0	19ms 18ms	Script text/html	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newks.com/assets/js/scripts/lightgallery.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Craft CMS Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 28 x-powered-by Craft CMS content-encoding br x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKJGvaTPgkD6fdI8nT45ntYq9VXTPtmAPqouxQOarW9Ou45Hd0olaCZ8LYqINN4VRhEKrzB5wJt4tOFhqam5xiIMB%2FWJ5RzQg6GL%2Bj9Tt1vFLh7SkMJ1U35Ueg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 cf-ray 7dee9831cbf59189-FRA
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/	87 KB 28 KB	48ms 25ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 3266140 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27938 last-modified Tue, 02 Mar 2021 18:58:36 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "603e8adc-15d9d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NET8NP5Ob7LUQBGV1gpO9MlkWRaiHjy3MoWjhDUTxZcIDUIeegU5Z%2BH652BKOI1EfKuYB%2BTVj2G824goUihnrxmnVE8vC77A64%2BcJ5mhMQC%2Bn6nJkOcHo7jZ2BDMhIJLDl7dkvIgW%2BVt3u5R7d%2BLbMV"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7dee9831efe3bbd3-FRA expires Tue, 18 Jun 2024 13:42:44 GMT
GET H2	200	gsap.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/	60 KB 22 KB	41ms 19ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/gsap.min.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 10444549 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 21845 last-modified Wed, 26 Aug 2020 23:14:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f46ecc0-eeae" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pXl9DqmV9YibQTbcID75UFUdXHxICoQ%2BQraE%2BnikJ1Bli4b%2FAf1ir1VVFzzUGG7N%2BJCsi%2B6Oa8A8Q%2FtIWoIGaTvehsHSaAlHcxDNCTxC7hwZerblyUfG8%2FdIWY%2FtOnZbYQWayJtC9ofdVTp41J8sCgi"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7dee9831efe4bbd3-FRA expires Tue, 18 Jun 2024 13:42:44 GMT
GET H2	200	ScrollTrigger.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/	19 KB 8 KB	43ms 21ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/ScrollTrigger.min.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a913c910e1c2d698dfd4d4df819e4cc58831640f8799a8cdad0f77f4d1d70f1 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1710825 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 7892 last-modified Wed, 26 Aug 2020 23:14:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f46ecc0-4ccb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsJQhDsSJt2928OFMNBebfgSCWBm4xWRT3or7SWEc348gLi7PojEOSexGQhdSOSHLFo%2Foiva%2FAfD7ev6xLqp7B47%2BYT0zswBOq4a06lJ%2FsOfQIFQaxrPM4O%2B5758hFXiX78XU7W6NgRhv14qBtHt0Jux"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7dee9831efe5bbd3-FRA expires Tue, 18 Jun 2024 13:42:44 GMT
GET H2	200	smoothscroll.min.js Show response unpkg.com/smoothscroll-polyfill@0.4.4/dist/	4 KB 2 KB	21ms 21ms	Script application/javascript	2606:4700::6810:7daf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/smoothscroll-polyfill@0.4.4/dist/smoothscroll.min.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19eab772c8cb2919d14d563774b249919f4989295f54cf64443470c9964931c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 10451049 last-modified Tue, 26 Mar 2019 18:21:19 GMT fly-request-id 01FX0C9K0RPDX63KDBSGFYFQ8J-fra server cloudflare etag W/"f80-XQhYfU01oooGWe3xRfk6+DFXark" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7dee983269c79b76-FRA
GET H2	200	owl.carousel.min.js Show response newks.com/owlcarousel/	43 KB 12 KB	25ms 24ms	Script application/javascript	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newks.com/owlcarousel/owl.carousel.min.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT content-encoding br cf-cache-status HIT last-modified Tue, 10 Aug 2021 00:07:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 238684 etag W/"6111c359-ad36" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRw%2BLVxKIAxcpm%2Fy%2Btai0EfOhy%2FC3X5GPpXqDKxJnSC6f8FNxaDLV9cAFJNJkFILtbrWDFywUN0FcKIe8fd6Iq4oDZzVzxYZuRmqhyziS7uvnMUMU9oFHtJlDQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 7dee9831cbf69189-FRA
GET H2	200	main-bd2ecaab8f.js Show response newks.com/assets/js/	452 KB 114 KB	31ms 30ms	Script application/javascript	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newks.com/assets/js/main-bd2ecaab8f.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a279372028690ecbcefdc632dc4df9d96e9348978fd29424817eaf13958463a Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 19 Oct 2021 22:06:18 GMT server cloudflare age 343340 etag W/"616f415a-71189" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogJ5WUPMQ9W8he9pIcD3J8tHPQ15cGmLpGe29ppUNrTMG7vCqFAQbNpLsMqaYrL7yHu2Ba1SL9apkSpzbImONQXAEwmCtcLWVpVextwQkLWGH8pGtvqIJaKd0Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 7dee9831cbf89189-FRA
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	33ms 7ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 29 Jun 2023 12:35:22 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 4042 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 29 Jun 2023 14:35:22 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	320 KB 98 KB	71ms 40ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 98b9a1905cc4b582a9c9f002fe70993ab4e713c293221dc32466a93ea4cfad06 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100045 x-xss-protection 0 last-modified Thu, 29 Jun 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 29 Jun 2023 13:42:44 GMT
GET H2	200	Oswald-Regular.ttf newks.com/assets/fonts/	79 KB 80 KB	16ms 15ms	Font application/octet-stream	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newks.com/assets/fonts/Oswald-Regular.ttf Requested by Host: newks.com URL: https://newks.com/assets/css/main-344171c723.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3324614698f72cc606e4f62ba931a65931727fe4b28b2625784948cd669813ed Request headers Referer https://newks.com/assets/css/main-344171c723.css Origin https://newks.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:44 GMT cf-cache-status HIT last-modified Tue, 10 Aug 2021 00:15:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 14716 etag "6111c511-13cb4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Rhfx4cXTLF8qcL3eNr4WVAPaafSPAx9VLdrm3ZkRJGTxnCupYH1mfOEfSh2fvw3Ujm3HwgguwhEDWHpbE0kWKA%2B%2F5ewceFZFoLev02eEOZJQAwVdp%2B5GpGtXw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7dee98324ca39189-FRA content-length 81076
GET DATA	200 OK	truncated /	157 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	203 B 203 B		Image image/jp2
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/jp2
GET DATA	200 OK	truncated /	90 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/webp
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 206 B	21ms 21ms	XHR text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1587637230&t=pageview&_s=1&dl=https%3A%2F%2Fnewks.com%2F&ul=en-us&de=UTF-8&dt=Homepage%20-%20Newks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=509384770&gjid=388993967&cid=1153892530.1688046165&tid=UA-49026823-1&_gid=1844246889.1688046165&_r=1&_slc=1&z=1193039661 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://newks.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://newks.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 346 B	62ms 20ms	XHR text/plain	2a00:1450:400c:c07::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-49026823-1&cid=1153892530.1688046165&jid=509384770&gjid=388993967&_gid=1844246889.1688046165&_u=IEBAAEAAAAAAACAAI~&z=1939171829 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://newks.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Thu, 29 Jun 2023 13:42:45 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://newks.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 409 B	49ms 23ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-49026823-1&cid=1153892530.1688046165&jid=509384770&_u=IEBAAEAAAAAAACAAI~&z=1690592512 Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 409 B	59ms 34ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-49026823-1&cid=1153892530.1688046165&jid=509384770&_u=IEBAAEAAAAAAACAAI~&z=1690592512 Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	p-a71d192a.system.js Show response unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/ Redirect Chain https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-a71d192a.system.js https://unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/p-a71d192a.system.js	5 KB 2 KB	19ms 18ms	Script application/javascript	2606:4700::6810:7daf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/p-a71d192a.system.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Server 2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b74f59290ac7f6ed2e802d83d24222e1d5f742ca25c45f66979784f41a516d7c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 3538622 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01H0T7JJ62222E61E7YKXPXTVZ-fra server cloudflare etag W/"124b-wQd09+Plc16kKpx2nbrE+0Kfz2g" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7dee9833eb8a9b76-FRA Redirect headers date Thu, 29 Jun 2023 13:42:45 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01H43P4E2Y5BXSQM34K1Y2KYR5-fra server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload age 140 vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * location /tttl-embed-survey@0.2.11/dist/tttl-embed-survey/p-a71d192a.system.js cache-control public, s-maxage=600, max-age=60 cf-ray 7dee98337b119b76-FRA
GET H2	200	FeaturedSoups_home-short-block-template-800x500_2-1.png newks.com/media/home/	573 KB 574 KB	499ms 499ms	Image image/png	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/home/FeaturedSoups_home-short-block-template-800x500_2-1.png Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 594d6ab7604225d0409b086e22502a495b29ed45f8b9b66fbd8be2fb3c7e6183 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT cf-cache-status MISS last-modified Tue, 17 Aug 2021 15:02:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "611bcf82-8f443" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgHRHdQfP4YIT9rgDI7dNwsmwnFjximJC0o3r79dZGEIHcMZ1oA2%2BPpXME%2FWJkqhHvt5C6tl8kJnxAJ5JfPcjNpibbJuSxdUA2sgiKfssXjSG1ioPzYczkfFCw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7dee98338e1e9189-FRA content-length 586819
GET H2	200	leaf-2.svg newks.com/media/home/	1 KB 1 KB	268ms 268ms	Image image/svg+xml	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/home/leaf-2.svg Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e19dad4cab71dbb5a84c24db7bd82753079c038a30e17fe157b59faf0e45f596 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 10 Aug 2021 04:27:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6112001a-5e0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11XSmkRSlu7fzzydxh47sZX8oLxit1jUOpOT6PF1MIkq2wGeYgZM5ACWOChDC7QCIvvOyaKxgVZENSBnLJbRAZV6gbfINTYNhxCo8%2Fq7QBBhS9FMA8p6fFHCKA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 7dee98338e1f9189-FRA
