www.newsdle.com Open in urlscan Pro
185.149.109.53  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request schools-competition Show response www.newsdle.com/	19 KB 6 KB	830ms 168ms	Document text/html	185.149.109.53 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.149.109.53 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS b9956d35.reverse.layershift.co.uk Software nginx / Resource Hash ec810f73e9b9799948c2b94de8f5ae8806c456e030804132a6d39ee0dd2213f0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Accept-Language en-GB,en;q=0.9 Response headers server nginx date Mon, 28 Mar 2022 15:41:15 GMT content-type text/html; charset=UTF-8 content-length 4985 cache-control no-cache, private vary Accept-Encoding content-encoding gzip
GET H2	200	js Show response www.googletagmanager.com/gtag/	173 KB 64 KB	152ms 60ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-CKRTGQ2RF3 Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6473c18cd5302d6e3e9e7e97990aa50616ab679726c44c515adeca53ed5edacd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 65000 x-xss-protection 0 expires Mon, 28 Mar 2022 15:41:15 GMT
GET H2	200	app.js Show response www.newsdle.com/js/	5 MB 895 KB	58ms 56ms	Script application/javascript	185.149.109.53 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://www.newsdle.com/js/app.js Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.149.109.53 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS b9956d35.reverse.layershift.co.uk Software nginx / Resource Hash 63bd8233c5a345c8c59e1f6485b5d04f8496911d11fe077ac89e05eb38035a54 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/schools-competition User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT content-encoding gzip last-modified Mon, 28 Mar 2022 14:40:53 GMT server nginx etag "51667e-5db484ca10228-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	94ms 31ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://www.newsdle.com/ Origin https://www.newsdle.com Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT content-encoding gzip last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-15d84" vary Accept-Encoding x-hw 1648482075.dop206.lo4.t,1648482075.cds271.lo4.hn,1648482075.cds221.lo4.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30879
GET H2	200	dc80a7978d.js Show response kit.fontawesome.com/	11 KB 4 KB	172ms 73ms	Script text/javascript	2606:4700::6812:1734 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/dc80a7978d.js Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5fa8a0a6b380e41e3c75f15622c014bde1a4b1321dc85a41a2dd72f9675a17a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Referer https://www.newsdle.com/ Origin https://www.newsdle.com Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT content-encoding gzip cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * access-control-max-age 3000 cache-control max-age=60, public, must-revalidate strict-transport-security max-age=31536000; preload cf-ray 6f31780b2a5ecc4e-ZRH access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id FuCVtqs9CbhkVtZvwp5B
GET H2	200	app.css www.newsdle.com/css/	182 KB 26 KB	33ms 31ms	Stylesheet text/css	185.149.109.53 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://www.newsdle.com/css/app.css Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.149.109.53 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS b9956d35.reverse.layershift.co.uk Software nginx / Resource Hash 1621b68616ffe054b66116bd73ee8eeb15bb3519111d267bed919ca098dfc5ea Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/schools-competition User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT content-encoding gzip last-modified Wed, 23 Feb 2022 09:14:41 GMT server nginx etag "2d601-5d8abe5514c97-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 25976
GET H2	200	sidebar.css www.newsdle.com/css/	6 KB 2 KB	56ms 55ms	Stylesheet text/css	185.149.109.53 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://www.newsdle.com/css/sidebar.css Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.149.109.53 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS b9956d35.reverse.layershift.co.uk Software nginx / Resource Hash 8e869c11801d33d3c00de3a6bd70c7cd4089ba02c587a0cb3d23a71c3b9d455e Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/schools-competition User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT content-encoding gzip last-modified Wed, 23 Feb 2022 09:14:41 GMT server nginx etag "1751-5d8abe5515467-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1602