GET H2	200	ribbon_2021-07-12-192141_byzp.png newks.com/media/home/	364 KB 365 KB	428ms 428ms	Image image/png	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/home/ribbon_2021-07-12-192141_byzp.png Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc8c8c9eaa95ee6f66c7877162224a95fb8dddb5f75a74682f9f21b17315b011 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT cf-cache-status MISS last-modified Tue, 10 Aug 2021 04:27:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6112002b-5b098" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQbnCAeovjCAMcGykgwHCcnyI%2B11OieE16Rp9Way0jtGFEIYQjwFrjnXoD9kHjOBbpxvOPXWpo62tFlOsm7gR3baVZSJwe%2FdDZaAwmIzTlB%2B%2FMayUgAJ1OP9mw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7dee98338e209189-FRA content-length 372888
GET H2	200	video-back-2.jpg newks.com/media/home/	108 KB 109 KB	524ms 524ms	Image image/jpeg	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/home/video-back-2.jpg Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f62e85b3417ce1c6e0b9ce6d60a8ecb6b259748db4b0aee8a46680b01dffcc9 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT cf-cache-status MISS last-modified Tue, 10 Aug 2021 04:27:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6112002b-1b086" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uEwx0DH5Vh%2F116VSIuLS%2BGa2HT5Db9H9%2FYRM%2Bg1s%2Fstu7U1DaSM%2FTZcJPzVv1Xpfwh%2Fp3qpNWMVml%2BcJuMcg4ebXdi%2FoxnjkV%2FIl%2BDVMhI1K60ngXClU0SYCA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7dee98338e219189-FRA content-length 110726
GET H2	200	Montserrat-Black.otf newks.com/assets/fonts/	225 KB 225 KB	29ms 28ms	Font application/octet-stream	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newks.com/assets/fonts/Montserrat-Black.otf Requested by Host: newks.com URL: https://newks.com/assets/css/main-344171c723.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 265c987d31386e86de49089c55d9298a004e7d659d6f890e2e8e849ea12e8e3c Request headers Referer https://newks.com/assets/css/main-344171c723.css Origin https://newks.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT cf-cache-status HIT last-modified Tue, 10 Aug 2021 00:15:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 238685 etag "6111c512-382ec" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BWqzmQIFp%2BEdMv%2BI%2Bb3mBN1dhoTpjbthv3E0P5NFT17oAaBC%2F%2BYOwyq8AdJnsZUYMFr3usNBjfwf4gkQ9KKn%2By9nvCFnmAef5pD0nkkx%2BCMP38qgYvdwW4C5A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7dee98339e239189-FRA content-length 230124
GET H2	200	Montserrat-SemiBoldItalic.otf newks.com/assets/fonts/	237 KB 238 KB	18ms 18ms	Font application/octet-stream	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newks.com/assets/fonts/Montserrat-SemiBoldItalic.otf Requested by Host: newks.com URL: https://newks.com/assets/css/main-344171c723.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d22da964305fbc6f6d9e1bec2946110f2b479d684e05a029c93a68eea15db03f Request headers Referer https://newks.com/assets/css/main-344171c723.css Origin https://newks.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT cf-cache-status HIT last-modified Tue, 10 Aug 2021 00:15:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 142014 etag "6111c511-3b3f0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZEt%2BvJFn7lSPdqwTTc2nOeU9VDeAEH7vuDOtC%2BqT5GlW41DwZBYgURzHIbD5JwrYObhKaHIwGRy%2BNmz1CB%2BF1cnG3JicMZiQUg7OOCvK5gxob9M0gus7h0tzw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7dee98339e259189-FRA content-length 242672
GET H2	200	Oswald-Medium.ttf newks.com/assets/fonts/	90 KB 90 KB	22ms 22ms	Font application/octet-stream	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newks.com/assets/fonts/Oswald-Medium.ttf Requested by Host: newks.com URL: https://newks.com/assets/css/main-344171c723.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0012c21f87120d46a70f61fd79206f486e929a8b08db7d486ff56822a8e7b77 Request headers Referer https://newks.com/assets/css/main-344171c723.css Origin https://newks.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT cf-cache-status HIT last-modified Tue, 10 Aug 2021 00:15:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 142014 etag "6111c510-16600" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpHDnGxrrkaSZKDq3bescY3EQNuzl8sSklyQsN5CHADN98E%2FRpW6RRXPJJQoKy4l6btjigSNVJUL4zOpJzkLs68suthhpEPTMew2xtrJJohDxgC6P1%2BkU4AW5A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7dee98339e269189-FRA content-length 91648
GET H2	200	EkWFDUnlX_A Show response www.youtube.com/embed/ Frame F150	76 KB 32 KB	108ms 78ms	Document text/html	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/EkWFDUnlX_A Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 31e1423537a348e0ff2c30fe5486c5161faa7652cdc946da0830f56e8c0e29d5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://newks.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Thu, 29 Jun 2023 13:42:45 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H2	200	user.svg newks.com/media/icons/	969 B 828 B	285ms 283ms	Image image/svg+xml	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/icons/user.svg Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d59bc03ab9ef9372d28f6853e6d2e9850d1ad010e04e95035f5474968e61efdb Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 10 Aug 2021 04:27:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6112002d-3c9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yrpjteh5PkSdkmibslUgXoSJxCgeKRDfSL6Rx%2BkUVgPxfgvGKLsiuHIg%2Br6vVW86xwJzVOZlfemVgr1H0Mud6wFGcyTSRlU8HplfQ7TBERoYubwEc3peGcPVrg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 7dee9833ae3e9189-FRA
GET H2	200	down-arrow.svg newks.com/media/icons/	1 KB 674 B	324ms 322ms	Image image/svg+xml	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/icons/down-arrow.svg Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85a70867f76c962969aa6a586ba86580a7a760edd7808fe52d500d7e8e7972e3 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 10 Aug 2021 04:27:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6112002e-477" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUCWzTbXBXArNL36l4%2BTwkssYIb%2Bl%2FNr7UV5pW%2Fpb3xvDk2C01w%2FCG5Kg9Ke%2Ba6thhmHeBKmxmbda0JegA2jUnQmKJuVp124Q1hivWSqXWD7hseaOUpEg%2BKDbQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 7dee9833ae3f9189-FRA
GET H2	200	OurStory_home-tall-block-template-900x450.png newks.com/media/home/	250 KB 251 KB	444ms 442ms	Image image/png	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/home/OurStory_home-tall-block-template-900x450.png Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a56838a9945bcc7f2ac3996f3ccb3c0b264e26dc96842ff23deed0e8263d2aa Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT cf-cache-status MISS last-modified Tue, 10 Aug 2021 04:27:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6112002b-3e868" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQc6C2LuRnJNqbH8KAVtCQ%2F829XNT6EUuiUALkqV0e87pRDAK3LK3kKZKKNhkp4uOF60PEWe6aSvrziD%2FwzXHhgA%2BHqg8goZCHpeSDDn2dRfWgthsr1pYtR5Hw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7dee9833ae419189-FRA content-length 256104
GET H2	200	gift-cards-new.png newks.com/media/home/	399 KB 400 KB	451ms 449ms	Image image/png	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/home/gift-cards-new.png Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3cb33015d9ee73c4cc4873a618ef8b192c1b0f8f7bfe2eb730f130ca246b3bd Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT cf-cache-status MISS last-modified Tue, 10 Aug 2021 04:27:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "61120019-63c69" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTvCVhON9TkOsISlMI32F9vbtdVdAyHrJWLj%2FiPEDysU721ZZ6ex3Ic6Ss9tyoGTH2OPYh90FFDvEpjEeRvcMbbWVE25A8F3GB7Q2Y00Lw1lPoGQ4sZ6xhhx1g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7dee9833ae429189-FRA content-length 408681
GET H2	200	top.svg newks.com/media/globals/	389 B 557 B	275ms 273ms	Image image/svg+xml	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/globals/top.svg Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a6a70589d9d9f1b1e957a0fb225558ce5c5ea0d1aa30d32a68dc14d5f8f354b Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 10 Aug 2021 04:26:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6112000e-185" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tg3GvuUiYSNE5iM9D1qcNwKlfUHcUzdILPLEpQGfsZok9SxaS3%2B86lMBUSwIfebzE44ClGRfwsRq6cUh70S3Rw06idELnaxU8%2BVBeC6qd8uWzyYxr6JzXBB2Uw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 7dee9833ae439189-FRA
GET H2	200	contact.svg newks.com/media/globals/	4 KB 1 KB	287ms 285ms	Image image/svg+xml	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/globals/contact.svg Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5ebeb8f82195bd4c9c6143d6183fed33be01d922ff94c384850bd603803e64a Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 10 Aug 2021 04:26:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6111fff1-10c1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMoGrUnzJkLRr8HLIY5EfHIrswJArbq5L44tG8PIsZFrYCrOgZS4ZkhNQ%2FjtYeekvmfpTYnBzBE%2Bu8j%2BiyAauPyN4%2Bm6odNyJy9mKyo91zCgdNH2MBoD8w6zfA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 7dee9833ae449189-FRA
GET H2	200	facebook.svg newks.com/media/globals/	1 KB 689 B	287ms 286ms	Image image/svg+xml	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/globals/facebook.svg Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 393ea5d6182d4324217627c1cc78f7805116b67bbd24e5390a5d1f2b1aa1c960 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 10 Aug 2021 04:26:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6111fffe-528" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AP8ED0tA1f1%2FyRw6Md4IbAfB1WdEu2WQyytdlU5DlnGPnZ3AD0ZWFmiKuQcbNMWsWd23zq%2B9VT9%2BK6xOMaRt6kPlrBFZaPnWpS1KKTwYJvTfpeUZgIeenqA5vA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 7dee9833ae469189-FRA
GET H2	200	instagram.svg newks.com/media/globals/	2 KB 949 B	276ms 275ms	Image image/svg+xml	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/globals/instagram.svg Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d467f28ef6d7bbe9eb9991542a11302f5874486c40c861c32cc3fc365b85340 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 10 Aug 2021 04:26:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6111fff7-88d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTxHg8xLTSn3EtoTw29n%2BiiVGqKdmUiLYPOTvja4R6k2%2BQAYxTK2H2Jv3dqrklZ00c9JQDb7eCpiGmLt4kKGTGSymW3S3ZV9%2F4gKw6AYIzLMXo0Lx0uP4MWbsQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 7dee9833ae479189-FRA
GET H2	200	twitter.svg newks.com/media/globals/	2 KB 988 B	270ms 268ms	Image image/svg+xml	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/globals/twitter.svg Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c182918d2f7aabb51276d7279f393a74699a128232e6ed557d1cae4fa0fd4fa1 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 10 Aug 2021 04:26:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"61120008-76a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6M0shl2tS070rmX2tWLZY1SNfZ9ftSk0mqvby0WONZ4ezuBLzHCgjw71pi8j6Xi3hfIg4kj54xMqz%2FWFqrpaarR95CccO4O7MOHhYLzjB2fFK1b0f%2BjGrK2lQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 7dee9833ae489189-FRA