GET H2	200	newsdlecolor.css www.newsdle.com/css/	19 KB 2 KB	56ms 55ms	Stylesheet text/css	185.149.109.53 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://www.newsdle.com/css/newsdlecolor.css Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.149.109.53 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS b9956d35.reverse.layershift.co.uk Software nginx / Resource Hash 01471db127f703a743514a3475f443801b6da4f797c86237f0be921472efbe37 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/schools-competition User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT content-encoding gzip last-modified Wed, 09 Mar 2022 16:13:19 GMT server nginx etag "4bcf-5d9cb60400b23-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2172
GET H2	200	owl.carousel.css cdnjs.cloudflare.com/ajax/libs/owl-carousel/1.3.3/	1 KB 1 KB	149ms 53ms	Stylesheet text/css	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/owl-carousel/1.3.3/owl.carousel.css Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4dc77ee90dc2225b57b31d28fe06213cd6c491bdc7249a6e70ebd003b72c5702 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 13042752 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 425 timing-allow-origin * last-modified Mon, 04 May 2020 16:13:51 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03f3f-5c4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrpfJsh4TN01vYm7fxG4bgNjalz0kwb7vuFQlJ7pyIA1Q0rSDpw51OIRPwwfjwo3JU89HVMyvrwuHHQpATC0RLJ1CYql4NqYDGZ0qCd4FK5XFPiYu15XW67geNC2ABI8R9HPtTrnbiPphyIOZGbm4sJh"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6f31780b2d3ecc36-ZRH expires Sat, 18 Mar 2023 15:41:15 GMT
GET H2	200	newsdle-logo.png www.newsdle.com/img/	18 KB 18 KB	27ms 24ms	Image image/png	185.149.109.53 LAYERSHIFT
General Check archive.org Show headers Download Go to Show image Full URL https://www.newsdle.com/img/newsdle-logo.png Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.149.109.53 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS b9956d35.reverse.layershift.co.uk Software nginx / Resource Hash 640a0413526c93f39ea41a50d7ace9f559ec5d69ab954056db236a10a813ff4d Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/schools-competition User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT last-modified Wed, 23 Feb 2022 09:14:41 GMT server nginx accept-ranges bytes etag "4844-5d8abe5522759" content-length 18500 content-type image/png
GET H2	200	newsdle-square-clear.png www.newsdle.com/img/	18 KB 18 KB	26ms 24ms	Image image/png	185.149.109.53 LAYERSHIFT
General Check archive.org Show headers Download Go to Show image Full URL https://www.newsdle.com/img/newsdle-square-clear.png Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.149.109.53 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS b9956d35.reverse.layershift.co.uk Software nginx / Resource Hash 90bd43345a25c06d587921bf910e4f729f3137998cbf901a6e324ce488ccddb6 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/schools-competition User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT last-modified Wed, 23 Feb 2022 09:14:41 GMT server nginx accept-ranges bytes etag "4889-5d8abe5522759" content-length 18569 content-type image/png
GET H2	200	competition22.jpg www.newsdle.com/img/	108 KB 108 KB	26ms 24ms	Image image/jpeg	185.149.109.53 LAYERSHIFT
General Check archive.org Show headers Download Go to Show image Full URL https://www.newsdle.com/img/competition22.jpg Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.149.109.53 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS b9956d35.reverse.layershift.co.uk Software nginx / Resource Hash e3841e8949434432ce550165041f75897b54e895b2f079b4dff8b35415af17fe Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/schools-competition User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT last-modified Mon, 07 Mar 2022 09:33:33 GMT server nginx accept-ranges bytes etag "1b06b-5d99d8edaafca" content-length 110699 content-type image/jpeg
GET H2	200	google-play.png www.newsdle.com/img/	7 KB 7 KB	28ms 26ms	Image image/png	185.149.109.53 LAYERSHIFT