GET H2	200	you2.svg newks.com/media/globals/	2 KB 872 B	266ms 265ms	Image image/svg+xml	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/globals/you2.svg Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fdbf79dc4db79ed651cdbbd4a07d898518057578c353cfe6b7ff8da8a01f619a Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 10 Aug 2021 04:26:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"61120006-6a3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mH8aKcTfHzXdZFqrDxIA2HnlLMZGwFRnThxmSeWfL7dEGjHrKZt8M5Fm9g72jVImzBLx1gr39GlAA%2F%2FW86lpfoaWILLM8ZGo4HYYJ9L%2FXJQLJI9qaNM04mq9QA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 7dee9833ae499189-FRA
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/434748839/	3 KB 2 KB	61ms 31ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/434748839/?random=1688046165124&cv=11&fst=1688046165124&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20Newks&value=https%3A%2F%2Fnewks.com%2F&userId=https%3A%2F%2Fnewks.com%2F&auid=428406319.1688046165&uamb=0&uaw=0&data=event%3DPage%20Visits&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a9cd057affb2abec3a9857c5d4e3e79e17dda5ef49480da3f0ea9872878ca330 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1317 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response www.googleadservices.com/pagead/conversion/434748839/	3 KB 2 KB	49ms 25ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/434748839/?random=1688046165128&cv=11&fst=1688046165128&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=N6RZCMrH9YsCEKf7ps8B&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20Newks&value=0&bttype=purchase&auid=428406319.1688046165&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e5591284cede26d453e14c6b36470c343ca099bc6dd1658356f55f8c903645ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1607 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/372717222/	3 KB 1 KB	191ms 164ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/372717222/?random=1688046165130&cv=11&fst=1688046165130&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20Newks&auid=428406319.1688046165&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a91e2bb57319c8a622521c86e9d1d3f82c70461dd4e844b2f6af1030c945e4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1285 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response www.googleadservices.com/pagead/conversion/372717222/	3 KB 2 KB	47ms 25ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/372717222/?random=1688046165131&cv=11&fst=1688046165131&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=auHjCJCjo5ICEKbt3LEB&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20Newks&value=0&bttype=purchase&auid=428406319.1688046165&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e8a70b6acdcd4f0a6b544e81cd4f8cc56ffccb65eb0f1657a486641d94a65ec8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1607 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	hotjar-2830751.js Show response static.hotjar.com/c/	9 KB 4 KB	71ms 49ms	Script application/javascript	108.138.7.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2830751.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.7.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-118.fra56.r.cloudfront.net Software / Resource Hash 905f52d3e71aec230b1d884306f99e837b5a732ab16251bcac855ec2562eaad0 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P6 etag W/41678373c30f53437c189f0cb6da928a vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id XQefnLyu4KhCN4UB9_SV9f4ubdFafhg3TfFWucjF-tcGns9A2E62ZA==
GET H2	200	activityi;dc_pre=CJ_Kq4DO6P8CFSvLOwIdercNGA;src=12881027;type=invmedia;cat=newks0;ord=178326502916;gtm=45He36s0;auiddc=428406319.1688046165;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https... Show response 12881027.fls.doubleclick.net/ Frame FF06 Redirect Chain https://12881027.fls.doubleclick.net/activityi;src=12881027;type=invmedia;cat=newks0;ord=178326502916;gtm=45He36s0;auiddc=428406319.1688046165;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=ht... https://12881027.fls.doubleclick.net/activityi;dc_pre=CJ_Kq4DO6P8CFSvLOwIdercNGA;src=12881027;type=invmedia;cat=newks0;ord=178326502916;gtm=45He36s0;auiddc=428406319.1688046165;uaa=;uab=;uafvl=;uam...	435 B 361 B	51ms 51ms	Document text/html	142.250.184.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://12881027.fls.doubleclick.net/activityi;dc_pre=CJ_Kq4DO6P8CFSvLOwIdercNGA;src=12881027;type=invmedia;cat=newks0;ord=178326502916;gtm=45He36s0;auiddc=428406319.1688046165;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnewks.com%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f6.1e100.net Software cafe / Resource Hash 115a15ea16395d3d8ae1ea655421f20b9538c28b6be6a8cfa2e3643cc3389a28 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://newks.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 251 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 29 Jun 2023 13:42:45 GMT expires Thu, 29 Jun 2023 13:42:45 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 29 Jun 2023 13:42:45 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://12881027.fls.doubleclick.net/activityi;dc_pre=CJ_Kq4DO6P8CFSvLOwIdercNGA;src=12881027;type=invmedia;cat=newks0;ord=178326502916;gtm=45He36s0;auiddc=428406319.1688046165;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnewks.com%2F? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	1 KB 773 B	44ms 14ms	Script application/x-javascript	2a02:26f0:3100::1735:28c0 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::1735:28c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 26 Jun 2023 17:35:57 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=74619 accept-ranges bytes content-length 560
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	171 KB 47 KB	36ms 13ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 29 Jun 2023 13:42:45 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 46863 x-xss-protection 0 pragma public x-fb-debug oXraEVmJi6HaNwgkJiJZQ8Pjw2r/5ojMyGqKzWVBswLfrXCutL6/K+MATOKsuZBqX61LVeJt4LQ+JBOYBZSO1A== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	tc.min.js Show response c1.rfihub.net/js/	19 KB 6 KB	68ms 18ms	Script application/x-javascript	2600:9000:214f:8000:1:76cf:fe80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c1.rfihub.net/js/tc.min.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:8000:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 12:52:39 GMT content-encoding gzip via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) last-modified Thu, 29 Jun 2023 12:52:29 GMT server Jetty(9.4.51.v20230217) x-amz-cf-pop FRA53-C1 age 3006 x-cache Hit from cloudfront content-type application/x-javascript p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control public, max-age=3600 content-length 6162 x-amz-cf-id hY-iYnpgOyuwWfd3MwEjfXJICfFpCJB2pAp6B6AkkHhqNbJPHuwYSg== expires Thu, 29 Jun 2023 13:52:39 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	3 KB 2 KB	168ms 122ms	Script application/javascript	2.16.110.18 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHDSV3BC77UFR1FA44C0&lib=ttq Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.110.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-110-18.deploy.static.akamaitechnologies.com Software nginx / Resource Hash cef85987f26952278815ba5d98130a8a57a3fb50f1f4c63019b751454a1928b8 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-akamai-request-id aa3bfabf.8f17cb1 date Thu, 29 Jun 2023 13:42:45 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a2-16-110-14.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-) x-parent-response-time 97,2.16.110.14 server-timing cdn-cache; desc=MISS, edge; dur=92, origin; dur=5, inner; dur=3 content-length 1379 pragma no-cache server nginx x-tt-logid 202306291342453690753EFF0CA4121FA2 x-cache-remote TCP_MISS from a104-78-78-38.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 6,104.78.78.38 x-tt-trace-host 01ca5754d83224ad6ee886f811f65003087c18ea66b9b29f8001acd5453d02d191420f555380df04c2fac1c8ff95d7374df5f8f8c0e6b622ca9cf1860170a1a6a1a40cc61bef2df68c5bebfec547f483078ec2f78883f63d737239b97b1242ade081949514d87d5e100c933079c25ef726 expires Thu, 29 Jun 2023 13:42:45 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	249 KB 85 KB	35ms 35ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-TQHBZDF37S&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 83e8516ed4735cda5c6435f3e40bf71420befd3c24ecb0447232d0641b34c17c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 87116 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 29 Jun 2023 13:42:45 GMT
POST H2	200	372717222 google.com/pagead/form-data/	0 0	76ms 25ms	Ping text/html	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://google.com/pagead/form-data/372717222?em=tv.1&gtm=45He36s0&auid=428406319.1688046165 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers
POST H2	204	372717222 google.com/ccm/form-data/	0 251 B	43ms 24ms	Ping text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://google.com/ccm/form-data/372717222?em=tv.1&gtm=45He36s0&auid=428406319.1688046165 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMNMG9W Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://newks.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	t.png pix.pub/	68 B 412 B	69ms 19ms	Image image/png	108.138.7.99 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pix.pub/t.png?&t=1688046165145&l=tvscientific-pix-o-16965a11-64f4-460d-a773-563fb643c89e&u3=https%3A%2F%2Fnewks.com%2F Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.7.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-99.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 28 Jun 2023 23:25:47 GMT via 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront) last-modified Mon, 22 Mar 2021 14:38:36 GMT server AmazonS3 x-amz-cf-pop FRA56-P6 age 51419 x-amz-server-side-encryption AES256 etag "8e31b8b47c618ed73e5b31011d1de037" x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 68 x-amz-cf-id ERRx4Nrv6jv3iCQ1KRKRyIHpNuudFMm1Gu40bqR1cSclSc2YlHgB3w==
GET H2	200	M23_PW3_SocialAds_LTO_1200x628_NoTags-copy.jpg newks.com/media/globals/	344 KB 345 KB	435ms 433ms	Image image/jpeg	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/globals/M23_PW3_SocialAds_LTO_1200x628_NoTags-copy.jpg Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be0278e8cd0925544b0b5c4a76ecdfffc5a029de84a2af873f5efd3a30692844 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT cf-cache-status MISS last-modified Wed, 28 Jun 2023 15:15:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "649c4ea3-55f86" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6DujQxoKi2Mii%2BioXSTCwQuI4ZIeGsEIjVdIuuCw7j4aMraYyOZu27WfrrF69H8TCjKOR1F0pNOtl1QB7XnBoEK5BvLDAaVRJkjG4Dkn7NC4mG4faJeXhGsQg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7dee98347f209189-FRA content-length 352134
GET H2	200	NEM120821_Q1Digital_WebsiteSlider_1400x910_3bd.jpg newks.com/media/globals/	323 KB 324 KB	451ms 449ms	Image image/jpeg	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/globals/NEM120821_Q1Digital_WebsiteSlider_1400x910_3bd.jpg Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46fd6d4af80bd9d4692c9cd6e1a9bc36edfcae35990d488e9fcab48fb5fb9bd4 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT cf-cache-status MISS last-modified Tue, 08 Mar 2022 21:09:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6227c60f-50dc2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4Ry2%2BSQTAaO3SelLdPwq45n4ewRi5eM16jXbVZNpzRrfQ2%2FF99QGVBDhfdAI%2B%2FXbFxacr8rTewJBM7UP0QJw1L9oL1u2TxeC%2BxZISRXX3UzZ5f031OsY%2FJNug%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7dee98347f219189-FRA content-length 331202
GET H2	200	back.svg newks.com/media/globals/	1 KB 684 B	264ms 264ms	Image image/svg+xml	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/globals/back.svg Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 037f452d23bdc605f6c7e04067e20ac741d2d8f2aa7e464f48eb61d58cd0c860 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 10 Aug 2021 04:26:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6111fffd-58a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wi3kkwYxOW7iQWtwBGdegHgAPI6IPvD6%2F5ZKbsPlwNB48PaxwEx31qGWWV2YRkkZKpLKIJphn5DoN7nZdFk%2F1otVRirdAY4O%2B3%2Fc6JnSGgP9IuOmjdhrZpFFA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 7dee98347f249189-FRA
GET H2	200	next.svg newks.com/media/globals/	1 KB 703 B	265ms 264ms	Image image/svg+xml	172.67.72.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://newks.com/media/globals/next.svg Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.67.72.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6355e07a1594eefdbfb69abf9424ac615b4b42972338e00fb8f40c45286e123 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding br cf-cache-status MISS last-modified Tue, 10 Aug 2021 04:26:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"61120003-592" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cm5gFbqXxAPGgM0uQEInMHtwfnS7P6A%2FBt5Io0gbGXsxscPGddcmAIAa%2BX4lttubFngQ4SPgiAmlx%2BLXdZwAZysRYHTyaYFa3UnZnVVMMfsacgSuW2R%2Fs67YEg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=31536000 cf-ray 7dee98347f259189-FRA
GET H2	200	p-71352b19.system.js Show response unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/ Redirect Chain https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-71352b19.system.js https://unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/p-71352b19.system.js	18 KB 7 KB	36ms 35ms	Script application/javascript	2606:4700::6810:7daf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/p-71352b19.system.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Server 2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4fad74decb533a4f21afdf2bd24eadaa5674f1bf0f563c4ef961d02cd131b0a6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 3538621 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01H0T7JJGJ6B7NVS3QV464RP3K-fra server cloudflare etag W/"4648-v1pZia1a7WikSyUK5R52VfUliwM" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7dee9834fced9b76-FRA Redirect headers date Thu, 29 Jun 2023 13:42:45 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01H43P4EY9V2YKX277KB068MX8-fra server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload age 140 vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * location /tttl-embed-survey@0.2.11/dist/tttl-embed-survey/p-71352b19.system.js cache-control public, s-maxage=600, max-age=60 cf-ray 7dee98347c6b9b76-FRA
GET H2	200	www-player.css www.youtube.com/s/player/71547d26/ Frame F150	372 KB 47 KB	18ms 17ms	Stylesheet text/css	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/71547d26/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EkWFDUnlX_A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b64f4b7e443ec06fc3f974fc107689dacae52d9250ff21c8b35fa426118974f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/EkWFDUnlX_A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:02:30 GMT content-encoding br x-content-type-options nosniff age 2415 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47504 x-xss-protection 0 last-modified Mon, 26 Jun 2023 01:48:25 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 28 Jun 2024 13:02:30 GMT
GET H2	200	www-embed-player.js Show response www.youtube.com/s/player/71547d26/www-embed-player.vflset/ Frame F150	310 KB 93 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/71547d26/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EkWFDUnlX_A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc140a7efd9553c4627e2135b57eef5eae465ff20e76ee63d5f95961e09a428a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/EkWFDUnlX_A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:37:18 GMT content-encoding br x-content-type-options nosniff age 327 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95333 x-xss-protection 0 last-modified Mon, 26 Jun 2023 01:48:25 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 28 Jun 2024 13:37:18 GMT
GET H2	200	base.js Show response www.youtube.com/s/player/71547d26/player_ias.vflset/de_DE/ Frame F150	2 MB 748 KB	54ms 53ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/71547d26/player_ias.vflset/de_DE/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EkWFDUnlX_A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 375037e0c8f5f3eb2575ef66f7f03119b44691767bbf341ca27b96f5aa16abaa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/EkWFDUnlX_A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 26 Jun 2023 07:29:28 GMT content-encoding gzip x-content-type-options nosniff age 281597 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 765597 x-xss-protection 0 last-modified Mon, 26 Jun 2023 01:48:25 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 25 Jun 2024 07:29:28 GMT
GET H2	200	fetch-polyfill.js Show response www.youtube.com/s/player/71547d26/fetch-polyfill.vflset/ Frame F150	9 KB 3 KB	38ms 37ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/71547d26/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EkWFDUnlX_A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/EkWFDUnlX_A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 12:46:06 GMT content-encoding br x-content-type-options nosniff age 3399 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2625 x-xss-protection 0 last-modified Mon, 26 Jun 2023 01:48:25 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 28 Jun 2024 12:46:06 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame F150	15 KB 16 KB	63ms 17ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EkWFDUnlX_A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 24 Jun 2023 00:54:58 GMT x-content-type-options nosniff age 478067 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 23 Jun 2024 00:54:58 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame F150	15 KB 15 KB	64ms 18ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EkWFDUnlX_A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 20:23:37 GMT x-content-type-options nosniff age 148748 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 26 Jun 2024 20:23:37 GMT
GET H3	200	/ www.google.de/pagead/1p-conversion/372717222/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/372717222/?random=2036573964&cv=11&fst=1688046165131&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewk... https://www.google.com/pagead/1p-conversion/372717222/?random=2036573964&cv=11&fst=1688046165131&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=auHjCJ... https://www.google.de/pagead/1p-conversion/372717222/?random=2036573964&cv=11&fst=1688046165131&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=auHjCJC...	42 B 64 B	31ms 30ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/372717222/?random=2036573964&cv=11&fst=1688046165131&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=auHjCJCjo5ICEKbt3LEB&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20Newks&value=0&auid=428406319.1688046165&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5mMHBBWVFvWXYwdmZURzA1UHJBUklsQUJHWDdnUjI4c0t2eG5YOGphc25vYktfYXJ2djI1eEVoYlFfbDh2U2V3MVBqNHUtMUEaWENoRUk4TmYwcEFZUXVhTEwyZTNCM3VDX0FSSXRBTENwZkdKdDhYNXNUS0NSOUdtaDNWR0owZThqZGk1Mk1LdWFsVzJSb3FYUW43ZF9XX1lyci11UHZNUEQiEwi20KeAzuj_AhUY17sIHQRBA4M&is_vtc=1&ocp_id=VYqdZPbRCZiu7_UPhIKNmAg&cid=CAQSKQBygQiDHC7Kf3bZGzaHGltRo6XukialbkCd4r4GQjLvx-gvynJT_I-Y&eitems=ChEI8Nf0pAYQgNzfg8PrmJjGARIdAEWJZf-jRJRK84_DihBOhWrn4RZW0ebBmDrXokE&random=1968866580&ipr=y Requested by Host: newks.com URL: https://newks.com/ Protocol H3 Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/pagead/1p-conversion/372717222/?random=2036573964&cv=11&fst=1688046165131&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=auHjCJCjo5ICEKbt3LEB&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20Newks&value=0&auid=428406319.1688046165&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5mMHBBWVFvWXYwdmZURzA1UHJBUklsQUJHWDdnUjI4c0t2eG5YOGphc25vYktfYXJ2djI1eEVoYlFfbDh2U2V3MVBqNHUtMUEaWENoRUk4TmYwcEFZUXVhTEwyZTNCM3VDX0FSSXRBTENwZkdKdDhYNXNUS0NSOUdtaDNWR0owZThqZGk1Mk1LdWFsVzJSb3FYUW43ZF9XX1lyci11UHZNUEQiEwi20KeAzuj_AhUY17sIHQRBA4M&is_vtc=1&ocp_id=VYqdZPbRCZiu7_UPhIKNmAg&cid=CAQSKQBygQiDHC7Kf3bZGzaHGltRo6XukialbkCd4r4GQjLvx-gvynJT_I-Y&eitems=ChEI8Nf0pAYQgNzfg8PrmJjGARIdAEWJZf-jRJRK84_DihBOhWrn4RZW0ebBmDrXokE&random=1968866580&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-conversion/434748839/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/434748839/?random=1566361752&cv=11&fst=1688046165128&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewk... https://www.google.com/pagead/1p-conversion/434748839/?random=1566361752&cv=11&fst=1688046165128&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=N6RZCM... https://www.google.de/pagead/1p-conversion/434748839/?random=1566361752&cv=11&fst=1688046165128&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=N6RZCMr...	42 B 64 B	31ms 31ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/434748839/?random=1566361752&cv=11&fst=1688046165128&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=N6RZCMrH9YsCEKf7ps8B&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20Newks&value=0&auid=428406319.1688046165&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5mMHBBWVFvWXYwdmZURzA1UHJBUklsQUJHWDdnUjI4c0t2eG5YOGphc25vYktfYXJ2djI1eEVoYlFfbDh2U2V3MVBqNHUtMUEaWENoRUk4TmYwcEFZUXVhTEwyZTNCM3VDX0FSSXRBTENwZkdLM0J4NTB5N1RDM3FXRXhUcGp3bXFOa0dEcHV3QzFHcDhWOGUtU1EwRnhUamFhamdlYWtnYUYiEwiWz6eAzuj_AhWuk_0HHQUVBeQ&is_vtc=1&ocp_id=VYqdZNbQCa6n9u8PhaqUoA4&cid=CAQSKQBygQiDO_Xbs8XaOVD6YwxOSoh8uLDR_bwJRPtEF6HvEQynPyg7X3OR&eitems=ChEI8Nf0pAYQgNzfg8PrmJjGARIdAEWJZf-PN07X1owzMgO8PMhQQjz52WIz5dQSl28&random=3066075305&ipr=y Requested by Host: newks.com URL: https://newks.com/ Protocol H3 Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/pagead/1p-conversion/434748839/?random=1566361752&cv=11&fst=1688046165128&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&label=N6RZCMrH9YsCEKf7ps8B&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20Newks&value=0&auid=428406319.1688046165&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5mMHBBWVFvWXYwdmZURzA1UHJBUklsQUJHWDdnUjI4c0t2eG5YOGphc25vYktfYXJ2djI1eEVoYlFfbDh2U2V3MVBqNHUtMUEaWENoRUk4TmYwcEFZUXVhTEwyZTNCM3VDX0FSSXRBTENwZkdLM0J4NTB5N1RDM3FXRXhUcGp3bXFOa0dEcHV3QzFHcDhWOGUtU1EwRnhUamFhamdlYWtnYUYiEwiWz6eAzuj_AhWuk_0HHQUVBeQ&is_vtc=1&ocp_id=VYqdZNbQCa6n9u8PhaqUoA4&cid=CAQSKQBygQiDO_Xbs8XaOVD6YwxOSoh8uLDR_bwJRPtEF6HvEQynPyg7X3OR&eitems=ChEI8Nf0pAYQgNzfg8PrmJjGARIdAEWJZf-PN07X1owzMgO8PMhQQjz52WIz5dQSl28&random=3066075305&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	insight.beta.min.js Show response snap.licdn.com/li.lms-analytics/	13 KB 5 KB	18ms 18ms	Script application/x-javascript	2a02:26f0:3100::1735:28c0 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.beta.min.js Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::1735:28c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 21 Jun 2023 22:23:45 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=19475 accept-ranges bytes content-length 4807