General Check archive.org Show headers Download Go to Show image Full URL https://www.newsdle.com/img/google-play.png Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.149.109.53 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS b9956d35.reverse.layershift.co.uk Software nginx / Resource Hash 09eeaa61b336d90e9696174fc71a61b4cbe3222738d619e2a249d8d8de8c5a86 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/schools-competition User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT last-modified Wed, 23 Feb 2022 09:14:41 GMT server nginx accept-ranges bytes etag "1b33-5d8abe551d550" content-length 6963 content-type image/png
GET H2	200	app-store.png www.newsdle.com/img/	5 KB 5 KB	28ms 26ms	Image image/png	185.149.109.53 LAYERSHIFT
General Check archive.org Show headers Download Go to Show image Full URL https://www.newsdle.com/img/app-store.png Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.149.109.53 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS b9956d35.reverse.layershift.co.uk Software nginx / Resource Hash 1d899ab4a2f43dd1dbfb20cc50346678afcdf6f85778b875b318ece3cb9e311a Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/schools-competition User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT last-modified Wed, 23 Feb 2022 09:14:41 GMT server nginx accept-ranges bytes etag "126a-5d8abe5517f60" content-length 4714 content-type image/png
GET H2	200	jquery.inview.js Show response www.newsdle.com/js/	2 KB 1007 B	26ms 24ms	Script application/javascript	185.149.109.53 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://www.newsdle.com/js/jquery.inview.js Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.149.109.53 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS b9956d35.reverse.layershift.co.uk Software nginx / Resource Hash 9220644af8fd680f836a1228383a712d2d4eb3a91e1cede8d62c75d0b755d0cb Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/schools-competition User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT content-encoding gzip last-modified Wed, 23 Feb 2022 09:14:41 GMT server nginx etag "771-5d8abe552a45a-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 797
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 27 KB	123ms 40ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26320 x-xss-protection 0 pragma public x-fb-debug oy/BAtT/U+8cQggHgwL8HRXEc5vQltsdyiKMq5fLgtuepaVMZ8u6D4RthyTpsbrCuGQ8G+ehyeoh6RtQAc3Mjg== x-fb-trip-id 686109401 x-frame-options DENY date Mon, 28 Mar 2022 15:41:15 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	23 KB 8 KB	202ms 63ms	Script application/javascript	2a04:4e42:200::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash dc832faf8ca21fb791b9abb9a3ba334ef3e31914317791dd53510b8a24d0621d Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT via 1.1 varnish, 1.1 varnish last-modified Mon, 14 Feb 2022 14:11:16 GMT server snooserv etag "9dd34b4324742bd3f713adf7f070d3b4" vary Accept-Encoding,Origin content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-encoding gzip content-length 7531
GET H/1.1	200 OK	tracking.js Show response app8.campus-site.com/assets/application/js/	1 KB 858 B	236ms 43ms	Script text/javascript	157.245.29.113 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://app8.campus-site.com/assets/application/js/tracking.js Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 157.245.29.113 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache/2.4.6 (CentOS) PHP/7.4.25 / PHP/7.4.25 Resource Hash a6faae161b945ac93f29e8bb7f642edce7edde1cc8b6fa530e518bfd3687c194 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT content-encoding gzip server Apache/2.4.6 (CentOS) PHP/7.4.25 x-powered-by PHP/7.4.25 content-length 621 vary Accept-Encoding content-type text/javascript;charset=UTF-8
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	59 KB 13 KB	287ms 120ms	Fetch text/css	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=dc80a7978d Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/dc80a7978d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT via 1.1 85bb7bdfd60960c24af493997d866a24.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop MXP64-C1 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsAK6aQT%2FVOL53r1SnSv27SDoANb4C%2BLEaZSjiES0XEVPwqIykULzwUK5CmjtVQNPY98JYOcMkeUQVWK%2FCflh8e1QQqzos98AZnoXy2U9kAxUwZnK2Uz0uJS7SsHtZIvZW6WmhlOGUCsVUmk11kfZgwOKQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 6f31780cbc5dd769-MRS access-control-allow-headers fa-kit-token x-amz-cf-id p9ShItPB9a8N9GGizdL74smkBBEc2-D7FCyyc2HAgK--ql0gKitxXg==