GET H2	200	/ www.google.com/pagead/1p-user-list/434748839/	42 B 155 B	35ms 33ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/434748839/?random=1688046165124&cv=11&fst=1688043600000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&frm=0&tiba=Homepage%20-%20Newks&value=https%3A%2F%2Fnewks.com%2F&userId=https%3A%2F%2Fnewks.com%2F&data=event%3DPage%20Visits&fmt=3&is_vtc=1&random=1218707426&rmt_tld=0&ipr=y Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/434748839/	42 B 155 B	30ms 28ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/434748839/?random=1688046165124&cv=11&fst=1688043600000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&frm=0&tiba=Homepage%20-%20Newks&value=https%3A%2F%2Fnewks.com%2F&userId=https%3A%2F%2Fnewks.com%2F&data=event%3DPage%20Visits&fmt=3&is_vtc=1&random=1218707426&rmt_tld=1&ipr=y Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	modules.710fa773759992ae5199.js Show response script.hotjar.com/	270 KB 69 KB	55ms 14ms	Script application/javascript	52.222.236.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.710fa773759992ae5199.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2830751.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-122.fra56.r.cloudfront.net Software / Resource Hash 8e4eb2fbe2428b73be6461073a48b2059abde0936219b8c1b2cc4b7dfbd85d83 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 23 Jun 2023 13:19:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 519818 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 70212 last-modified Fri, 23 Jun 2023 13:18:24 GMT etag "c0d8da1fc28983e2914d2514d6175f9a" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id lAFKpR5KJskxkyQFSAi5Pji9Q8jDJ8m300Yq279qPilTT_yMNv8HYQ==
GET H2	200	2304573169610271 Show response connect.facebook.net/signals/config/	300 KB 86 KB	106ms 106ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2304573169610271?v=2.9.110&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 273269405485da620704daaef9ff1718be64e3515671c1c985caca20f1941707 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 29 Jun 2023 13:42:45 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug J5+8AMFQe8Nm4VJBBqm3IF1Bah1IcZWRlLJrn2d/u0ZLVstQQyaGCzvuXbbNf1MkWomyRTSgyK7IzQhMts0mXA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 251 B	51ms 21ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-TQHBZDF37S&gtm=45je36s0&_p=1587637230&_gaz=1&cid=1153892530.1688046165&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1688046165&sct=1&seg=0&dl=https%3A%2F%2Fnewks.com%2F&dt=Homepage%20-%20Newks&en=page_view&_fv=1&_ss=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-TQHBZDF37S&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://newks.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 57 B	23ms 20ms	Ping text/plain	2a00:1450:400c:c07::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TQHBZDF37S&cid=1153892530.1688046165&gtm=45je36s0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-TQHBZDF37S&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://newks.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	39ms 36ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TQHBZDF37S&cid=1153892530.1688046165&gtm=45je36s0&aip=1&z=1681313983 Requested by Host: newks.com URL: https://newks.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ca.html Show response 20841350p.rfihub.com/ Frame 3000	3 KB 3 KB	134ms 27ms	Document text/html	193.0.160.131 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20841350p.rfihub.com/ca.html?ver=9&rb=46722&ca=20841350&_o=46722&_t=20841350&pe=https%3A%2F%2Fnewks.com%2F&pf=&ra=6880947002639599 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 48831951a443b4a0de1b0d98f9fd895a771b7ebe1a74c87a6d4e4efadbdc0385 Request headers Referer https://newks.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 2662 Content-Type text/html;charset=utf-8 Date Thu, 29 Jun 2023 13:42:45 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.4.51.v20230217)
GET H2	200	dc_pre=CJ_Kq4DO6P8CFSvLOwIdercNGA;src=12881027;type=invmedia;cat=newks0;ord=178326502916;gtm=45He36s0;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnewks.com%2F adservice.google.com/ddm/fls/z/ Frame FF06	42 B 402 B	83ms 46ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CJ_Kq4DO6P8CFSvLOwIdercNGA;src=12881027;type=invmedia;cat=newks0;ord=178326502916;gtm=45He36s0;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnewks.com%2F Requested by Host: 12881027.fls.doubleclick.net URL: https://12881027.fls.doubleclick.net/activityi;dc_pre=CJ_Kq4DO6P8CFSvLOwIdercNGA;src=12881027;type=invmedia;cat=newks0;ord=178326502916;gtm=45He36s0;auiddc=428406319.1688046165;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnewks.com%2F? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://12881027.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/4338324/domain/newks.com/	36 B 373 B	58ms 13ms	XHR application/json	2600:9000:20eb:c200:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/4338324/domain/newks.com/token Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://newks.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:10:56 GMT content-encoding gzip via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 age 1909 vary accept-encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id 5PlMIq5eU-ytiosTItbtjarAmVu8-84M_SfrVBBltcRRVD81tvvP-Q==
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/4338324/domain/newks.com/	36 B 373 B	58ms 14ms	XHR application/json	2600:9000:20eb:c200:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/4338324/domain/newks.com/token Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://newks.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:10:56 GMT content-encoding gzip via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 age 1909 vary accept-encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id eK8Ggi8ypytza3LdkkzmCT0UF5uBuxk6CPnw_Nr1cJhhI56h8BCHQg==
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/4338324/domain/newks.com/	36 B 372 B	55ms 14ms	XHR application/json	2600:9000:20eb:c200:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/4338324/domain/newks.com/token Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://newks.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:10:56 GMT content-encoding gzip via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 age 1909 vary accept-encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id rCbuzIJs3sNFeluh8YIRXy0uh9DYdqEiBGzpt305akKNd2ongXCz4g==
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/4338324/domain/newks.com/	36 B 373 B	55ms 13ms	XHR application/json	2600:9000:20eb:c200:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/4338324/domain/newks.com/token Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://newks.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:10:56 GMT content-encoding gzip via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 age 1909 vary accept-encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id Ecg3hkXrS9A975sX_ppH6opFBewxRrCyHV4Tbhcurf_7AaXegEWCXw==
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/4338324/domain/newks.com/	36 B 373 B	55ms 14ms	XHR application/json	2600:9000:20eb:c200:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/4338324/domain/newks.com/token Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://newks.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:10:56 GMT content-encoding gzip via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 age 1909 vary accept-encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id Svxd4APOJuMl-PX4Lszusau3mknRNYE8S6B3SU5Mx4GxEJ21B62HJg==
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4338324&time=1688046165354&url=https%3A%2F%2Fnewks.com%2F&tm=gtmv2 https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4338324&time=1688046165354&url=https%3A%2F%2Fnewks.com%2F&tm=gtmv2&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4338324%26time%3D1688046165354%26url%3Dhttps%253A%252F%252Fnewks.com%252F%26tm%3D... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4338324&time=1688046165354&url=https%3A%2F%2Fnewks.com%2F&tm=gtmv2&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4338324&time=1688046165354&url=https%3A%2F%2Fnewks.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQK1rlPv6p8TMwAAAYkHZGBoJ4FGGGLJ_ra9jzyW2a...	0 267 B	221ms 195ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4338324&time=1688046165354&url=https%3A%2F%2Fnewks.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQK1rlPv6p8TMwAAAYkHZGBoJ4FGGGLJ_ra9jzyW2axGsB9sB0Z10kfyFM2GUWKvw-OpdV6CxDI0cbs6t3sKOCR_23F6xg Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:46 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 51950C4A6D604F7BBDED79A8EA456AEA Ref B: FRAEDGE1310 Ref C: 2023-06-29T13:42:46Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAX/ROAe/vII4rNMMrmVAg== Redirect headers date Thu, 29 Jun 2023 13:42:45 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 18AE575C3F064D93A508F756386E3AC0 Ref B: FRAEDGE1707 Ref C: 2023-06-29T13:42:46Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4338324&time=1688046165354&url=https%3A%2F%2Fnewks.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQK1rlPv6p8TMwAAAYkHZGBoJ4FGGGLJ_ra9jzyW2axGsB9sB0Z10kfyFM2GUWKvw-OpdV6CxDI0cbs6t3sKOCR_23F6xg x-li-proto http/2 content-length 0 x-li-uuid AAX/ROAYgHJ1EOMzzZMkxA==
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/4338324/domain/newks.com/	36 B 373 B	37ms 15ms	XHR application/json	2600:9000:20eb:c200:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/4338324/domain/newks.com/token Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://newks.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:10:56 GMT content-encoding gzip via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 age 1909 vary accept-encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id 8dBuOgyeAKRK-_9FQ-8x37no3pPyfXOeaSbeJ5zADvCWAHwsIZLoZg==