GET H2	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	26 KB 4 KB	274ms 107ms	Fetch text/css	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=dc80a7978d Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/dc80a7978d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT via 1.1 1c526e04dcf5c9c6163e62b0bdd963b0.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop MXP64-C1 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"76f34b71fc9fb641507ff6a822cc07f5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Db%2BsCflX272cp0nmvoT2kiVjrdzOUT%2FBS1vyqr0Tv2fN4rAO5%2B2WcdzjhdWWeAwxlre1rbCSqYtt4pFzoc9EmzDQ%2Bjaz8lrWJEwM8gxRSAX1VuIFSr8sVDDQ3zHQG0wxoTTAIAcaQh410lDXNt5MTQjOEA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 6f31780cbc60d769-MRS access-control-allow-headers fa-kit-token x-amz-cf-id v5Uge5j5wwiEMn42DyblSmAy39HGeMkV_wcnkWioXT7WdN-F9g57sg==
GET H2	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	3 KB 2 KB	269ms 103ms	Fetch text/css	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=dc80a7978d Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/dc80a7978d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT via 1.1 ba5fe64f4b79b31baa8e0dd63a6b67c4.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop MXP64-C1 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"f2e0b2680d9b0bcb6e0039c4424e5a59" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruqPGdYVj0t568rXxJwzD72TEu%2F0KwSxkaTyZvWOVuzTctm6uawcg8PkYzBY29waMDzvrD4whtX0iPVbrTlWteeqb2%2B2RpnJzEuPDKWauW0dpmj%2FsnP6UrPXm%2BXEdqWO7JRchrDkQST7ag3UFjdqyrJgvw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 6f31780cbc64d769-MRS access-control-allow-headers fa-kit-token x-amz-cf-id FLAfQE29ZwzhOIzMU9J5ovYITrN98iIntcEIZGFmuvI1nORfGn7dig==
GET H2	200	css fonts.googleapis.com/	2 KB 1018 B	137ms 49ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito Requested by Host: www.newsdle.com URL: https://www.newsdle.com/css/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3c611b3055608248d521993f3cf8aa7b73735e9b38c3b2cf2363d6d004765441 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 28 Mar 2022 15:06:25 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 28 Mar 2022 15:41:15 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 28 Mar 2022 15:41:15 GMT
POST H2	204	collect www.google-analytics.com/g/	0 347 B	144ms 53ms	Ping text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-CKRTGQ2RF3&gtm=2oe3e0&_p=1039536159&sr=1600x1200&ul=en-us&cid=1599567675.1648482076&_s=1&dl=https%3A%2F%2Fwww.newsdle.com%2Fschools-competition&dt=Competition%20%7C%20Newsdle&sid=1648482075&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CKRTGQ2RF3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers pragma no-cache date Mon, 28 Mar 2022 15:41:15 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.newsdle.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	nexa-bold.otf www.newsdle.com/fonts/	30 KB 30 KB	25ms 24ms	Font application/vnd.oasis.opendocument.formula-template	185.149.109.53 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://www.newsdle.com/fonts/nexa-bold.otf Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.149.109.53 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS b9956d35.reverse.layershift.co.uk Software nginx / Resource Hash 560e2a7c71152e105c471706a438901c07a55d01105af39a4c2804f7f0ef727a Request headers Referer https://www.newsdle.com/schools-competition Origin https://www.newsdle.com Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT last-modified Wed, 23 Feb 2022 09:14:41 GMT server nginx accept-ranges bytes etag "76b4-5d8abe551584f" content-length 30388 content-type application/vnd.oasis.opendocument.formula-template
GET H2	200	nexa.otf www.newsdle.com/fonts/	29 KB 30 KB	24ms 24ms	Font application/vnd.oasis.opendocument.formula-template	185.149.109.53 LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://www.newsdle.com/fonts/nexa.otf Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.149.109.53 , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS b9956d35.reverse.layershift.co.uk Software nginx / Resource Hash 3a52bad7a0dabc0a446ef629c8c77588875a54e62bdb3acbd9938b558bf66b65 Request headers Referer https://www.newsdle.com/schools-competition Origin https://www.newsdle.com Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT last-modified Wed, 23 Feb 2022 09:14:41 GMT server nginx accept-ranges bytes etag "7534-5d8abe5515c37" content-length 30004 content-type application/vnd.oasis.opendocument.formula-template