GET H2	200	main.MTcyYWM1ZjQwMQ.js Show response analytics.tiktok.com/i18n/pixel/static/	314 KB 83 KB	16ms 16ms	Script application/javascript	2.16.110.18 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHDSV3BC77UFR1FA44C0&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.110.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-110-18.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 852a7107c708f06318f8fe62b3ad715d9c1565aaa9158b1e36c62502c424ea7b Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-akamai-request-id 8f17dd3 date Thu, 29 Jun 2023 13:42:45 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202306271232445BE89E2D13759A0AD979 vary Accept-Encoding x-cache TCP_HIT from a2-16-110-14.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01a9fe8fd81145840d3f9725bcb4671d709f30d0b1e3fec1f5012d98c0a92f1df0845876c2b7df69d5a1494a0867c602c6918310d5697d64f3a5defb7444bc66decc5a05c818853fb73b6bcfb31f1a4081fc013e16ef1388494b64b7ef34de5914 server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=2 content-length 84245
GET H2	200	p-edc78b99.system.entry.js Show response unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/ Redirect Chain https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-edc78b99.system.entry.js https://unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/p-edc78b99.system.entry.js	68 KB 18 KB	27ms 27ms	Script application/javascript	2606:4700::6810:7daf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/tttl-embed-survey@0.2.11/dist/tttl-embed-survey/p-edc78b99.system.entry.js Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Server 2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88f9b30bc1beb05bbfc34e9599c4cd9f001f9fac9f4ef33f2db6dc88d6d2e6d6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 3538621 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01H0T7JJYK3VQB22NF5602NDHZ-fra server cloudflare etag W/"10e7f-7ceLmdZNe/LF4tOQMJ8iW1+UiCo" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7dee98362e919b76-FRA Redirect headers date Thu, 29 Jun 2023 13:42:45 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01H43P4F29T82MD3B6781MGSX3-fra server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload age 140 vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * location /tttl-embed-survey@0.2.11/dist/tttl-embed-survey/p-edc78b99.system.entry.js cache-control public, s-maxage=600, max-age=60 cf-ray 7dee9835ce1f9b76-FRA
GET H3	200	/ www.google.com/pagead/1p-user-list/372717222/	42 B 64 B	28ms 28ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/372717222/?random=1688046165130&cv=11&fst=1688043600000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&frm=0&tiba=Homepage%20-%20Newks&fmt=3&is_vtc=1&random=860642964&rmt_tld=0&ipr=y Requested by Host: newks.com URL: https://newks.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/372717222/	42 B 64 B	26ms 25ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/372717222/?random=1688046165130&cv=11&fst=1688043600000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewks.com%2F&frm=0&tiba=Homepage%20-%20Newks&fmt=3&is_vtc=1&random=860642964&rmt_tld=1&ipr=y Requested by Host: newks.com URL: https://newks.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	720341928728884 Show response connect.facebook.net/signals/config/	300 KB 86 KB	155ms 154ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/720341928728884?v=2.9.110&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 55ecf1e5f3226beca015ece03510796f96edcbca06815b82b94f120798404b46 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 29 Jun 2023 13:42:45 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug uErcKZSgK8r78Jzup8VQyYMSrbHfYkecGiuAcp3avUxAygum+eyyPMipscpS3WGIJDkZaprnxQeLCf9VkitF5A== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 186 B	35ms 14ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2304573169610271&ev=PageView&dl=https%3A%2F%2Fnewks.com%2F&rl=&if=false&ts=1688046165460&sw=1600&sh=1200&v=2.9.110&r=stable&ec=0&o=30&fbp=fb.1.1688046165459.786981626&it=1688046165227&coo=false&rqm=GET Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 29 Jun 2023 13:42:45 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame F150	113 B 159 B	24ms 23ms	XHR application/json	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/71547d26/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 079fe3fc560aa61d3077a2a1d3d1eb9d06617971a30d732a9cdf1ced0c02a81e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 133 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame F150	29 B 496 B	48ms 14ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/71547d26/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:36:18 GMT x-content-type-options nosniff age 387 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 29 Jun 2023 13:51:18 GMT
OPTIONS H2	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	64ms 22ms	Preflight text/html	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Thu, 29 Jun 2023 13:42:45 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	Create Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F150	68 KB 31 KB	30ms 29ms	XHR application/json+protobuf	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/71547d26/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 87ca19ff185e567adff7b72aae55f3ce908b87300fad278b65d23134460c7e6e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json+protobuf Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31790 x-xss-protection 0
GET H3	200	remote.js Show response www.youtube.com/s/player/71547d26/player_ias.vflset/de_DE/ Frame F150	116 KB 33 KB	12ms 11ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/71547d26/player_ias.vflset/de_DE/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/71547d26/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 295b9c879f619e62e146443e4f70cb5d5b94f6b254c593983663096f42e4a6ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/EkWFDUnlX_A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 26 Jun 2023 07:30:49 GMT content-encoding br x-content-type-options nosniff age 281516 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33592 x-xss-protection 0 last-modified Mon, 26 Jun 2023 01:48:25 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 25 Jun 2024 07:30:49 GMT
GET H3	200	-bVoB9tAdUELGWN0izZ_pXgZ82uLQzGOFNXcODpxvpI.js Show response www.google.com/js/th/ Frame F150	37 KB 14 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/-bVoB9tAdUELGWN0izZ_pXgZ82uLQzGOFNXcODpxvpI.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/71547d26/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f9b56807db4075410b1963748b367fa57819f36b8b43318e14d5dc383a71be92 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 07:42:36 GMT content-encoding br x-content-type-options nosniff age 21609 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14684 x-xss-protection 0 last-modified Mon, 19 Jun 2023 10:00:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 28 Jun 2024 07:42:36 GMT
GET H2	200	sddefault.webp i.ytimg.com/vi_webp/EkWFDUnlX_A/ Frame F150	16 KB 17 KB	65ms 27ms	Image image/webp	2a00:1450:4001:827::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/EkWFDUnlX_A/sddefault.webp Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EkWFDUnlX_A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 866f252b0ff19f2e638c11bd70bd6851a31148f4a68c240befd01ffbd9008c07 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16538 x-xss-protection 0 server sffe etag "0" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 29 Jun 2023 15:42:45 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/71547d26/player_ias.vflset/de_DE/ Frame F150	28 KB 8 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/71547d26/player_ias.vflset/de_DE/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/71547d26/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 697dece97d56888bddf517b0d1e1b16f93133a5557d0b971e3f712fbfab69d0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/EkWFDUnlX_A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 26 Jun 2023 07:29:30 GMT content-encoding br x-content-type-options nosniff age 281595 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8187 x-xss-protection 0 last-modified Mon, 26 Jun 2023 01:48:25 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 25 Jun 2024 07:29:30 GMT
GET DATA	200 OK	truncated / Frame F150	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/png
GET H2	200	AGIKgqOt-ktQYdo7keuwtwB5qPX4bpgRRrIc-BY_Ncbq=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ytc/ Frame F150	3 KB 4 KB	48ms 14ms	Image image/jpeg	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/ytc/AGIKgqOt-ktQYdo7keuwtwB5qPX4bpgRRrIc-BY_Ncbq=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EkWFDUnlX_A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash d80f0723f0013dbcbf0f528ae2197295aad92a78da0e72a35481086ffdfbcce3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 10:49:02 GMT x-content-type-options nosniff age 10423 content-disposition inline;filename="unnamed.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3424 x-xss-protection 0 server fife etag "v5" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Fri, 30 Jun 2023 10:49:02 GMT
GET H2	200	identify_70a9a.js Show response analytics.tiktok.com/i18n/pixel/static/	114 KB 31 KB	18ms 18ms	Script application/javascript	2.16.110.18 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_70a9a.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.110.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-110-18.deploy.static.akamaitechnologies.com Software nginx / Resource Hash cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-akamai-request-id 8f17ed1 date Thu, 29 Jun 2023 13:42:45 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 2023062712323444D03A36ACA94484DFF6 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-16-110-14.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01ffe81e2cc1c54201af91fb7601cba11fe64ec0acdf8ebbc659f36cd801dad105e549a5bf8b551d900139c1505ed423344fdc4860a564c7168530d9bab06cb56c7a522fecdb8deb26204838f27172bfcb166c171628337e89126d592e12bbeebe server-timing cdn-cache; desc=HIT, edge; dur=1, inner; dur=3 content-length 30856
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 550 B	152ms 152ms	Ping text/plain	2.16.110.18 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.110.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-110-18.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://newks.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT x-akamai-request-id 8f17f04 x-tt-trace-tag id=16;cdn-cache=miss;type=dyn server nginx x-tt-logid 2023062913424565BAEAA7E753F311FE23 x-cache TCP_MISS from a2-16-110-14.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-) access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 125,2.16.110.14 x-tt-trace-host 01ca5754d83224ad6ee886f811f65003086f616b9cbd23222713b546fa275611dec133438b26c0b4ebb72f78799d675f623f0359682c9a442d1ddf8d0f1094d74e0eca95f013e4b1e0fe3655983a5e9d701c136edc4d3a37960f5c209ea95b68aa server-timing inner; dur=29, cdn-cache; desc=MISS, edge; dur=8, origin; dur=124 content-length 0 expires Thu, 29 Jun 2023 13:42:45 GMT
GET H3	200	362358.gif idsync.rlcdn.com/ Frame 3000 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685628331429671&referrer=https%3A%2F%2Fnewks.com%2F&forward= https://p.rfihub.com/cm?pub=39342&in=0&userid=31f0d25e-d69f-4da8-9567-5335a96d711d%3A1688046165.7891934&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D31f0d25e-d69f-4da8-9567-5335a96... https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685628331429671&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D31f0d25e-d69f-4da8-95... https://idsync.rlcdn.com/501709.gif?partner_uid=31f0d25e-d69f-4da8-9567-5335a96d711d%3A1688046165.7891934&_=1688046165.7910419 https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEllQmoxuss5PlhTah4IrmQ&google_cver=1	42 B 60 B	18ms 18ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEllQmoxuss5PlhTah4IrmQ&google_cver=1 Requested by Host: newks.com URL: https://newks.com/ Protocol H3 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:46 GMT via 1.1 google content-type image/gif p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 Redirect headers pragma no-cache date Thu, 29 Jun 2023 13:42:46 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEllQmoxuss5PlhTah4IrmQ&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 289 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	52154.gif idsync.rlcdn.com/ Frame 3000 Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyODMzMTQyOTY3MQ==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEFEztzGJZmFc0NbWMhwNlv8&google_cver=1 https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685628331429671&referrer={encSite}&forward= https://p.rfihub.com/cm?pub=39342&in=0&userid=13fab24f-9480-4cf9-a71e-a77e11946757%3A1688046166.0741894&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D13fab24f-9480-4cf9-a71e-a77e119... https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685628331429671&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D13fab24f-9480-4cf9-a7... https://idsync.rlcdn.com/501709.gif?partner_uid=13fab24f-9480-4cf9-a71e-a77e11946757%3A1688046166.0741894&_=1688046166.0758352 https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7336952721320447288	42 B 60 B	20ms 20ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7336952721320447288 Protocol H3 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:46 GMT via 1.1 google content-type image/gif p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 Redirect headers Date Thu, 29 Jun 2023 13:42:46 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 138.199.38.134; 138.199.38.134; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid a0a5733a-49d1-4c83-a1ab-f14137607137 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7336952721320447288 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 3000 Redirect Chain https://ib.adnxs.com/setuid?entity=18&code=5109685628331429671 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685628331429671	43 B 1 KB	29ms 29ms	Image image/gif	37.252.171.85 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685628331429671 Requested by Host: newks.com URL: https://newks.com/ Protocol HTTP/1.1 Server 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Jun 2023 13:42:45 GMT AN-X-Request-Uuid a66c0600-c01c-4351-957b-5080e6580e48 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 138.199.38.134; 138.199.38.134; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Thu, 29 Jun 2023 13:42:45 GMT AN-X-Request-Uuid 61655c17-a1ea-46a9-9b31-d382a50777c5 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685628331429671 Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 138.199.38.134; 138.199.38.134; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame 3000 Redirect Chain https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685628331429671&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685628331429671&redir=	42 B 942 B	44ms 43ms	Image image/gif	63.34.168.218 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685628331429671&redir= Requested by Host: newks.com URL: https://newks.com/ Protocol HTTP/1.1 Server 63.34.168.218 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-168-218.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v050-04e31af58.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID i1TVIicUQZI= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-1-v050-0b601b3e9.edge-irl1.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID hv0jzvoNQjY= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685628331429671&redir= Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 3000	42 B 425 B	95ms 24ms	Image image/gif	198.47.127.205 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5109685628331429671&r= Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Thu, 29 Jun 2023 13:42:44 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 3000	43 B 274 B	73ms 22ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537073062&val=5109685628331429671&r= Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	match ps.eyeota.net/ Frame 3000 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5109685628331429671&bid=omt9pi0	0 344 B	100ms 22ms	Image text/plain	18.184.216.10 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5109685628331429671&bid=omt9pi0 Requested by Host: newks.com URL: https://newks.com/ Protocol HTTP/1.1 Server 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-216-10.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 29 Jun 2023 13:42:45 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5109685628331429671&bid=omt9pi0 Date Thu, 29 Jun 2023 13:42:45 GMT Server Jetty(9.4.51.v20230217) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame 3000	61 B 627 B	119ms 69ms	Image image/gif	23.52.120.27 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5109685628331429671 Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-52-120-27.deploy.static.akamaitechnologies.com Software Apache / Resource Hash cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Thu, 29 Jun 2023 13:42:45 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store content-length 61 x-mnet-hl2 E expires Thu, 29 Jun 2023 13:42:45 GMT
GET H2	200	/ bpi.rtactivate.com/tag/ Frame 3000	43 B 110 B	741ms 517ms	Image image/gif	44.196.43.242 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5109685628331429671 Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.196.43.242 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-196-43-242.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 3000 Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685628331429671&forward= https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685628331429671&forward=&C=1	43 B 766 B	20ms 20ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685628331429671&forward=&C=1 Requested by Host: newks.com URL: https://newks.com/ Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Jun 2023 13:42:45 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Thu, 29 Jun 2023 13:42:45 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=57&external_user_id=5109685628331429671&forward=&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 0 Expires 0
GET H2	200	360947.gif idsync.rlcdn.com/ Frame 3000	42 B 450 B	77ms 32ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5109685628331429671 Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT via 1.1 google content-type image/gif p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame 3000	43 B 184 B	253ms 194ms	Image image/gif	2.18.160.221 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5109685628331429671 Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.160.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-160-221.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers expires Thu, 29 Jun 2023 13:42:45 GMT pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT cache-control max-age=0, no-cache, no-store strict-transport-security max-age=2628000 content-length 43 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame 3000 Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685628331429671&img=1 https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685628331429671&img=1&__user_check__=1&sync_id=d4537b95-1682-11ee-8ee1-1860f0710406	43 B 548 B	37ms 37ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685628331429671&img=1&__user_check__=1&sync_id=d4537b95-1682-11ee-8ee1-1860f0710406 Requested by Host: newks.com URL: https://newks.com/ Protocol HTTP/1.1 Server 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 29 Jun 2023 13:42:45 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 97 Connection keep-alive Content-Length 43 Redirect headers Date Thu, 29 Jun 2023 13:42:45 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Location /partner?adv_id=7180&uid=5109685628331429671&img=1&__user_check__=1&sync_id=d4537b95-1682-11ee-8ee1-1860f0710406 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 110 Connection keep-alive Content-Length 0
GET H2	200	sync partners.tremorhub.com/ Frame 3000	43 B 176 B	308ms 93ms	Image image/gif	2600:1f18:612b:4264:debb:60:73cb:4464 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5109685628331429671&r=nPFDA_AmOoGM Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4264:debb:60:73cb:4464 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Thu, 29 Jun 2023 13:42:46 GMT server nginx content-type image/gif
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame 3000	43 B 378 B	75ms 20ms	Image image/gif	3.69.98.172 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5109685628331429671 Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.69.98.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-69-98-172.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jun 2023 13:42:45 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 3000	0 339 B	143ms 41ms	Image text/plain	52.213.184.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5109685628331429671 Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.184.195 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-184-195.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-served-by beacon-n012-dub-prod.krxd.net date Thu, 29 Jun 2023 13:42:45 GMT cache-control private, no-cache, no-store x-request-time D=42 t=1688046165 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	sync x.bidswitch.net/ul_cb/ Frame 3000 Redirect Chain https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685628331429671&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685628331429671&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}	43 B 346 B	17ms 17ms	Image image/gif	54.93.206.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685628331429671&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Server 54.93.206.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-206-198.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif Redirect headers location https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685628331429671&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} date Thu, 29 Jun 2023 13:42:45 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H/1.1	200 OK	cm p.rfihub.com/ Frame 3000 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZJ2KVQAVWrW75gBS https://p.rfihub.com/cm?in=1&pub=21653&userid=ZJ2KVQAVWrW75gBS&_test=ZJ2KVQAVWrW75gBS	42 B 1 KB	254ms 254ms	Image image/gif	193.0.160.131 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=ZJ2KVQAVWrW75gBS&_test=ZJ2KVQAVWrW75gBS Requested by Host: newks.com URL: https://newks.com/ Protocol HTTP/1.1 Server 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20841350p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/gif Date Thu, 29 Jun 2023 13:42:46 GMT Cache-Control no-cache Server Jetty(9.4.51.v20230217) Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers x-served-by cache-fra-eddf8230031-FRA pragma no-cache date Thu, 29 Jun 2023 13:42:46 GMT via 1.1 varnish server Varnish x-timer S1688046166.044637,VS0,VE0 x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=ZJ2KVQAVWrW75gBS&_test=ZJ2KVQAVWrW75gBS cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