GET H2	200	545343933434388 Show response connect.facebook.net/signals/config/	307 KB 88 KB	134ms 133ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/545343933434388?v=2.9.57&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c6a1eb81f63834acc1b23f80e0c2111a5f2612c4e1ef947bf92e399ccdfb3e0e Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug x1hP4m8tWbOPkvcHxXh36lziLHsKWCCzBc1dp5EK/u44CItawGZJViFoqxN4Y6c7XlooJ7+266UDlHp7EZxEQg== x-fb-trip-id 686109401 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Mon, 28 Mar 2022 15:41:15 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	track Show response ts.k8s.sprintserver.co.uk/	36 B 157 B	236ms 34ms	XHR text/html	68.183.254.90 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ts.k8s.sprintserver.co.uk/track Requested by Host: app8.campus-site.com URL: https://app8.campus-site.com/assets/application/js/tracking.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 68.183.254.90 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Express Resource Hash c161a8972fd2f4518dec78e82278e00e0d7cff30ac2f2af313a9584bf0e1a2e4 Request headers Referer https://www.newsdle.com/ Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Mon, 28 Mar 2022 15:41:16 GMT etag W/"24-NZ0LIAfbzVYbTm3olHAp8dSyIpE" x-powered-by Express content-length 36 content-type text/html; charset=utf-8
GET H2	200	rp.gif alb.reddit.com/	42 B 157 B	185ms 116ms	Image image/gif	151.101.1.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1648482075800&id=t2_eo9xhw0g&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&uuid=09e383c7-dc90-4026-99be-8522e7acf810&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_da535582 Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.140 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT via 1.1 varnish server Varnish content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
GET H2	200	/ www.facebook.com/tr/	44 B 408 B	123ms 41ms	Image image/gif	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=545343933434388&ev=PageView&dl=https%3A%2F%2Fwww.newsdle.com%2Fschools-competition&rl=&if=false&ts=1648482075816&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648482075815.1473481225&it=1648482075617&coo=false&exp=p1&rqm=GET Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Mon, 28 Mar 2022 15:41:15 GMT
GET H3	200	free-fa-brands-400.woff2 ka-f.fontawesome.com/releases/v5.15.4/webfonts/	75 KB 76 KB	267ms 180ms	Font font/woff2	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2 Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813 Request headers Referer https://www.newsdle.com/ Origin https://www.newsdle.com Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT via 1.1 7a06a73d3c4d9b2940678fa230525000.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop MXP64-C1 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 76736 last-modified Wed, 04 Aug 2021 18:58:24 GMT server cloudflare etag "4f5ec865a8274ab291b6a42b5f70639e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLkN%2F8DyENlrRyPeCiX4agQ3lF7t3mKna%2F9ZcZp%2FReEeeo%2B7HKbS1%2Fg%2BHFibjGfAymkISzApA1x3MywJWhss4%2BAXdwhfSPWuez6XKggW0Zy8NFQ7YDn%2F4wxhfDZJ%2FqikHzQp8YkFxzx2yCu%2BxyRRCQmAIg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 6f31780e98b15fbe-MRS access-control-allow-headers fa-kit-token x-amz-cf-id yloFWF7cyBgPM0pafQIPyaPaDI-KGwHV6mYb3R_iHwUi4aB0Af8oDA==
GET H3	200	free-fa-solid-900.woff2 ka-f.fontawesome.com/releases/v5.15.4/webfonts/	76 KB 77 KB	188ms 102ms	Font font/woff2	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2 Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7 Request headers Referer https://www.newsdle.com/ Origin https://www.newsdle.com Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:15 GMT via 1.1 04ef40fa4057e9f4ef2012df984a2c74.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop MXP64-C1 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 78168 last-modified Wed, 04 Aug 2021 18:58:24 GMT server cloudflare etag "a9fd1225fb2cd32320e2b931dca01089" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vioR0mAhppKoP5HVF%2F6kpiMqkgKxkBJSYT0AQRpdislL%2BoIhDFqImSnR8QWbmC0BnCvfRpz6JA2c6sJiWYc5xiR%2Bqx9gOVrreD7pO70Ay25urcQUtqph9l0JAh4J%2BL9gUuCtAG3%2B5AMbkIxzIEQ8FvzZ%2FA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 6f31780e98ae5fbe-MRS access-control-allow-headers fa-kit-token x-amz-cf-id d2jpOpWz8n9JNYvHfLpWrBkvUswzSdisEHyyquJ1CqvgiDQjJzXRIA==
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	83ms 40ms	Image image/gif	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=545343933434388&ev=Microdata&dl=https%3A%2F%2Fwww.newsdle.com%2Fschools-competition&rl=&if=false&ts=1648482076318&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Competition%20%7C%20Newsdle%22%2C%22meta%3Adescription%22%3A%22To%20celebrate%20to%20the%20New%20Year%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Competition%20%7C%20Newsdle%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22To%20celebrate%20to%20the%20New%20Year%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.newsdle.com%2Fimg%2Fnewsdle-banner-new.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%221120%22%2C%22og%3Aimage%3Aheight%22%3A%22627%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fwww.newsdle.com%2Fimg%2Fnewsdle-banner-new.jpg%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Atitle%22%3A%22Competition%20%7C%20Newsdle%22%2C%22twitter%3Adescription%22%3A%22To%20celebrate%20to%20the%20New%20Year%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fwww.newsdle.com%2Fimg%2Fnewsdle-banner-new.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1648482075815.1473481225&it=1648482075617&coo=false&es=automatic&tm=3&exp=p1&rqm=GET Requested by Host: www.newsdle.com URL: https://www.newsdle.com/schools-competition Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.newsdle.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 Response headers date Mon, 28 Mar 2022 15:41:16 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Mon, 28 Mar 2022 15:41:16 GMT

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| fbq function| _fbq function| gtag object| dataLayer function| rdt string| c_id function| $ function| jQuery object| FontAwesomeKitConfig object| google_tag_manager object| google_tag_data object| gaGlobal object| __core-js_shared__ object| core function| setImmediate function| clearImmediate function| _ function| Popper function| axios function| Pusher object| Echo function| Vue function| sprintf function| vsprintf object| is function| moment object| regeneratorRuntime function| io object| app function| onYouTubeIframeAPIReady function| setCookie function| getCookie string| campusBaseURL string| trackingURL object| xmlhttp string| send_data object| configArgs number| pixelRatio number| width number| height object| screenSize boolean| isBetaAdvertiser object| labels

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.newsdle.com/	1970-01-20 01:54:49	Name: XSRF-TOKEN Value: eyJpdiI6Ii8rVkdjQlNqekpQZGtTTjVHNnkxR2c9PSIsInZhbHVlIjoia1NiMVZSeUdPNFRxa05QYmpFUmhNL2dLNmsvKytIeTY5NDdSQ0s1SjFpNGZkU0Z4ekdCd21yanVMOVRDdklwTklLV0d4WUdRRDRLRE94dHN4VStzNGxxczBoczl6bDJLMG8reHgvQUNTOG9xVlAzNXExR2o4MmJ1U2JrdXJqS2siLCJtYWMiOiJlODgwMTYyNmJkNGNmZDMxMTliYzc4NDVjOTBjNWQ2NzlmMjRiNzdiZDdiMGMzMDIzYjI0ZGY5NDYyOGEwMzVhIiwidGFnIjoiIn0%3D
			.newsdle.com/	1970-01-20 01:54:49	Name: newsdle_session Value: eyJpdiI6IktjUU5UK2MyZ0ZOVjhHbHgrbTloK1E9PSIsInZhbHVlIjoiUTBTa3JxSDZ4VEtzZENyNzJyb0Ywcm5VVUphQ044cWRldC9nY2FvSXZrM3d6TE43T2MxTUxtZy9tM1J6d0kxSUMzMXhzbUp3WUZ5bjBWc08zbXRWS0ZKQmNDVXVoMWxOaGY1TjBkTWR0ZkxlL05LM2t5UkVBZ3M2a011OHI2WXQiLCJtYWMiOiIxZDJhMjczMDZkZGQ2OGFlMzcxNTY4NGMyMmQyODNlMDlkNjZjMmRjNTM5NzE4M2U4NWVmNDE5NDYwM2Y2MTNiIiwidGFnIjoiIn0%3D
			www.newsdle.com/	1969-12-31 23:59:59	Name: SRVGROUP Value: common
			.newsdle.com/	1970-01-20 19:25:54	Name: _ga_CKRTGQ2RF3 Value: GS1.1.1648482075.1.0.1648482075.0
			.newsdle.com/	1970-01-20 19:25:54	Name: _ga Value: GA1.1.1599567675.1648482076
			.newsdle.com/	1970-01-20 04:04:18	Name: _rdt_uuid Value: 1648482075800.09e383c7-dc90-4026-99be-8522e7acf810
			.newsdle.com/	1970-01-20 04:04:18	Name: _fbp Value: fb.1.1648482075815.1473481225
			.facebook.com/	1970-01-20 04:04:18	Name: fr Value: 0hEY7NSIfc2lr7BLu..BiQdcb...1.0.BiQdcb.