OPTIONS H3	200	GenerateIT jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	21ms 21ms	Preflight text/html	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Thu, 29 Jun 2023 13:42:45 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	GenerateIT Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F150	90 B 134 B	32ms 32ms	XHR application/json+protobuf	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/71547d26/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 00e662d9ba86cb30c7784a469070046895454d82340b41488f16abfc70de3471 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json+protobuf Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 110 x-xss-protection 0
GET H2	200	17521af61fdf86e5f771345444137ca5 Show response api.tattleapp.com/v2/api/merchants/	2 KB 2 KB	766ms 511ms	Fetch application/hal+json	52.206.238.145 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.tattleapp.com/v2/api/merchants/17521af61fdf86e5f771345444137ca5?alt_key=uuid&expand=brand Requested by Host: unpkg.com URL: https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-edc78b99.system.entry.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.206.238.145 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-206-238-145.compute-1.amazonaws.com Software nginx/1.25.1 / Resource Hash 2c9d20ed3e2d3c4405d729e094a5a291768b8ec563b040714d0e7e345087ab75 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:46 GMT www-authenticate Bearer realm="Service" server nginx/1.25.1 access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS, PATCH content-type application/hal+json access-control-allow-origin * x-uri /index.php access-control-allow-headers authorization, Authorization, WWW-Authenticate, Origin, X-Requested-With, Content-Type, Accept, test, unverifiedmerchantid
GET H3	200	708154546578601 Show response connect.facebook.net/signals/config/	380 KB 108 KB	120ms 120ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/708154546578601?v=2.9.110&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 198889e9b5f12271690219df088df8e8a623c5e3466df8c6f1b726f05ed7f13d Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 29 Jun 2023 13:42:45 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug SeUsZxRqFM5qtjus9LmlMPesG5e/XuIzuWg0YglZFkkhg4U7ueMQHU2WCCTvKQ5ukKV8FRo01jQ5dYuRkAh5Dw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 31 B	21ms 20ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=720341928728884&ev=PageView&dl=https%3A%2F%2Fnewks.com%2F&rl=&if=false&ts=1688046165747&sw=1600&sh=1200&v=2.9.110&r=stable&ec=0&o=30&fbp=fb.1.1688046165459.786981626&it=1688046165227&coo=false&rqm=GET Requested by Host: newks.com URL: https://newks.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 29 Jun 2023 13:42:45 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame F150	4 KB 2 KB	73ms 32ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/71547d26/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 29 Jun 2023 13:42:45 GMT
GET H3	204	generate_204 www.youtube.com/ Frame F150	0 10 B	59ms 58ms	Image text/plain	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?FzmXnQ Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EkWFDUnlX_A Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/EkWFDUnlX_A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:45 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	cast_sender.js Show response www.gstatic.com/eureka/clank/114/ Frame F150	51 KB 15 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/114/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 28 Jun 2023 20:38:32 GMT content-encoding gzip x-content-type-options nosniff age 61453 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15225 x-xss-protection 0 last-modified Mon, 17 Apr 2023 15:04:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Thu, 29 Jun 2023 20:38:32 GMT
GET H3	200	/ www.facebook.com/tr/	0 18 B	13ms 12ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=708154546578601&ev=PageView&dl=https%3A%2F%2Fnewks.com%2F&rl=&if=false&ts=1688046165949&sw=1600&sh=1200&v=2.9.110&r=stable&ec=0&o=30&fbp=fb.1.1688046165459.786981626&cs_est=true&it=1688046165227&coo=false&rqm=GET Requested by Host: newks.com URL: https://newks.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 29 Jun 2023 13:42:45 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H3	200	/ www.facebook.com/tr/	0 15 B	15ms 15ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2304573169610271&ev=Microdata&dl=https%3A%2F%2Fnewks.com%2F&rl=&if=false&ts=1688046165967&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Homepage%20-%20Newks%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Newks%20Eatery%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fnewks.com%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fnewks.com%2Fmedia%2Ficons%2Fnewks-op.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.110&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1688046165459.786981626&it=1688046165227&coo=false&es=automatic&tm=3&rqm=GET Requested by Host: newks.com URL: https://newks.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 29 Jun 2023 13:42:45 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H3	200	/ www.facebook.com/tr/	0 15 B	7ms 6ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=720341928728884&ev=Microdata&dl=https%3A%2F%2Fnewks.com%2F&rl=&if=false&ts=1688046166248&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Homepage%20-%20Newks%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Newks%20Eatery%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fnewks.com%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fnewks.com%2Fmedia%2Ficons%2Fnewks-op.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.110&r=stable&ec=1&o=30&fbp=fb.1.1688046165459.786981626&it=1688046165227&coo=false&es=automatic&tm=3&rqm=GET Requested by Host: newks.com URL: https://newks.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 29 Jun 2023 13:42:46 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H3	200	/ www.facebook.com/tr/	0 15 B	7ms 7ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=708154546578601&ev=Microdata&dl=https%3A%2F%2Fnewks.com%2F&rl=&if=false&ts=1688046166451&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Homepage%20-%20Newks%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Newks%20Eatery%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fnewks.com%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fnewks.com%2Fmedia%2Ficons%2Fnewks-op.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.110&r=stable&ec=1&o=30&fbp=fb.1.1688046165459.786981626&it=1688046165227&coo=false&es=automatic&tm=3&rqm=GET Requested by Host: newks.com URL: https://newks.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 29 Jun 2023 13:42:46 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H2	200	flow Show response api.tattleapp.com/v2/api/	3 KB 3 KB	222ms 222ms	Fetch application/json	52.206.238.145 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.tattleapp.com/v2/api/flow?merchants_id=2400&expand=questionnaire&active=1&deleted=0&is_online=1&is_visible=1&publishCycle=1&size=-1 Requested by Host: unpkg.com URL: https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-edc78b99.system.entry.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.206.238.145 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-206-238-145.compute-1.amazonaws.com Software nginx/1.25.1 / Resource Hash 21562bc0f704c43e8ed78510bdd1ef07b2902cf09c42b2b87b6972a6ee32c3c0 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:46 GMT www-authenticate Bearer realm="Service" server nginx/1.25.1 access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS, PATCH content-type application/json; charset=utf-8 access-control-allow-origin * x-uri /index.php access-control-allow-headers authorization, Authorization, WWW-Authenticate, Origin, X-Requested-With, Content-Type, Accept, test, unverifiedmerchantid
GET H2	200	locations Show response api.tattleapp.com/v2/api/	91 KB 92 KB	381ms 381ms	Fetch application/hal+json	52.206.238.145 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.tattleapp.com/v2/api/locations?expand=address&merchants_id=2400&page=1&size=300 Requested by Host: unpkg.com URL: https://unpkg.com/tttl-embed-survey/dist/tttl-embed-survey/p-edc78b99.system.entry.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.206.238.145 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-206-238-145.compute-1.amazonaws.com Software nginx/1.25.1 / Resource Hash e9ba917ec34c8e33f5d0f8bdb3d0cd5d1683d0eb1bd881a5051f6f7efa460b13 Request headers accept-language de-DE,de;q=0.9 Referer https://newks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 29 Jun 2023 13:42:46 GMT www-authenticate Bearer realm="Service" server nginx/1.25.1 access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS, PATCH content-type application/hal+json access-control-allow-origin * x-uri /index.php access-control-allow-headers authorization, Authorization, WWW-Authenticate, Origin, X-Requested-With, Content-Type, Accept, test, unverifiedmerchantid
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame F150	28 B 54 B	29ms 28ms	XHR application/json	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/71547d26/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 X-Goog-Request-Time 1688046167469 Content-Type application/json X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/EkWFDUnlX_A X-YouTube-Client-Version 1.20230625.00.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id CgtFd0tkRVdaWjRGMCjVlPakBg%3D%3D X-YouTube-Ad-Signals dt=1688046165344&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKo0ZSVdaXry-WE7_cDe_cAh5PUbDp_OCxX2rn9m-DtUb8uuvcI9QEGJkYatax1isZAk7_nPTmhxfF9-iQWwiNFKOI0iJw Response headers date Thu, 29 Jun 2023 13:42:47 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31 x-xss-protection 0 expires Thu, 29 Jun 2023 13:42:47 GMT