			www.newsdle.com/	1970-02-25 13:54:42	Name: cc_cookie_id Value: c28e5fe4-afe3-43df-b2d8-0c744b5cd97b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
app8.campus-site.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
ka-f.fontawesome.com
kit.fontawesome.com
ts.k8s.sprintserver.co.uk
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.newsdle.com
www.redditstatic.com
151.101.1.140
157.245.29.113
185.149.109.53
2001:4de0:ac18::1:a:3a
2606:4700::6810:135e
2606:4700::6812:1734
2a00:1450:4001:809::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:200::396
2a06:98c1:3120::7
68.183.254.90
01471db127f703a743514a3475f443801b6da4f797c86237f0be921472efbe37
09eeaa61b336d90e9696174fc71a61b4cbe3222738d619e2a249d8d8de8c5a86
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1621b68616ffe054b66116bd73ee8eeb15bb3519111d267bed919ca098dfc5ea
1d899ab4a2f43dd1dbfb20cc50346678afcdf6f85778b875b318ece3cb9e311a
3a52bad7a0dabc0a446ef629c8c77588875a54e62bdb3acbd9938b558bf66b65
3c611b3055608248d521993f3cf8aa7b73735e9b38c3b2cf2363d6d004765441
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
4dc77ee90dc2225b57b31d28fe06213cd6c491bdc7249a6e70ebd003b72c5702
560e2a7c71152e105c471706a438901c07a55d01105af39a4c2804f7f0ef727a
63bd8233c5a345c8c59e1f6485b5d04f8496911d11fe077ac89e05eb38035a54
640a0413526c93f39ea41a50d7ace9f559ec5d69ab954056db236a10a813ff4d
6473c18cd5302d6e3e9e7e97990aa50616ab679726c44c515adeca53ed5edacd
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8e869c11801d33d3c00de3a6bd70c7cd4089ba02c587a0cb3d23a71c3b9d455e
90bd43345a25c06d587921bf910e4f729f3137998cbf901a6e324ce488ccddb6
9220644af8fd680f836a1228383a712d2d4eb3a91e1cede8d62c75d0b755d0cb
a6faae161b945ac93f29e8bb7f642edce7edde1cc8b6fa530e518bfd3687c194
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
c161a8972fd2f4518dec78e82278e00e0d7cff30ac2f2af313a9584bf0e1a2e4
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c6a1eb81f63834acc1b23f80e0c2111a5f2612c4e1ef947bf92e399ccdfb3e0e
dc832faf8ca21fb791b9abb9a3ba334ef3e31914317791dd53510b8a24d0621d
e3841e8949434432ce550165041f75897b54e895b2f079b4dff8b35415af17fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec810f73e9b9799948c2b94de8f5ae8806c456e030804132a6d39ee0dd2213f0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5fa8a0a6b380e41e3c75f15622c014bde1a4b1321dc85a41a2dd72f9675a17a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda